From b875e855d1cbafb95699b607648dbd98e38c6154 Mon Sep 17 00:00:00 2001 From: Uladzimir Bely Date: Wed, 12 Jul 2023 11:08:20 +0300 Subject: [PATCH 1/3] Update isar revision to next And remove isar patch for optee-os-tadevkit since it's included now. Signed-off-by: Uladzimir Bely --- ...tee-os-Add-package-optee-os-tadevkit.patch | 151 ------------------ kas/iot2050.yml | 5 +- 2 files changed, 1 insertion(+), 155 deletions(-) delete mode 100644 isar-patches/0001-optee-os-Add-package-optee-os-tadevkit.patch diff --git a/isar-patches/0001-optee-os-Add-package-optee-os-tadevkit.patch b/isar-patches/0001-optee-os-Add-package-optee-os-tadevkit.patch deleted file mode 100644 index dc1378d95..000000000 --- a/isar-patches/0001-optee-os-Add-package-optee-os-tadevkit.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: Su Baocheng -Date: Tue, 23 May 2023 00:32:15 +0800 -Subject: [PATCH] optee-os: Add package optee-os-tadevkit - -The TA dev kit is used to build trusted applications, details refer to -[1]. A typical use case of this devkit is a firmware TPM reference -implementation, see [2]. - -1. https://optee.readthedocs.io/en/3.21.0/building/trusted_applications.html -2. https://github.com/microsoft/ms-tpm-20-ref - -Signed-off-by: Su Baocheng ---- - .../optee-os/files/debian/control.tmpl | 4 +-- - meta/recipes-bsp/optee-os/optee-os-custom.inc | 29 +++---------------- - .../optee-os/optee-os-tadevkit-custom.inc | 20 +++++++++++++ - .../{optee-os-custom.inc => optee-os.inc} | 14 +++------ - 4 files changed, 30 insertions(+), 37 deletions(-) - create mode 100644 meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc - copy meta/recipes-bsp/optee-os/{optee-os-custom.inc => optee-os.inc} (62%) - -diff --git a/meta/recipes-bsp/optee-os/files/debian/control.tmpl b/meta/recipes-bsp/optee-os/files/debian/control.tmpl -index 60b3927..fdf898e 100644 ---- a/meta/recipes-bsp/optee-os/files/debian/control.tmpl -+++ b/meta/recipes-bsp/optee-os/files/debian/control.tmpl -@@ -5,6 +5,6 @@ Standards-Version: 3.9.6 - Build-Depends: ${DEBIAN_BUILD_DEPENDS} - Maintainer: ISAR project - --Package: optee-os-${OPTEE_NAME} -+Package: ${DEBIAN_PACKAGE_NAME} - Architecture: ${DISTRO_ARCH} --Description: ${DESCRIPTION}, firmware binaries -+Description: ${DESCRIPTION} -diff --git a/meta/recipes-bsp/optee-os/optee-os-custom.inc b/meta/recipes-bsp/optee-os/optee-os-custom.inc -index d48827a..abe46e8 100644 ---- a/meta/recipes-bsp/optee-os/optee-os-custom.inc -+++ b/meta/recipes-bsp/optee-os/optee-os-custom.inc -@@ -1,38 +1,17 @@ - # Custom OP-TEE OS build - # - # This software is a part of ISAR. --# Copyright (c) Siemens AG, 2020 -+# Copyright (c) Siemens AG, 2020-2023 - # - # SPDX-License-Identifier: MIT - --inherit dpkg -+require optee-os.inc - --FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/files:" -- --SRC_URI += "file://debian/" -- --DESCRIPTION ?= "Custom OP-TEE OS" -- --OPTEE_NAME ?= "${MACHINE}" --OPTEE_PLATFORM ?= "unknown" --OPTEE_EXTRA_BUILDARGS ?= "" --OPTEE_BINARIES ?