While we are updating, we refresh one patch to remove fuzz, otherwise
there are no significant changes.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Updating to the latest 19.03 commits:
88820a4793 Merge pull request #41287 from thaJeztah/19.03_backport_bump_netns
dae08c333e vendor: vishvananda/netns db3c7e526aae966c4ccfa6c8189b693d6ac5d202
93cb737687 [19.03] vendor: vishvananda/netns 0a2b9b5464df8343199164a0321edf3313202f7e
7d597ee2c9 Merge pull request #41273 from thaJeztah/19.03_backport_swagger_fixes
22c458b67c Merge pull request #41274 from thaJeztah/19.03_backport_Double_RLock
8b97280f11 Merge pull request #41279 from thaJeztah/19.03_bump_buildkit
eda52d433e [19.03] vendor: moby/buildkit v0.6.4-28-gda1f4bf1
168254fcfa Merge pull request #41277 from AkihiroSuda/rootlesskit-0.10.0-1903
9dc455dffb bump up rootlesskit to v0.10.0
c200868fa2 Merge pull request #41271 from thaJeztah/19.03_backport_remove_dockerproject_from_tests
9eade7d03c docs: API v1.39: move system version response to definitions
4685e9ef72 docs: API v1.40: move system version response to definitions
d8f22d0307 swagger: move system version response to definitions
32366de5f9 plugin: fix a double RLock bug
ad0278f002 docs: API v1.39: fix type for BuildCache CreatedAt and LastUsedAt
cb8b7a282d docs: API v1.40: fix type for BuildCache CreatedAt and LastUsedAt
e1ae07b7a0 swagger: fix type for BuildCache CreatedAt and LastUsedAt
d49278cc17 Merge pull request #41269 from thaJeztah/19.03_update_buildkit
892c228219 Remove apt.dockerproject.org from test
a7e309944b Merge pull request #41248 from thaJeztah/19.03_backport_swagger_updates
765245d54b [19.03] vendor: moby/buildkit v0.6.4-26-ga1e4f48e
2d4bfdc789 Merge pull request #41081 from thaJeztah/19.03_backport_fix_sandbox_cleanup
b990b6c2b0 Merge pull request #41235 from thaJeztah/19.03_backport_bump_golang_1.13.14
4d9397c268 swagger: sync updates to v1.39
51bd95dc95 swagger: sync updates to v1.40
d5ba93575c docs: sync API v1.40 swagger formatting with current version
12b7746a84 docs: sync API v1.39 swagger formatting with current version
0c6bdf5974 docs: add example calculations to container stats API
630185b4ae swagger: add DeviceRequests to container create, inspect example
d7423180e7 swagger: move NetworkingConfig to definitions
c30ff6885e swagger: reformat, and wrap to ~80-chars
7005841048 swagger: clarify the meaning of Image field in ContainerInspect endpoint
1608292c09 Bump Golang 1.13.14
1763b4e88b Bump Go 1.13.13
5e8ab898c7 Merge pull request #41222 from thaJeztah/19.03_bump_buildkit
23d47bd12e [19.03] vendor: moby/buildkit v0.6.4-20-g4cb720ef
789bd1c67b Merge pull request #41192 from ameyag/19.03-hcsshim-vndr
0eaa22b95d Merge pull request #41185 from thaJeztah/19.03_bump_buildkit
9d6053eda2 Revendor hcsshim to fix image import bug
589b07262c vendor: Microsoft/hcsshim v0.8.9
e7c2b106ec [19.03] vendor: buildkit dc6afa0f755f6cbb7e85f0df4ff4b87ec280cb32 (v0.6.4-15-gdc6afa0f)
a40b877fbb Merge pull request #41133 from roidelapluie/bsd2
7dd9fdcfbe Enable client on netbsd and dragonfly
9dc6525e61 Merge pull request #41124 from thaJeztah/19.03_bump_libnetwork
b4ca19a992 vendor: docker/libnetwork 026aabaa659832804b01754aaadd2c0f420c68b6 (bump_19.03 branch)
ae158b371c allocateNetwork: fix network sandbox not cleaned up on failure
And the following cli changes:
80fd48bcb Merge pull request #2635 from thaJeztah/19.03_backport_bump_golang_1.13.14
e5e227672 Bump Golang 1.13.14
79a6c494e Merge pull request #2633 from thaJeztah/19.03_backport_bump_golang_1.13.13
5e05ef345 Merge pull request #2631 from cpuguy83/19.03_handle_close_error_on_save
64d25cc6e Bump Golang 1.13.13
1b96aa29c Merge pull request #2629 from thaJeztah/19.03_backport_circleci_updates
aaf117052 Handle errors on close in config file write.
