Re: [linux-yocto] [kernel-cache][RFC][ PATCH] features/tpm: split into tpm-1.2, tpm-2.0, tpm-2.0-crb and vtpm feature

[Stefan Herbrechtsmeier]

Hi Armin

Am 21.02.2022 um 18:29 schrieb akuster808:

On 2/20/22 20:18, Bruce Ashfield wrote:
In message: [kernel-cache][RFC][ PATCH] features/tpm: split into 
tpm-1.2, tpm-2.0, tpm-2.0-crb and vtpm feature

on 18/02/2022 Stefan Herbrechtsmeier wrote:


From: Stefan Herbrechtsmeier 

Split the tpm feature into individual features as the tpm feature is
only usable on x86 because of its dependencies:

Config 'TCG_NSC' has the following Direct dependencies (TCG_NSC=n):
 X86(undefined/n) && TCG_TPM(=y)
Config 'TCG_ATMEL' has the following Direct dependencies (TCG_ATMEL=n):
 PPC64(undefined/n) || HAS_IOPORT_MAP(=n) (=n) && TCG_TPM(=y)
Config 'TCG_INFINEON' has the following Direct dependencies 
(TCG_INFINEON=n):

 PNP(=n) && TCG_TPM(=y)
Config 'TCG_CRB' has the following Direct dependencies (TCG_CRB=n):
 ACPI(undefined/n) && TCG_TPM(=y)

Signed-off-by: Stefan Herbrechtsmeier 



---
The commit adds new features to keep features/tpm/tpm backward
compatible.

At a glance, this looks fine to me. I'll see if anyone else has
comments, and then let this soak for a few days.


This will allow folks to enable the version that applies to their 
needs.  I would roll meta-security to adapt to these changes.


Does meta-security needs more features to enable TPM-1.2 i2c, spi and 
x86 separate?


Regards
  Stefan




-armin


Bruce


  features/tpm/tpm-1.2.cfg | 11 +++
  features/tpm/tpm-1.2.scc |  7 +++
  features/tpm/tpm-2.0-crb.cfg |  3 +++
  features/tpm/tpm-2.0-crb.scc |  7 +++
  features/tpm/tpm-2.0.cfg |  4 
  features/tpm/tpm-2.0.scc |  7 +++
  features/tpm/tpm-common.cfg  |  7 +++
  features/tpm/tpm-common.scc  |  5 +
  features/tpm/tpm.cfg | 20 
  features/tpm/tpm.scc |  8 ++--
  features/tpm/vtpm.cfg    |  3 +++
  features/tpm/vtpm.scc    |  7 +++
  12 files changed, 67 insertions(+), 22 deletions(-)
  create mode 100644 features/tpm/tpm-1.2.cfg
  create mode 100644 features/tpm/tpm-1.2.scc
  create mode 100644 features/tpm/tpm-2.0-crb.cfg
  create mode 100644 features/tpm/tpm-2.0-crb.scc
  create mode 100644 features/tpm/tpm-2.0.cfg
  create mode 100644 features/tpm/tpm-2.0.scc
  create mode 100644 features/tpm/tpm-common.cfg
  create mode 100644 features/tpm/tpm-common.scc
  delete mode 100644 features/tpm/tpm.cfg
  create mode 100644 features/tpm/vtpm.cfg
  create mode 100644 features/tpm/vtpm.scc

diff --git a/features/tpm/tpm-1.2.cfg b/features/tpm/tpm-1.2.cfg
new file mode 100644
index ..d1fcf98c
--- /dev/null
+++ b/features/tpm/tpm-1.2.cfg
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM 1.2 device drivers.
+CONFIG_TCG_TIS_I2C_ATMEL=y
+CONFIG_TCG_TIS_I2C_INFINEON=y
+CONFIG_TCG_TIS_I2C_NUVOTON=y
+CONFIG_TCG_NSC=y
+CONFIG_TCG_ATMEL=y
+CONFIG_TCG_INFINEON=y
+CONFIG_TCG_TIS_ST33ZP24=y
+CONFIG_TCG_TIS_ST33ZP24_I2C=y
+CONFIG_TCG_TIS_ST33ZP24_SPI=y
\ No newline at end of file
diff --git a/features/tpm/tpm-1.2.scc b/features/tpm/tpm-1.2.scc
new file mode 100644
index ..74900486
--- /dev/null
+++ b/features/tpm/tpm-1.2.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group 
Trusted Platform Module) 1.2 drivers"