= "tee-pager_v2.bin" -- --DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools" -+DESCRIPTION:append = ", firmware binaries" - - PROVIDES += "optee-os-${OPTEE_NAME}" - --TEMPLATE_FILES = "debian/control.tmpl debian/rules.tmpl" --TEMPLATE_VARS += "OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS" -- --# split strip platform flavor, if any, from the specified platform string --OPTEE_PLATFORM_BASE = "${@d.getVar('OPTEE_PLATFORM').split('-')[0]}" -- --do_prepare_build() { -- cp -r ${WORKDIR}/debian ${S}/ -- -- deb_add_changelog -- -+do_prepare_build:append() { - rm -f ${S}/debian/optee-os-${OPTEE_NAME}.install - for binary in ${OPTEE_BINARIES}; do - echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/core/$binary /usr/lib/optee-os/${OPTEE_NAME}/" >> \ -diff --git a/meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc b/meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc -new file mode 100644 -index 0000000..85d6c25 ---- /dev/null -+++ b/meta/recipes-bsp/optee-os/optee-os-tadevkit-custom.inc -@@ -0,0 +1,20 @@ -+ -+# Custom OP-TEE OS build -+# -+# This software is a part of ISAR. -+# Copyright (c) Siemens AG, 2023 -+# -+# SPDX-License-Identifier: MIT -+ -+require optee-os.inc -+ -+DEBIAN_PACKAGE_NAME = "optee-os-tadevkit-${OPTEE_NAME}" -+DESCRIPTION:append = ", trust application development kit." -+ -+PROVIDES += "${DEBIAN_PACKAGE_NAME}" -+ -+do_prepare_build:append() { -+ rm -f ${S}/debian/optee-os-tadevkit-${OPTEE_NAME}.install -+ echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/export-ta_${DISTRO_ARCH} /usr/lib/optee-os/" > \ -+ ${S}/debian/optee-os-tadevkit-${OPTEE_NAME}.install -+} -diff --git a/meta/recipes-bsp/optee-os/optee-os-custom.inc b/meta/recipes-bsp/optee-os/optee-os.inc -similarity index 62% -copy from meta/recipes-bsp/optee-os/optee-os-custom.inc -copy to meta/recipes-bsp/optee-os/optee-os.inc -index d48827a..198746b 100644 ---- a/meta/recipes-bsp/optee-os/optee-os-custom.inc -+++ b/meta/recipes-bsp/optee-os/optee-os.inc -@@ -1,7 +1,7 @@ - # Custom OP-TEE OS build - # - # This software is a part of ISAR. --# Copyright (c) Siemens AG, 2020 -+# Copyright (c) Siemens AG, 2020-2023 - # - # SPDX-License-Identifier: MIT - -@@ -18,12 +18,12 @@ OPTEE_PLATFORM ?= "unknown" - OPTEE_EXTRA_BUILDARGS ?= "" - OPTEE_BINARIES ?= "tee-pager_v2.bin" - --DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools" -+DEBIAN_PACKAGE_NAME ?= "optee-os-${OPTEE_NAME}" - --PROVIDES += "optee-os-${OPTEE_NAME}" -+DEBIAN_BUILD_DEPENDS ?= "python3-pycryptodome:native, python3-pyelftools" - - TEMPLATE_FILES = "debian/control.tmpl debian/rules.tmpl" --TEMPLATE_VARS += "OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS" -+TEMPLATE_VARS += "DEBIAN_PACKAGE_NAME OPTEE_NAME DEBIAN_BUILD_DEPENDS OPTEE_PLATFORM OPTEE_EXTRA_BUILDARGS" - - # split strip platform flavor, if any, from the specified platform string - OPTEE_PLATFORM_BASE = "${@d.getVar('OPTEE_PLATFORM').split('-')[0]}" -@@ -32,10 +32,4 @@ do_prepare_build() { - cp -r ${WORKDIR}/debian ${S}/ - - deb_add_changelog -- -- rm -f ${S}/debian/optee-os-${OPTEE_NAME}.install -- for binary in ${OPTEE_BINARIES}; do -- echo "out/arm-plat-${OPTEE_PLATFORM_BASE}/core/$binary /usr/lib/optee-os/${OPTEE_NAME}/" >> \ -- ${S}/debian/optee-os-${OPTEE_NAME}.install -- done - } diff --git a/kas/iot2050.yml b/kas/iot2050.yml index e1c6a6e55..9d1d56745 100644 --- a/kas/iot2050.yml +++ b/kas/iot2050.yml @@ -27,12 +27,9 @@ repos: isar: url: https://github.com/ilbers/isar - refspec: f95f69d3b83cc28976ef81eeefb5ec5dd17e544f + refspec: 9f6b5d92b974158d770a89459962764273995730 layers: meta: - patches: - optee-os-tadevkit: - path: isar-patches/0001-optee-os-Add-package-optee-os-tadevkit.patch cip-core: url: https://gitlab.com/cip-project/cip-core/isar-cip-core.git From 968355e43245c378cae1b19685eb8b0074806a76 Mon Sep 17 00:00:00 2001 From: Uladzimir Bely Date: Wed, 12 Jul 2023 11:10:58 +0300 Subject: [PATCH 2/3] Add a recipe for sbuild-chroot-target-npm This implements a sbuild chroot with 'npm' preinstalled. It is supposed to be used for building packages that inherit npm.bbclass. Signed-off-by: Uladzimir Bely --- recipes-devtools/sbuild-chroot/sbuild-chroot-target-npm.bb | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 recipes-devtools/sbuild-chroot/sbuild-chroot-target-npm.bb diff --git a/recipes-devtools/sbuild-chroot/sbuild-chroot-target-npm.bb b/recipes-devtools/sbuild-chroot/sbuild-chroot-target-npm.bb new file mode 100644 index 000000000..0c264e6ed --- /dev/null +++ b/recipes-devtools/sbuild-chroot/sbuild-chroot-target-npm.bb @@ -0,0 +1,6 @@ +DESCRIPTION = "Isar sbuild/schroot filesystem for target (npm variant)" + +require recipes-devtools/sbuild-chroot/sbuild-chroot-target.bb + +SBUILD_FLAVOR = "npm" +SBUILD_CHROOT_PREINSTALL_EXTRA ?= "npm dpkg-dev" From 16bdd2ad15278d06cefca5c658c43447ba0d6546 Mon Sep 17 00:00:00 2001 From: Uladzimir Bely Date: Wed, 12 Jul 2023 11:18:43 +0300 Subject: [PATCH 3/3] Remove buildchroot dependency from npm.bbclass Switch from buildchroot to npm-flavored sbuild chroot for preparing and building npm packages. Signed-off-by: Uladzimir Bely --- classes/npm.bbclass | 68 +++++++++------------------------------------ 1 file changed, 13 insertions(+), 55 deletions(-) diff --git a/classes/npm.bbclass b/classes/npm.bbclass index 0c7dd542a..d9881b37f 100644 --- a/classes/npm.bbclass +++ b/classes/npm.bbclass @@ -8,7 +8,8 @@ # cp package-lock.json /path/to/recipe/files/npm-shrinkwrap.json inherit dpkg-raw -inherit buildchroot + +SBUILD_FLAVOR = "npm" NPMPN ?= "${PN}" NPM_SHRINKWRAP ?= "file://npm-shrinkwrap.json" @@ -70,43 +71,26 @@ python() { d.setVar('NPM_MAPPED_NAME', mapped_name) } -BUILDROOT = "${BUILDCHROOT_DIR}/${PP}" +SCHROOT_MOUNTS = "${WORKDIR}" npm_fetch_do_mounts() { - mkdir -p ${BUILDROOT} - sudo mount --bind ${WORKDIR} ${BUILDROOT} - - buildchroot_do_mounts + schroot_create_configs + insert_mounts } npm_fetch_undo_mounts() { - i=0 - while ! sudo umount ${BUILDROOT}; do - sleep 0.1 - if [ `expr $i % 100` -eq 0 ] ; then - bbwarn "${BUILDROOT}: Couldn't unmount ($i), retrying..." - fi - if [ $i -ge 10000 ]; then - bbfatal "${BUILDROOT}: Couldn't unmount after timeout" - fi - i=`expr $i + 1` - done - sudo rmdir ${BUILDROOT} + remove_mounts + schroot_delete_configs } def get_npm_bundled_tgz(d): return "{0}-{1}-bundled.tgz".format(d.getVar('NPM_MAPPED_NAME'), d.getVar('PV')) -def runcmd(d, cmd, dir): +def runcmd(d, cmd): import subprocess - import os - uid = os.geteuid() - gid = os.getegid() - chrootcmd = "sudo -E chroot --userspec={0}:{1} ".format(uid, gid) - chrootcmd += d.getVar('BUILDCHROOT_DIR') - chrootcmd += " sh -c 'cd {0}/{1}; {2}'".format(d.getVar('PP'), dir, cmd) + chrootcmd = "schroot -c {0} -- {1}".format(d.getVar('SBUILD_CHROOT'), cmd) bb.note("Running " + chrootcmd) (retval, output) = subprocess.getstatusoutput(chrootcmd) if retval: @@ -124,34 +108,6 @@ def apply_mirrors_in_shrinkwrap(path, pattern, subst): with open(path, 'w') as f: json.dump(data, f, indent=2) -do_install_npm() { - install_cmd="sudo -E chroot ${BUILDCHROOT_DIR} \ - apt-get install -y -o Debug::pkgProblemResolver=yes \ - --no-install-recommends" - - npm_fetch_do_mounts - - E="${@ bb.utils.export_proxies(d)}" - deb_dl_dir_import "${BUILDCHROOT_DIR}" ${BASE_DISTRO}-${BASE_DISTRO_CODENAME} - sudo -E chroot ${BUILDCHROOT_DIR} \ - apt-get update \ - -o Dir::Etc::sourcelist="sources.list.d/isar-apt.list" \ - -o Dir::Etc::sourceparts="-" \ - -o APT::Get::List-Cleanup="0" - ${install_cmd} --download-only ${NPM_CLASS_PACKAGE} - deb_dl_dir_export "${BUILDCHROOT_DIR}" ${BASE_DISTRO}-${BASE_DISTRO_CODENAME} - ${install_cmd} ${NPM_CLASS_PACKAGE} - - npm_fetch_undo_mounts -} -do_install_npm[depends] += "${BUILDCHROOT_DEP}" -do_install_npm[depends] += "${@d.getVarFlag('do_apt_fetch', 'depends')}" -do_install_npm[depends] += "${@(d.getVar('NPM_CLASS_PACKAGE') + ':do_deploy_deb') if d.getVar('OWN_NPM_CLASS_PACKAGE') == '1' else ''}" -do_install_npm[lockfiles] += "${REPO_ISAR_DIR}/isar.lock" -do_install_npm[network] += "${TASK_USE_SUDO}" - -addtask install_npm before do_fetch - python fetch_npm() { import json, os, shutil, re @@ -211,7 +167,7 @@ python fetch_npm() { json_objs = {'dependencies': { npmpn: '' }} json.dump(json_objs, outfile, indent=2) - runcmd(d, "npm ci --global-style --ignore-scripts --verbose", "fetch-tmp") + runcmd(d, "npm ci --global-style --ignore-scripts --verbose") package_filename = "node_modules/" + npmpn + "/package.json" with open(package_filename) as infile: @@ -227,17 +183,19 @@ python fetch_npm() { os.rename("node_modules/" + npmpn, "package") - runcmd(d, "tar czf package.tgz --exclude .bin package", "fetch-tmp") + runcmd(d, "tar czf package.tgz --exclude .bin package") shutil.copyfile("package.tgz", bundled_tgz) with open(bundled_tgz_hash, 'w') as hash_file: hash_file.write(fetch_hash) os.chdir(old_cwd) + bb.build.exec_func("npm_fetch_undo_mounts", d) } do_fetch[postfuncs] += "fetch_npm" do_fetch[cleandirs] += "${WORKDIR}/fetch-tmp" +do_fetch[depends] += "${SCHROOT_DEP}" python clean_npm() { import os