14010c88b config: preserve ownership and permissions on configfile
3d64a5d4b Move circle.yml to .circleci/config.yml
d0b656088 CircleCI: update docker versions used in CI
b0a78cc1a Merge pull request #2623 from s0j/s0j_19.03_bump-crypto-readconsole
ab8bd02fc vendor: golang.org/x/crypto 2aa609cf4a9d7d1126360de73b55b6002f9e052a
18d6f8f6b Merge pull request #2620 from thaJeztah/19.03_backport_builder_comment_info
7498d9cc4 docs/builder: add note about handling of leading whitespace
cb59cafc3 Merge pull request #2609 from thaJeztah/19.03_backport_docs_fixes
541f050e1 Merge pull request #2608 from thaJeztah/19.03_backport_vendor_bumps
ac7723056 docs: fix example output for docker plugin ls
9c9ff4369 list state `ready` for filtering in stack_ps.md
e3b981c18 vendor konsorten/go-windows-terminal-sequences v1.0.3
ec276f3a6 vendor: mitchellh/mapstructure v1.0.0
c9125cc39 vendor: beorn7/perks v1.0.1
0ed913b88 Merge pull request #2592 from thaJeztah/19.03_backport_logout_config_out_of_sync2
5a12f90b4 Don't filter out registries to logout from with config file contents
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
glibc 2.32 has deprecated sys_siglist, oe-core commit
7c19f30849e9a73a7497d8e6c4719a2e57017086, causing ceph
build to fail with error:
ceph-15.2.0/src/global/signal_handler.h:24:26: error: 'sys_siglist' was
not declared
ceph has support for using reentrant strsignal, hence use it.
See commit 82c40b67f5843162a93ebb2c1a006572d8f256a5 in upstream ceph.
Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Add support for building for AArch64, also remove the requirement to
specify a platform.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bump the Xvisor SHA to a git release with RISC-V 0.5.0 Hypversior
extension support.
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Fix the linux kernel versions referenced in the recipe. For ease of use, add
variables KERNEL_SRC_VER and KERNEL_URL_VER that can be used to udpate the
linux versions.
Signed-off-by: Sai Hari Chandana Kalluri <chandana.kalluri@xilinx.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Remove the remaining 'go' calls, and replace them with $GO. We also
must explicitly pass "GO='go'" on the host side build call.
This avoids the gnu-stubs header file issues, since the 'go' binary
cannot use the sysroot.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Enable linux-yocto-dev as the Linux kernel for Xen on the
Raspberry Pi 4, with the bcm-2xxx-rpi4 KMACHINE and KBRANCH.
Set a Raspberry Pi SD card variable to increase the size of the boot
partition to accommodate both the kernel and the Xen hypervisor.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Retiring use of the downstream vendor kernel for use with Xen.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The GIC that is needed by Xen can be enabled via the rpi-config recipe
variable. Fixes the build after the upstream recipe changed recently.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Replaces the prior use of earlyprintk which is an x86-specific option.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The sdcard class in the meta-raspberrypi layer is now extensible with
support for adding files such as hypervisor binaries to the boot
partition, so this layer can switch to use that and drop the custom
sdcard bbclass.
Uses the new RPI_SDIMG_EXTRA_DEPENDS and DEPLOYPAYLOAD variables,
and: IMAGE_CLASS: sdcard_image-rpi-xen => sdcard_image-rpi
IMAGE_FSTYPE: rpi-xen-sdimg => rpi-sdimg
Please note that the filename suffix of the image is changed by this.
Also apply _raspberrypi4-64 scoping to the Raspberry Pi settings.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We need to be more explicity in our exports and use of 'go' to
build properly with the new binary bootstrapped go toolchain.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
We should tell configure where dmidecode is rather than
have it search the host for it.
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
An error occurs during the install step of libvirt when the variable
PACKAGECONFIG does not contain qemu.
Indeed, in this case, the operation "chown -R qemu:qemu
${D}/${localstatedir}/lib/libvirt/qemu" fails, since the folder
${D}/${localstatedir}/lib/libvirt/qemu has not been created.
The fix consist in doing this operation only if
the variable “PACKAGECONFIG” contains “qemu”.
remark: issue present since the Warrior release of yocto.
Upstream-Status: Pending
Signed-off-by: Nicolas Lavocat <nicolas.lavocat@harman.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Since the hypervisor recipe does not install init scripts, it does not
include update-rc.d.bbclass, which defines INIT_D_DIR; so move the use
of that and systemd and qemu tools-specific configure settings over into
the tools include file. Fix a hardcoded bindir while at it.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Apply two upstream patches to fix compiler warnings.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Release announcement for Xen 4.14:
https://lists.xenproject.org/archives/html/xen-devel/2020-07/msg01263.html
Make the 4.14 recipe the default preference and advance the git recipe
onto the current 4.15 development branch. Retire the patches for the
earlier versions.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
In preparation for the fall release, update to the 1.19 release
branch of kubernetes, so that the change can soak and we can work
through the rc's
No unexpected build or patch issues with this bump and basic
sanity testing passed. Once ore components are updated, extended
testig will occur.
Sanity built and tested on x86-64 and arm64
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Also drop useless SRC_URI[md5sum], SRC_URI[sha256sum] and FILES_${PN},
and add SRCPV to PV.
Signed-off-by: Ming Liu <ming.liu@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The "meta/recipes-devtools/qemu/qemu.inc" already sets the PACKAGECONFIG[xen].