+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm-1.2.cfg
diff --git a/features/tpm/tpm-2.0-crb.cfg b/features/tpm/tpm-2.0-crb.cfg
new file mode 100644
index ..27a1ba25
--- /dev/null
+++ b/features/tpm/tpm-2.0-crb.cfg
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM device drivers.
+CONFIG_TCG_CRB=y
diff --git a/features/tpm/tpm-2.0-crb.scc b/features/tpm/tpm-2.0-crb.scc
new file mode 100644
index ..50875596
--- /dev/null
+++ b/features/tpm/tpm-2.0-crb.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG CRB TPM (Trusted Computing 
Group Command Response Buffer Trusted Platform Module) 2.0 driver"

+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm2-crb.cfg
diff --git a/features/tpm/tpm-2.0.cfg b/features/tpm/tpm-2.0.cfg
new file mode 100644
index ..9f427afa
--- /dev/null
+++ b/features/tpm/tpm-2.0.cfg
@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM device drivers.
+CONFIG_SPI=y
+CONFIG_TCG_TIS_SPI=y
diff --git a/features/tpm/tpm-2.0.scc b/features/tpm/tpm-2.0.scc
new file mode 100644
index ..68f98702
--- /dev/null
+++ b/features/tpm/tpm-2.0.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group 
Trusted Platform Module) 2.0 drivers"

+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm2.cfg
diff --git a/features/tpm/tpm-common.cfg b/features/tpm/tpm-common.cfg
new file mode 100644
index ..7e2ea6c1
--- /dev/null
+++ b/features/tpm/tpm-common.cfg
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM 

[yocto] [meta-rockchip][PATCH] layers: Bump to use kirkstone

[Khem Raj]

its not going to be backward ABI compatible with honister due to variable 
renaming.

Signed-off-by: Khem Raj 
---
 conf/layer.conf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/conf/layer.conf b/conf/layer.conf
index 25b0a99..a2661f9 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -14,7 +14,7 @@ BBFILE_PRIORITY_rockchip = "1"
 # This should only be incremented on significant changes that will
 # cause compatibility issues with other layers
 LAYERVERSION_rockchip = "1"
-LAYERSERIES_COMPAT_rockchip = "honister"
+LAYERSERIES_COMPAT_rockchip = "kirkstone"
 LAYERDEPENDS_rockchip = "core meta-arm"
 
 BBFILES_DYNAMIC += " \
-- 
2.35.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56231): https://lists.yoctoproject.org/g/yocto/message/56231
Mute This Topic: https://lists.yoctoproject.org/mt/89309323/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] Enhancements/Bugs closed WW08!

[Stephen Jolley]

All,

The below were the owners of enhancements or bugs closed during the last
week!


Who

Count


randy.macl...@windriver.com

6


saul.w...@windriver.com

2


angol...@gmail.com

1


alex.kana...@gmail.com

1


Grand Total

10

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56230): https://lists.yoctoproject.org/g/yocto/message/56230
Mute This Topic: https://lists.yoctoproject.org/mt/89306399/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] Current high bug count owners for Yocto Project 3.5

[Stephen Jolley]

All,

Below is the list as of top 46 bug owners as of the end of WW08 of who have
open medium or higher bugs and enhancements against YP 3.5.   There are 47
possible work days left until the final release candidates for YP 3.5 needs
to be released.


Who

Count


michael.opdenac...@bootlin.com

35


r...@burtonini.com

34


randy.macl...@windriver.com

24


david.re...@windriver.com

22


bruce.ashfi...@gmail.com

17


tim.orl...@konsulko.com

13


sakib.sa...@windriver.com

13


trevor.gamb...@windriver.com

12


mhalst...@linuxfoundation.org

10


richard.pur...@linuxfoundation.org

10


saul.w...@windriver.com

7


bluelightn...@bluelightning.org

6


kai.k...@windriver.com

6


hongxu@windriver.com

4


chee.yang@intel.com

4


jpewhac...@gmail.com

4


qi.c...@windriver.com

3


jon.ma...@arm.com

3


alexandre.bell...@bootlin.com

2


pgowda@gmail.com

2


ms...@mvista.com

2


alejan...@enedino.org

2


yf...@uwaterloo.ca

1


john.kaldas.e...@gmail.com

1


ticot...@gmail.com

1


pa...@zhukoff.net

1


and...@gherzan.com

1


liezhi.y...@windriver.com

1


jay.shen.t...@intel.com

1


nicolas.deche...@linaro.org

1


jas...@gmail.com

1


raj.k...@gmail.com

1


mingli...@windriver.com

1


yi.z...@windriver.com

1


kexin@windriver.com

1


aeh...@gmail.com

1


thomas.per...@bootlin.com

1


matthew...@posteo.net

1


mark.ha...@kernel.crashing.org

1


pokyli...@reliableembeddedsystems.com

1


mostthings...@gmail.com

1


martin.ja...@gmail.com

1


martin.bee...@online.de

1


shac...@vdoo.com

1


open.sou...@oleksandr-kravchuk.com

1


akuster...@gmail.com

1


Grand Total

259

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56229): https://lists.yoctoproject.org/g/yocto/message/56229
Mute This Topic: https://lists.yoctoproject.org/mt/89306337/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] Yocto Project Newcomer & Unassigned Bugs - Help Needed

[Stephen Jolley]

All,

 

The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:

https://wiki.yoctoproject.org/wiki/Bug_Triage#Newcomer_Bugs  Also please
review:
https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded and
how to create a bugzilla account at:

https://bugzilla.yoctoproject.org/createaccount.cgi

The idea is these bugs should be straight forward for a person to help work
on who doesn't have deep experience with the project.  If anyone can help,
please take ownership of the bug and send patches!  If anyone needs
help/advice there are people on irc who can likely do so, or some of the
more experienced contributors will likely be happy to help too.

 

Also, the triage team meets weekly and does its best to handle the bugs
reported into the Bugzilla. The number of people attending that meeting has
fallen, as have the number of people available to help fix bugs. One of the
things we hear users report is they don't know how to help. We (the triage
team) are therefore going to start reporting out the currently 402
unassigned or newcomer bugs.

 

We're hoping people may be able to spare some time now and again to help out
with these.  Bugs are split into two types, "true bugs" where things don't
work as they should and "enhancements" which are features we'd want to add
to the system.  There are also roughly four different "priority" classes
right now,  "3.5, "3.6", "3.99" and "Future", the more pressing/urgent
issues being in "3.4" and then "3.5".

 

Please review this link and if a bug is something you would be able to help
with either take ownership of the bug, or send me (sjolley.yp...@gmail.com
 ) an e-mail with the bug number you would
like and I will assign it to you (please make sure you have a Bugzilla
account).  The list is at:
https://wiki.yoctoproject.org/wiki/Bug_Triage_Archive#Unassigned_or_Newcomer
_Bugs

 

Thanks,

 

Stephen K. Jolley

Yocto Project Program Manager

*Cell:(208) 244-4460

* Email:  sjolley.yp...@gmail.com
 

 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56228): https://lists.yoctoproject.org/g/yocto/message/56228
Mute This Topic: https://lists.yoctoproject.org/mt/89306319/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] OpenEmbedded Happy Hour February 23 9pm/2100 UTC

[Denys Dmytriyenko]

All,

You are cordially invited to the next OpenEmbedded Happy Hour on February 23 
for Asia/Pacific timezones @ 2100/9pm UTC (4pm ET / 1pm PT):

https://www.openembedded.org/wiki/Calendar
https://www.openembedded.org/wiki/Happy_Hours
https://www.timeanddate.com/worldclock/fixedtime.html?msg=OpenEmbedded+Happy+Hour+February+23=20220223T21

-- 
Regards,
Denys Dmytriyenko 
PGP: 0x420902729A92C964 - https://denix.org/0x420902729A92C964
Fingerprint: 25FC E4A5 8A72 2F69 1186  6D76 4209 0272 9A92 C964

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56227): https://lists.yoctoproject.org/g/yocto/message/56227
Mute This Topic: https://lists.yoctoproject.org/mt/89306213/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] [meta-security][PATCH 2/3] chipsec: fix WARNING

[Armin Kuster]

distutils3.bbclass is deprecated, please use setuptools3.bbclass instead

Signed-off-by: Armin Kuster 
---
 recipes-security/chipsec/chipsec_git.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/recipes-security/chipsec/chipsec_git.bb 
b/recipes-security/chipsec/chipsec_git.bb
index e265a08..156be09 100644
--- a/recipes-security/chipsec/chipsec_git.bb
+++ b/recipes-security/chipsec/chipsec_git.bb
@@ -20,7 +20,7 @@ EXTRA_OEMAKE = "CC='${CC}' LDFLAGS='${LDFLAGS}' 
CFLAGS='${CFLAGS}'"
 DEPENDS = "virtual/kernel nasm-native python3-setuptools-native"
 RDEPENDS:${PN} += "python3 python3-modules"
 