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Avoids passing the wrong floating point ABI flags to the linker.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
These settings are not needed here. Serial configuration is done
in the bsp layer. Tested and working on the Raspberry Pi 4.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Add a versioned-suffix pair of recipes for Xen 4.14, allowing selection
of which Xen version to build via setting PREFERRED_VERSION.
4.14 is currently still pre-release, so the new recipes for it set
DEFAULT_PREFERENCE to -1, and the default for now remains the existing
stable version. Forward ports of patches needed for 4.14 are included.
Implementation note: since both this version and the git recipe are
built from git branches -- important for Xen since significant updates
are made available there inbetween point releases -- the recipe includes
'stable' as a string in PV so as to distinguish it from 'git' in the git
recipe, and thereby allow PREFERRED_VERSION to select the correct recipe
in the situation where both happen to be configured with the same XEN_REL.
Signed-off-by: Christopher Clark <christopher.clark6@baesystems.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Bash doesn't deal very well with the quoted "variant" in the
output of the oci-image-index. We can calculate the string at
the top of the function, and just use it as a whole to avoid
needing to figure out the quote escaping.
No changes in the output, except a properly quoted "variant"
when a variant is defined.
We also adjust the definition of "S", since it really wasn't
correct before, and now that we have patches, it is more
important.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The group scheduling options in the lxc fragment were initially
used to support performance guaranteed systems using containers.
This option now causes issues with systemd runtimes and the
original feature it implemented is no longer relevant
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The first part of the kubernetes build generates some host/build files.
These use the build/host compiler and not the cross infrastructure.
It was working by luck on x86 build / target matches, but blows up on
an ARM64 build.
We fix the CC/CFLAGS settings for the host part of the build to use
the host/build flags and then restore the cross settings for the
rest of the build.
Tested on arm64 and x86-64.
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Apply an upstream Xen Release-acked patch to fix kdd debugger
and remove the temporary inhibit of Werror on building that tool.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
An authorization bypass vulnerability was found in Ceph versions 15.2.0 before 15.2.2,
where the ceph-mon and ceph-mgr daemons do not properly restrict access, resulting in
gaining access to unauthorized resources. This flaw allows an authenticated client to
modify the configuration and possibly conduct further attacks.
Upstream patches:
[master] c7e7009a69
[v15.2.2] f2cf2ce1bd
CVE: CVE-2020-10736
Signed-off-by: Liu Haitao <haitao.liu@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
The newer gcc toolchain won't link due to a missing builtin:
__sync_fetch_and_add. Xen is built with -fno-builtin, so add a
patch to implement the one required function.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Aligns with Yocto's current kernel version.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
At the moment the regular meta-raspberrypi SD card class does not allow
for optional inclusion of extra files in the SD card boot partition
without requiring those same files be present in the root filesystem.
This affects hypervisor binaries, such as Xen, which do not necessarily
belong within the guest filesystem.
As a workaround, inherit the sdcard_image-rpi.bbclass and clone the
main IMAGE_CMD function, adding the Xen-specific deploy that is needed.
This can be retired when the parent class has extensibility added.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Kernel patches are in process of Linux review and submission, and are
backported from the Linux Foundation's Eve Project kernel from 5.6 to 5.4
(some patches not needed for 5.4, hence gaps in the patch sequence number)
https://github.com/lf-edge/eve/tree/master/pkg/new-kernel/patches-5.6.x
A bbappend applies Xen overrides to the boot command line.
Since linux-raspberrypi depends on linux-yocto, and
linux-yocto_virtualization introduces a requirement for cfg/virtio.scc
obtain it from the yocto kernel cache.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
A Xen-specific u-boot script is needed for launching Xen, and the GIC
(interrupt controller) needs to be enabled.
Since this is both Xen-specific and Raspberry Pi-specific, use a
dynamic layer to conditionally enable the recipes when both
meta-virtualization and meta-raspberrypi are in use together.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Pull to the current tip of the stable 4.13 branch and apply an upstream
4.14-release-acked patch to xen-tools for a compiler warning in kdd.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
These settings are necessary for Xen and enabling them here, using the
same mechanism that is used by k8s in this layer, simplifies building
images for Xen.
- Ensure that Xen mode is enabled in QEMU.
- On ARM platforms: enable Flattened Device Tree (FDT) support.
Signed-off-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
* it was moved for some reason in:
http://git.yoctoproject.org/cgit/cgit.cgi/meta-virtualization/commit/?id=929372946aeb85953d1ca6acc428d73fbac52a56
but docker-moby uses it as well and now started to fail with:
ERROR: docker-moby-19.03.12+git9dc6525e6118a25fab2be322d1914740ea842495-r0
do_fetch: Fetcher failure: Unable to find file file://docker.init
anywhere. ..
Signed-off-by: Martin Jansa <martin.jansa@lge.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Shell Command and Library to write and read .env like files, it's being
required by python3-docker-compose upper than 1.26.0.
Signed-off-by: Ming Liu <ming.liu@toradex.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