-inherit module distutils3
+inherit module setuptools3
 
 do_compile:append() {
cd ${S}/drivers/linux
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56225): https://lists.yoctoproject.org/g/yocto/message/56225
Mute This Topic: https://lists.yoctoproject.org/mt/89303866/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] [meta-security][PATCH 1/3] recipes: Use renamed SKIP_RECIPE varFlag

[Armin Kuster]

Signed-off-by: Armin Kuster 
---
 recipes-ids/tripwire/tripwire_2.4.3.7.bb | 2 +-
 recipes-security/libest/libest_3.2.0.bb  | 2 +-
 recipes-security/opendnssec/opendnssec_2.1.10.bb | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/recipes-ids/tripwire/tripwire_2.4.3.7.bb 
b/recipes-ids/tripwire/tripwire_2.4.3.7.bb
index 93cb443..5bb0e3e 100644
--- a/recipes-ids/tripwire/tripwire_2.4.3.7.bb
+++ b/recipes-ids/tripwire/tripwire_2.4.3.7.bb
@@ -74,4 +74,4 @@ FILES:${PN}-ptest += "${PTEST_PATH}/tests "
 RDEPENDS:${PN} += " perl nano msmtp cronie"
 RDEPENDS:${PN}-ptest = " perl lib-perl perl-modules "
 
-PNBLACKLIST[tripwire] ?= "Upsteram project appears to be abondoned, fails to 
build with gcc11"
+SKIP_RECIPE[tripwire] ?= "Upsteram project appears to be abondoned, fails to 
build with gcc11"
diff --git a/recipes-security/libest/libest_3.2.0.bb 
b/recipes-security/libest/libest_3.2.0.bb
index 41a4025..b4c6165 100644
--- a/recipes-security/libest/libest_3.2.0.bb
+++ b/recipes-security/libest/libest_3.2.0.bb
@@ -27,4 +27,4 @@ PACKAGES = "${PN} ${PN}-dbg ${PN}-dev"
 FILES:${PN} = "${bindir}/* ${libdir}/libest-3.2.0p.so"
 
 # https://github.com/cisco/libest/issues/104
-PNBLACKLIST[libest] ?= "Needs porting to openssl 3.x"
+SKIP_RECIPE[libest] ?= "Needs porting to openssl 3.x"
diff --git a/recipes-security/opendnssec/opendnssec_2.1.10.bb 
b/recipes-security/opendnssec/opendnssec_2.1.10.bb
index 6b53711..64bacf1 100644
--- a/recipes-security/opendnssec/opendnssec_2.1.10.bb
+++ b/recipes-security/opendnssec/opendnssec_2.1.10.bb
@@ -33,4 +33,4 @@ do_install:append () {
 
 RDEPENDS:${PN} = "softhsm"
 
-PNBLACKLIST[opendnssec] ?= "Needs porting to openssl 3.x"
+SKIP_RECIPE[opendnssec] ?= "Needs porting to openssl 3.x"
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56224): https://lists.yoctoproject.org/g/yocto/message/56224
Mute This Topic: https://lists.yoctoproject.org/mt/89303865/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] [meta-security][PATCH 3/3] smack: Use new CVE_CHECK_IGNORE variable

[Armin Kuster]

Signed-off-by: Armin Kuster 
---
 recipes-mac/smack/smack_1.3.1.bb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/recipes-mac/smack/smack_1.3.1.bb b/recipes-mac/smack/smack_1.3.1.bb
index 79a8f5a..7a8ca78 100644
--- a/recipes-mac/smack/smack_1.3.1.bb
+++ b/recipes-mac/smack/smack_1.3.1.bb
@@ -14,9 +14,9 @@ SRC_URI = " \
 PV = "1.3.1"
 
 # CVE-2014-0363, CVE-2014-0364, CVE-2016-10027 is valnerble for other product.
-CVE_CHECK_WHITELIST += "CVE-2014-0363"
-CVE_CHECK_WHITELIST += "CVE-2014-0364"
-CVE_CHECK_WHITELIST += "CVE-2016-10027"
+CVE_CHECK_IGNORE += "CVE-2014-0363"
+CVE_CHECK_IGNORE += "CVE-2014-0364"
+CVE_CHECK_IGNORE += "CVE-2016-10027"
 
 inherit autotools update-rc.d pkgconfig ptest
 inherit 
${@bb.utils.contains('VIRTUAL-RUNTIME_init_manager','systemd','systemd','', d)}
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56226): https://lists.yoctoproject.org/g/yocto/message/56226
Mute This Topic: https://lists.yoctoproject.org/mt/89303867/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [linux-yocto] [kernel-cache][RFC][ PATCH] features/tpm: split into tpm-1.2, tpm-2.0, tpm-2.0-crb and vtpm feature

[Armin Kuster]

On 2/20/22 20:18, Bruce Ashfield wrote:

In message: [kernel-cache][RFC][ PATCH] features/tpm: split into tpm-1.2, 
tpm-2.0, tpm-2.0-crb and vtpm feature
on 18/02/2022 Stefan Herbrechtsmeier wrote:


From: Stefan Herbrechtsmeier 

Split the tpm feature into individual features as the tpm feature is
only usable on x86 because of its dependencies:

Config 'TCG_NSC' has the following Direct dependencies (TCG_NSC=n):
 X86(undefined/n) && TCG_TPM(=y)
Config 'TCG_ATMEL' has the following Direct dependencies (TCG_ATMEL=n):
 PPC64(undefined/n) || HAS_IOPORT_MAP(=n) (=n) && TCG_TPM(=y)
Config 'TCG_INFINEON' has the following Direct dependencies (TCG_INFINEON=n):
 PNP(=n) && TCG_TPM(=y)
Config 'TCG_CRB' has the following Direct dependencies (TCG_CRB=n):
 ACPI(undefined/n) && TCG_TPM(=y)

Signed-off-by: Stefan Herbrechtsmeier 

---
The commit adds new features to keep features/tpm/tpm backward
compatible.

At a glance, this looks fine to me. I'll see if anyone else has
comments, and then let this soak for a few days.


This will allow folks to enable the version that applies to their 
needs.  I would roll meta-security to adapt to these changes.


-armin


Bruce


  features/tpm/tpm-1.2.cfg | 11 +++
  features/tpm/tpm-1.2.scc |  7 +++
  features/tpm/tpm-2.0-crb.cfg |  3 +++
  features/tpm/tpm-2.0-crb.scc |  7 +++
  features/tpm/tpm-2.0.cfg |  4 
  features/tpm/tpm-2.0.scc |  7 +++
  features/tpm/tpm-common.cfg  |  7 +++
  features/tpm/tpm-common.scc  |  5 +
  features/tpm/tpm.cfg | 20 
  features/tpm/tpm.scc |  8 ++--
  features/tpm/vtpm.cfg|  3 +++
  features/tpm/vtpm.scc|  7 +++
  12 files changed, 67 insertions(+), 22 deletions(-)
  create mode 100644 features/tpm/tpm-1.2.cfg
  create mode 100644 features/tpm/tpm-1.2.scc
  create mode 100644 features/tpm/tpm-2.0-crb.cfg
  create mode 100644 features/tpm/tpm-2.0-crb.scc
  create mode 100644 features/tpm/tpm-2.0.cfg
  create mode 100644 features/tpm/tpm-2.0.scc
  create mode 100644 features/tpm/tpm-common.cfg
  create mode 100644 features/tpm/tpm-common.scc
  delete mode 100644 features/tpm/tpm.cfg
  create mode 100644 features/tpm/vtpm.cfg
  create mode 100644 features/tpm/vtpm.scc

diff --git a/features/tpm/tpm-1.2.cfg b/features/tpm/tpm-1.2.cfg
new file mode 100644
index ..d1fcf98c
--- /dev/null
+++ b/features/tpm/tpm-1.2.cfg
@@ -0,0 +1,11 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM 1.2 device drivers.
+CONFIG_TCG_TIS_I2C_ATMEL=y
+CONFIG_TCG_TIS_I2C_INFINEON=y
+CONFIG_TCG_TIS_I2C_NUVOTON=y
+CONFIG_TCG_NSC=y
+CONFIG_TCG_ATMEL=y
+CONFIG_TCG_INFINEON=y
+CONFIG_TCG_TIS_ST33ZP24=y
+CONFIG_TCG_TIS_ST33ZP24_I2C=y
+CONFIG_TCG_TIS_ST33ZP24_SPI=y
\ No newline at end of file
diff --git a/features/tpm/tpm-1.2.scc b/features/tpm/tpm-1.2.scc
new file mode 100644
index ..74900486
--- /dev/null
+++ b/features/tpm/tpm-1.2.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group Trusted 
Platform Module) 1.2 drivers"
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm-1.2.cfg
diff --git a/features/tpm/tpm-2.0-crb.cfg b/features/tpm/tpm-2.0-crb.cfg
new file mode 100644
index ..27a1ba25
--- /dev/null
+++ b/features/tpm/tpm-2.0-crb.cfg
@@ -0,0 +1,3 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM device drivers.
+CONFIG_TCG_CRB=y
diff --git a/features/tpm/tpm-2.0-crb.scc b/features/tpm/tpm-2.0-crb.scc
new file mode 100644
index ..50875596
--- /dev/null
+++ b/features/tpm/tpm-2.0-crb.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG CRB TPM (Trusted Computing Group Command 
Response Buffer Trusted Platform Module) 2.0 driver"
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm2-crb.cfg
diff --git a/features/tpm/tpm-2.0.cfg b/features/tpm/tpm-2.0.cfg
new file mode 100644
index ..9f427afa
--- /dev/null
+++ b/features/tpm/tpm-2.0.cfg
@@ -0,0 +1,4 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM device drivers.
+CONFIG_SPI=y
+CONFIG_TCG_TIS_SPI=y
diff --git a/features/tpm/tpm-2.0.scc b/features/tpm/tpm-2.0.scc
new file mode 100644
index ..68f98702
--- /dev/null
+++ b/features/tpm/tpm-2.0.scc
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+define KFEATURE_DESCRIPTION "Enable TCG TPM (Trusted Computing Group Trusted 
Platform Module) 2.0 drivers"
+define KFEATURE_COMPATIBILITY board
+
+include tpm-common.scc
+
+kconf hardware tpm2.cfg
diff --git a/features/tpm/tpm-common.cfg b/features/tpm/tpm-common.cfg
new file mode 100644
index ..7e2ea6c1
--- /dev/null
+++ b/features/tpm/tpm-common.cfg
@@ -0,0 +1,7 @@
+# SPDX-License-Identifier: MIT
+# Enable TPM hardware support.
+CONFIG_TCG_TPM=y
+CONFIG_HW_RANDOM=y
+CONFIG_HW_RANDOM_TPM=y
+CONFIG_TCG_TIS_CORE=y
+CONFIG_TCG_TIS=y
diff --git a/features/tpm/tpm-common.scc 

[yocto] extract several source tree with devtool

[Julien STEPHAN]

Hi all,

I am wondering if it is possible to extract both a git repo and a tarball
using devtool modify?
Example:
I am trying to use devtool modify on tensorflow-lite recipe (
https://git.yoctoproject.org/meta-tensorflow/tree/recipes-framework/tensorflow/tensorflow_2.6.1.bb).
The `tensorflow.inc` file fetches the tensorflow repository using git, then
`tensorflow_2.6.1.bb` fetches 2 tarballs. The tarballs are extracted inside
WORKDIR then files are installed inside the do_install() function.  This is
running correctly using `bitbake tensorflow`. When using `devtool modify
tensorflow`, the tarballs are not extracted, then I get an error at the
do_install stage: files from tarball don't exist.

This is a general question not related to tensorflow. Any suggestions on
how to handle this? Either on the recipe side or on the devtool side?
Best
Julien

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56223): https://lists.yoctoproject.org/g/yocto/message/56223
Mute This Topic: https://lists.yoctoproject.org/mt/89298811/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [yocto] coreutils-native-8.32-r0 do_configure: configure failed

[Ross Burton]

On Mon, 21 Feb 2022 at 13:14, Sourabh Hegde  wrote:
> configure: error: you should not run configure as root (set 
> FORCE_UNSAFE_CONFIGURE=1 in environment to bypass this check)

Are you running bitbake as root?

Ross

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56222): https://lists.yoctoproject.org/g/yocto/message/56222
Mute This Topic: https://lists.yoctoproject.org/mt/89292917/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] coreutils-native-8.32-r0 do_configure: configure failed

[Sourabh Hegde]

Hello All,

I am facing an issue while building images for Raspberry Pi CM4. Earlier I was 
working with Dunfell release and now upgraded to Honister. And now I am getting 
an error like:

.
.
checking whether mkdir handles trailing slash... yes
checking whether mkdir handles trailing dot... yes
checking for mkfifo... yes
checking whether mkfifo rejects trailing slashes... yes
checking whether mknod can create fifo without root privileges... configure: 
error: in 
`/home/raspcm4/build-rauc/tmp-glibc/work/x86_64-linux/coreutils-native/8.32-r0/build':
configure: error: you should not run configure as root (set 
FORCE_UNSAFE_CONFIGURE=1 in environment to bypass this check)
See `config.log' for more details
NOTE: The following config.log files may provide further information.
NOTE: 
/home/raspcm4/build-rauc/tmp-glibc/work/x86_64-linux/coreutils-native/8.32-r0/build/config.log
ERROR: configure failed
WARNING: exit code 1 from a shell command.
.
.

I have set "export FORCE_UNSAFE_CONFIGURE=1" but still getting same error.

I am building from "/home/ dir and not "/root/" dir.

Can someone please let me know how to resolve this issue?

Your help will be much appreciated.

Thanks in advance.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56221): https://lists.yoctoproject.org/g/yocto/message/56221
Mute This Topic: https://lists.yoctoproject.org/mt/89292917/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto-announce] [ANNOUNCEMENT] Yocto Project 3.4.2 (honister) is Released

[Lee Chee Yang]

Hi

We are pleased to announce the Yocto Project 3.4.2 Release is now available for 
download.

http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2

A gpg signed version of these release notes is available at:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/RELEASENOTES

Full Test Report:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/testreport.txt

Thank you for everyone's contributions to this release.

Chee Yang Lee
chee.yang@intel.com
Yocto Project Build and Release


- --
yocto-3.4.2 Release Notes
- --


- --
Repositories/Downloads
- --

Repository Name: poky
Repository Location: https://git.yoctoproject.org/git/poky
Branch: honister
Tag: yocto-3.4.2
Git Revision: e0ab08bb6a32916b457d221021e7f402ffa36b1a
Release Artefact: poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a
sha: 8580dc5067ee426fe347a0d0f7a74c29ba539120bbe8438332339a9c8bce00fd
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2

Repository Name: openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: honister
Tag: yocto-3.4.2
Git Revision: 418a9c4c31615a9e3e011fc2b21fb7154bc6c93a
Release Artefact: oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a
sha: f2ca94a5a7ec669d4c208d1729930dfc1b917846dbb2393d01d6d5856fcbc6de
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a.tar.bz2

Repository Name: meta-mingw
Repository Location: https://git.yoctoproject.org/git/meta-mingw
Branch: honister
Tag: yocto-3.4.2
Git Revision: f5d761cbd5c957e4405c5d40b0c236d263c916a8
Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8
sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2

Repository Name: meta-gplv2
Repository Location: https://git.yoctoproject.org/git/meta-gplv2
Branch: honister
Tag: yocto-3.4.2
Git Revision: f04e4369bf9dd3385165281b9fa2ed1043b0e400
Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400
sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2

Repository Name: bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: honister
Tag: yocto-3.4.2
Git Revision: c039182c79e2ccc54fff5d7f4f266340014ca6e0
Release Artefact: bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0
sha: bd80297f8d8aa40cbcc8a3d4e23a5223454b305350adf34cd29b5fb65c1b4c52
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0.tar.bz2

Repository Name: yocto-docs
Repository Location: https://git.yoctoproject.org/git/yocto-docs
Branch: honister
Tag: yocto-3.4.2
Git Revision: 3061d3d62054a5c3b9e16bfce4bcd186fa7a23d2


- ---
Contributors
- ---
Alexander Kanavin
Alexandre Belloni
Anton Mikanovich
Anuj Mittal
Bruce Ashfield
Carlos Rafael Giani
Chaitanya Vadrevu
Changqing Li
Dhruva Gole
Florian Amstutz
Joshua Watt
Kai Kang
Khairul Rohaizzat Jamaluddin
Khem Raj
Konrad Weihmann
Kory Maincent
Li Wang
Marek Vasut
Markus Volk
Martin Jansa
Max Krummenacher
Michael Opdenacker
Mingli Yu
Oleksiy Obitotskyy
Pavel Zhukov
Peter Kjellerstedt
Pgowda
Quentin Schulz
Richard Purdie
Robert Yang
Ross Burton
Rudolf J Streif
Sakib Sajal
Samuli Piippo
Schmidt, Adriaan
Stefan Herbrechtsmeier
Steve Sakoman
Sundeep KOKKONDA
Teoh Jay Shen
Thomas Perrot
Tim Orling
Vyacheslav Yurkov
Yongxin Liu
pgowda
wangmy

- ---
Known Issues
- ---
N/A

- ---
Security Fixes
- ---
tiff: backport fix for CVE-2022-22844
glibc : Fix CVE-2021-3999
glibc : Fix CVE-2021-3998
glibc : Fix CVE-2022-23219
glibc : Fix CVE-2022-23218
lighttpd: backport a fix for CVE-2022-22707
speex: fix CVE-2020-23903
linux-yocto/5.10: amdgpu: updates for CVE-2021-42327
libsndfile1: fix CVE-2021-4156
xserver-xorg: 

Re: [yocto] [oe] Inclusive Language Proposal for YP/OE

[Marta Rybczynska]

On Mon, Jan 24, 2022 at 5:18 PM Jon Mason  wrote:

> CVE_CHECK_PN_WHITELIST -> CVE_CHECK_SKIPRECIPE
> CVE_CHECK_WHITELIST -> CVE_CHECK_IGNORECVE
>

When running master-next I have found one missing rename, cve-check has
"CVE STATUS" result
which is still Patched, Unpatched, Whitelisted. I propose to rename
Whitelisted to Ignored to be in-line
with the variable rename.

Is there anyone using the states in scripting or other tools today?

Marta

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#56220): https://lists.yoctoproject.org/g/yocto/message/56220
Mute This Topic: https://lists.yoctoproject.org/mt/89289633/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[yocto] [ANNOUNCEMENT] Yocto Project 3.4.2 (honister) is Released

[Lee Chee Yang]

Hi

We are pleased to announce the Yocto Project 3.4.2 Release is now available for 
download.

http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2

A gpg signed version of these release notes is available at:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/RELEASENOTES

Full Test Report:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/testreport.txt

Thank you for everyone's contributions to this release.

Chee Yang Lee
chee.yang@intel.com
Yocto Project Build and Release


- --
yocto-3.4.2 Release Notes
- --


- --
Repositories/Downloads
- --

Repository Name: poky
Repository Location: https://git.yoctoproject.org/git/poky
Branch: honister
Tag: yocto-3.4.2
Git Revision: e0ab08bb6a32916b457d221021e7f402ffa36b1a
Release Artefact: poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a
sha: 8580dc5067ee426fe347a0d0f7a74c29ba539120bbe8438332339a9c8bce00fd
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2

Repository Name: openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: honister
Tag: yocto-3.4.2
Git Revision: 418a9c4c31615a9e3e011fc2b21fb7154bc6c93a
Release Artefact: oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a
sha: f2ca94a5a7ec669d4c208d1729930dfc1b917846dbb2393d01d6d5856fcbc6de
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a.tar.bz2

Repository Name: meta-mingw
Repository Location: https://git.yoctoproject.org/git/meta-mingw
Branch: honister
Tag: yocto-3.4.2
Git Revision: f5d761cbd5c957e4405c5d40b0c236d263c916a8
Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8
sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2

Repository Name: meta-gplv2
Repository Location: https://git.yoctoproject.org/git/meta-gplv2
Branch: honister
Tag: yocto-3.4.2
Git Revision: f04e4369bf9dd3385165281b9fa2ed1043b0e400
Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400
sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2

Repository Name: bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: honister
Tag: yocto-3.4.2
Git Revision: c039182c79e2ccc54fff5d7f4f266340014ca6e0
Release Artefact: bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0
sha: bd80297f8d8aa40cbcc8a3d4e23a5223454b305350adf34cd29b5fb65c1b4c52
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0.tar.bz2

Repository Name: yocto-docs
Repository Location: https://git.yoctoproject.org/git/yocto-docs
Branch: honister
Tag: yocto-3.4.2
Git Revision: 3061d3d62054a5c3b9e16bfce4bcd186fa7a23d2


- ---
Contributors
- ---
Alexander Kanavin
Alexandre Belloni
Anton Mikanovich
Anuj Mittal
Bruce Ashfield
Carlos Rafael Giani
Chaitanya Vadrevu
Changqing Li
Dhruva Gole
Florian Amstutz
Joshua Watt
Kai Kang
Khairul Rohaizzat Jamaluddin
Khem Raj
Konrad Weihmann
Kory Maincent
Li Wang
Marek Vasut
Markus Volk
Martin Jansa
Max Krummenacher
Michael Opdenacker
Mingli Yu
Oleksiy Obitotskyy
Pavel Zhukov
Peter Kjellerstedt
Pgowda
Quentin Schulz
Richard Purdie
Robert Yang
Ross Burton
Rudolf J Streif
Sakib Sajal
Samuli Piippo
Schmidt, Adriaan
Stefan Herbrechtsmeier
Steve Sakoman
Sundeep KOKKONDA
Teoh Jay Shen
Thomas Perrot
Tim Orling
Vyacheslav Yurkov
Yongxin Liu
pgowda
wangmy

- ---
Known Issues
- ---
N/A

- ---
Security Fixes
- ---
tiff: backport fix for CVE-2022-22844
glibc : Fix CVE-2021-3999
glibc : Fix CVE-2021-3998
glibc : Fix CVE-2022-23219
glibc : Fix CVE-2022-23218
lighttpd: backport a fix for CVE-2022-22707
speex: fix CVE-2020-23903
linux-yocto/5.10: amdgpu: updates for CVE-2021-42327
libsndfile1: fix CVE-2021-4156
xserver-xorg: