1
0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-07-18 16:37:08 +00:00

Compare commits

...

8 Commits

Author SHA1 Message Date
Jon Mason 150169d01f arm/linux-yocto: backport patch to fix 6.5.13 networking issues
Linux kernel commit 9aea191c29e18f7c044a2f95a2da7f7b7fdd0449 (backported
to 6.5.13 as part of the stable process) introduces an bug, which is
preventing networking from functioning (and logging lots of errors in
dmesg).  Linux kernel commit 45b3fae4675dc1d4ee2d7aefa19d85ee4f891377
resolves the issue.

It is need for everything, but only applying for aarch64 to keep the
CI tooling happy.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-03-12 14:00:59 -04:00
Emekcan Aras 9a4ae38e84 arm-bsp/optee: Improve PIN counter handling robustness
This patches a security issue discovered lately in OP-TEE version
earlier than v4.1. The detailed report can be found here:

https://github.com/OP-TEE/optee_os/security/advisories/GHSA-2f5m-q4w3-865p

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
2024-02-21 09:54:41 +00:00
Ross Burton 12e80bade1 CI: use https: to fetch meta-virtualization
Some firewalls may reject git: traffic, so use https.

Signed-off-by: Ross Burton <ross.burton@arm.com>
2024-02-15 12:24:04 +00:00
Harsimran Singh Tungal 6bfd024269 arm-bsp/tf-a-tests: fix corstone1000
The tftf tests are getting stuck on nanbield for corstone1000
due to incompatible optee version. The optee version on nanbield
needs to be upgraded to fix the tftf tests. To avoid that upgrade
on the release branch, some tftf tests are skipped for corstone1000
platform to make the tftf tests work.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
2024-02-08 14:11:47 +00:00
Ross Burton 7915779267 arm-bsp/documentation: upgrade Sphinx slightly
Many Sphinx plugins now require Sphinx 5+ ([1], [2], and more), so
sphinx 4.5 isn't usable as the requirements in sphinx itself are not
pinned so you end up with a broken setup with errors such as:

sphinx.errors.VersionRequirementError: The sphinxcontrib.serializinghtml
extension used by this project needs at least Sphinx v5.0; it therefore
cannot be built with this version.

There's a sufficient number of plugins that manually pinning them all is
tedious, so upgrade the documentation to Sphinx 5 (and the corresponding
RTD theme).

Also remove sphinx-copybutton, as this extension is unused.

[1] https://github.com/sphinx-doc/sphinxcontrib-applehelp/commit/ccc77c814a92ef21c300e5ef725b76c40b7ce653
[2] https://github.com/sphinx-doc/sphinxcontrib-devhelp/commit/b2dc14bd8bdd7994c565d254772a0ba3ddecfe51

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-01-18 10:53:16 -05:00
Harsimran Singh Tungal 987d685ed0 corstone1000:arm-bsp/tftf: Fix tftf tests on mps3
The tftf tests were getting crashed on the MPS3 and two issues were found
during investigation. This change set provide fix for those issues:
1. The tftf tests were getting crashed on the MPS3 when compiled with
LOG_LEVEL=50. So, reducing the log level and aligning it with the TF-A
allows us to get rid of the crash.

2. Once the above crash got resolved, it has been found that tftf tests
were getting asserted while reading the value of the register
GICD_ITARGETSR. The reason for the crash is that the value of this register
is zero. As per the GIC documentation, this register is RAZ/WI for uniprocessor
implementation and corstone1000 is uniprocessor implementation for FPGA.
So, this change compiles the tftf tests in release mode which allows us
to compile out the assert definitions.

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-01-18 09:34:00 -05:00
Debbie Martin 79c52afe74 ci: Add Arm SystemReady firmware and IR ACS builds
Add CI builds for Arm SystemReady Firmware within the fvp-base CI job and a new
Arm SystemReady IR ACS build job. Add the CI kas config for each of these
builds.

The ACS build can be controlled by the ACS_TEST GitLab variable to specify
whether or not to run the testimage. If this variable is not set, the
testimage step will not run. The job tag can be controlled by the ACS_TAG GitLab
variable.

Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-01-08 09:09:36 -05:00
Debbie Martin 5afb0ce40e arm-systemready: Add parted dependency and inherit testimage
Add the parted-native dependency explicitly which is needed to
use wic commands.

Also explicitly inherit testimage. This means that the kas config
is no longer required to include it in IMAGE_CLASSES.

Signed-off-by: Debbie Martin <Debbie.Martin@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2024-01-08 09:09:36 -05:00
14 changed files with 343 additions and 15 deletions
+18 -2
View File
@@ -9,6 +9,8 @@ variables:
# by default
FF_KUBERNETES_HONOR_ENTRYPOINT: 1
FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: 0
ACS_TEST: 0
ACS_TAG: ""
stages:
- prep
@@ -67,8 +69,8 @@ stages:
name: "logs"
when: always
paths:
- $CI_PROJECT_DIR/work/build/tmp/work*/**/temp/log.do_*.*
- $CI_PROJECT_DIR/work/build/tmp/work*/**/testimage/*
- $CI_PROJECT_DIR/work/build/tmp*/work*/**/temp/log.do_*.*
- $CI_PROJECT_DIR/work/build/tmp*/work*/**/testimage/*
#
# Prep stage, update repositories once.
@@ -126,6 +128,20 @@ fvp-base:
matrix:
- TESTING: testimage
- FIRMWARE: edk2
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: fvp-base
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
fvps:
extends: .build
+4
View File
@@ -0,0 +1,4 @@
header:
version: 11
includes:
- kas/arm-systemready-firmware.yml
+14
View File
@@ -0,0 +1,14 @@
header:
version: 11
includes:
- kas/arm-systemready-ir-acs.yml
env:
ACS_TEST: "0"
local_conf_header:
testimage: |
TESTIMAGE_AUTO = "${ACS_TEST}"
target:
- arm-systemready-ir-acs
+1 -1
View File
@@ -5,4 +5,4 @@ header:
repos:
meta-virtualization:
url: git://git.yoctoproject.org/meta-virtualization
url: https://git.yoctoproject.org/meta-virtualization
-5
View File
@@ -8,10 +8,5 @@ env:
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
local_conf_header:
systemready-ir-acs: |
IMAGE_CLASSES:append = " testimage"
target:
- arm-systemready-ir-acs
+2 -3
View File
@@ -6,7 +6,6 @@
jinja2==3.1.1
# Required to build the documentation
sphinx==4.5.0
sphinx_rtd_theme==1.0.0
sphinx-copybutton==0.5.0
sphinx~=5.0
sphinx_rtd_theme~=2.0.0
docutils==0.17.1
@@ -0,0 +1,33 @@
From 27300daa2397c89e13aa648db30aa5c6acb06bcc Mon Sep 17 00:00:00 2001
From: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Date: Fri, 2 Feb 2024 11:58:33 +0000
Subject: [PATCH] corstone1000: skip tftf tests
Skip some tests for platform corstone1000 which make the tftf tests
hanged when use with optee v3.22
Upstream-Status: Pending
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
---
plat/arm/corstone1000/tests_to_skip.txt | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/plat/arm/corstone1000/tests_to_skip.txt b/plat/arm/corstone1000/tests_to_skip.txt
index fdab230..c5eaac0 100644
--- a/plat/arm/corstone1000/tests_to_skip.txt
+++ b/plat/arm/corstone1000/tests_to_skip.txt
@@ -13,3 +13,11 @@ Timer framework Validation/Verify the timer interrupt generation
CPU Hotplug/CPU hotplug
PSCI CPU Suspend
PSCI STAT/for valid composite state CPU suspend
+FF-A Direct messaging/FF-A Request SP-to-SP direct messaging
+FF-A Direct messaging/FF-A Request SP-to-SP direct messaging deadlock
+FF-A Memory Sharing/Share Memory with Secure World
+FF-A Memory Sharing/Request Donate Memory SP-to-SP
+FF-A Memory Sharing/Request Share Memory SP-to-VM
+SIMD,SVE Registers context/Check that SIMD registers context is preserved
+FF-A Interrupt/Test NS interrupts
+SMMUv3 tests
--
2.34.1
@@ -1,6 +1,14 @@
# Machine specific TFAs
FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
COMPATIBLE_MACHINE:corstone1000 = "corstone1000"
SRCREV:corstone1000 = "5f591f67738a1bbe6b262c53d9dad46ed8bbcd67"
EXTRA_OEMAKE:append:corstone1000 = " DEBUG=0"
EXTRA_OEMAKE:append:corstone1000 = " LOG_LEVEL=30"
TFTF_MODE:corstone1000 = "release"
SRC_URI:append:corstone1000 = " \
file://0001-corstone1000-skip-tftf-tests.patch \
"
COMPATIBLE_MACHINE:n1sdp = "n1sdp"
@@ -19,6 +19,9 @@ EXTRA_OEMAKE += "USE_NVM=0"
EXTRA_OEMAKE += "SHELL_COLOR=1"
EXTRA_OEMAKE += "DEBUG=1"
# Modify mode based on debug or release mode
TFTF_MODE ?= "debug"
# Platform must be set for each machine
TFA_PLATFORM ?= "invalid"
@@ -45,7 +48,7 @@ SYSROOT_DIRS += "/firmware"
do_install() {
install -d -m 755 ${D}/firmware
install -m 0644 ${B}/${TFA_PLATFORM}/debug/tftf.bin ${D}/firmware/tftf.bin
install -m 0644 ${B}/${TFA_PLATFORM}/${TFTF_MODE}/tftf.bin ${D}/firmware/tftf.bin
}
do_deploy() {
@@ -0,0 +1,205 @@
From d75c42ff2847b090d5b1f11c49067cd41fcc2734 Mon Sep 17 00:00:00 2001
From: Loic Poulain <loic.poulain@linaro.org>
Date: Tue, 31 Oct 2023 11:07:00 +0100
Subject: [PATCH] ta: pkcs11: Improve PIN counter handling robustness
Make sure PIN check attempt is saved persistently before continuing with
the actual PIN verification, improving counter and flags coherency in
case of subsequent failure with persistent saving.
Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/6445/commits/0a74733d9437d94a5b4b2db6c40c5755cabc5393]
---
ta/pkcs11/src/pkcs11_token.c | 126 +++++++++++++++++------------------
1 file changed, 62 insertions(+), 64 deletions(-)
diff --git a/ta/pkcs11/src/pkcs11_token.c b/ta/pkcs11/src/pkcs11_token.c
index ab0fc291e..c5271e449 100644
--- a/ta/pkcs11/src/pkcs11_token.c
+++ b/ta/pkcs11/src/pkcs11_token.c
@@ -1132,117 +1132,115 @@ static enum pkcs11_rc check_so_pin(struct pkcs11_session *session,
uint8_t *pin, size_t pin_size)
{
struct ck_token *token = session->token;
+ struct token_persistent_main *db = token->db_main;
enum pkcs11_rc rc = PKCS11_CKR_OK;
- assert(token->db_main->flags & PKCS11_CKFT_TOKEN_INITIALIZED);
+ assert(db->flags & PKCS11_CKFT_TOKEN_INITIALIZED);
if (IS_ENABLED(CFG_PKCS11_TA_AUTH_TEE_IDENTITY) &&
- token->db_main->flags & PKCS11_CKFT_PROTECTED_AUTHENTICATION_PATH)
+ db->flags & PKCS11_CKFT_PROTECTED_AUTHENTICATION_PATH)
return verify_identity_auth(token, PKCS11_CKU_SO);
- if (token->db_main->flags & PKCS11_CKFT_SO_PIN_LOCKED)
+ if (db->flags & PKCS11_CKFT_SO_PIN_LOCKED)
return PKCS11_CKR_PIN_LOCKED;
- rc = verify_pin(PKCS11_CKU_SO, pin, pin_size,
- token->db_main->so_pin_salt,
- token->db_main->so_pin_hash);
- if (rc) {
- unsigned int pin_count = 0;
+ /*
+ * Preset the counter and flags conservatively in the database so that
+ * the tentative is saved whatever happens next.
+ */
+ db->flags |= PKCS11_CKFT_SO_PIN_COUNT_LOW;
+ db->so_pin_count++;
- if (rc != PKCS11_CKR_PIN_INCORRECT)
- return rc;
+ if (db->so_pin_count == PKCS11_TOKEN_SO_PIN_COUNT_MAX - 1)
+ db->flags |= PKCS11_CKFT_SO_PIN_FINAL_TRY;
+ else if (db->so_pin_count == PKCS11_TOKEN_SO_PIN_COUNT_MAX)
+ db->flags |= PKCS11_CKFT_SO_PIN_LOCKED;
- token->db_main->flags |= PKCS11_CKFT_SO_PIN_COUNT_LOW;
- token->db_main->so_pin_count++;
-
- pin_count = token->db_main->so_pin_count;
- if (pin_count == PKCS11_TOKEN_SO_PIN_COUNT_MAX - 1)
- token->db_main->flags |= PKCS11_CKFT_SO_PIN_FINAL_TRY;
- if (pin_count == PKCS11_TOKEN_SO_PIN_COUNT_MAX)
- token->db_main->flags |= PKCS11_CKFT_SO_PIN_LOCKED;
-
- update_persistent_db(token);
+ update_persistent_db(token);
- if (token->db_main->flags & PKCS11_CKFT_SO_PIN_LOCKED)
+ rc = verify_pin(PKCS11_CKU_SO, pin, pin_size,
+ db->so_pin_salt,
+ db->so_pin_hash);
+ if (rc == PKCS11_CKR_PIN_INCORRECT) {
+ if (db->flags & PKCS11_CKFT_SO_PIN_LOCKED)
return PKCS11_CKR_PIN_LOCKED;
return PKCS11_CKR_PIN_INCORRECT;
}
- if (token->db_main->so_pin_count) {
- token->db_main->so_pin_count = 0;
+ if (rc)
+ db->so_pin_count--;
+ else
+ db->so_pin_count = 0;
- update_persistent_db(token);
+ db->flags &= ~PKCS11_CKFT_SO_PIN_LOCKED;
+ if (db->so_pin_count < PKCS11_TOKEN_SO_PIN_COUNT_MAX - 1) {
+ db->flags &= ~PKCS11_CKFT_SO_PIN_FINAL_TRY;
+ if (!db->so_pin_count)
+ db->flags &= ~PKCS11_CKFT_SO_PIN_COUNT_LOW;
}
- if (token->db_main->flags & (PKCS11_CKFT_SO_PIN_COUNT_LOW |
- PKCS11_CKFT_SO_PIN_FINAL_TRY)) {
- token->db_main->flags &= ~(PKCS11_CKFT_SO_PIN_COUNT_LOW |
- PKCS11_CKFT_SO_PIN_FINAL_TRY);
-
- update_persistent_db(token);
- }
+ update_persistent_db(token);
- return PKCS11_CKR_OK;
+ return rc;
}
static enum pkcs11_rc check_user_pin(struct pkcs11_session *session,
uint8_t *pin, size_t pin_size)
{
struct ck_token *token = session->token;
+ struct token_persistent_main *db = token->db_main;
enum pkcs11_rc rc = PKCS11_CKR_OK;
if (IS_ENABLED(CFG_PKCS11_TA_AUTH_TEE_IDENTITY) &&
- token->db_main->flags & PKCS11_CKFT_PROTECTED_AUTHENTICATION_PATH)
+ db->flags & PKCS11_CKFT_PROTECTED_AUTHENTICATION_PATH)
return verify_identity_auth(token, PKCS11_CKU_USER);
- if (!token->db_main->user_pin_salt)
+ if (!db->user_pin_salt)
return PKCS11_CKR_USER_PIN_NOT_INITIALIZED;
- if (token->db_main->flags & PKCS11_CKFT_USER_PIN_LOCKED)
+ if (db->flags & PKCS11_CKFT_USER_PIN_LOCKED)
return PKCS11_CKR_PIN_LOCKED;
- rc = verify_pin(PKCS11_CKU_USER, pin, pin_size,
- token->db_main->user_pin_salt,
- token->db_main->user_pin_hash);
- if (rc) {
- unsigned int pin_count = 0;
-
- if (rc != PKCS11_CKR_PIN_INCORRECT)
- return rc;
-
- token->db_main->flags |= PKCS11_CKFT_USER_PIN_COUNT_LOW;
- token->db_main->user_pin_count++;
+ /*
+ * Preset the counter and flags conservatively in the database so that
+ * the tentative is saved whatever happens next.
+ */
+ db->flags |= PKCS11_CKFT_USER_PIN_COUNT_LOW;
+ db->user_pin_count++;
- pin_count = token->db_main->user_pin_count;
- if (pin_count == PKCS11_TOKEN_USER_PIN_COUNT_MAX - 1)
- token->db_main->flags |= PKCS11_CKFT_USER_PIN_FINAL_TRY;
- if (pin_count == PKCS11_TOKEN_USER_PIN_COUNT_MAX)
- token->db_main->flags |= PKCS11_CKFT_USER_PIN_LOCKED;
+ if (db->user_pin_count == PKCS11_TOKEN_USER_PIN_COUNT_MAX - 1)
+ db->flags |= PKCS11_CKFT_USER_PIN_FINAL_TRY;
+ else if (db->user_pin_count == PKCS11_TOKEN_USER_PIN_COUNT_MAX)
+ db->flags |= PKCS11_CKFT_USER_PIN_LOCKED;
- update_persistent_db(token);
+ update_persistent_db(token);
- if (token->db_main->flags & PKCS11_CKFT_USER_PIN_LOCKED)
+ rc = verify_pin(PKCS11_CKU_USER, pin, pin_size,
+ db->user_pin_salt,
+ db->user_pin_hash);
+ if (rc == PKCS11_CKR_PIN_INCORRECT) {
+ if (db->flags & PKCS11_CKFT_USER_PIN_LOCKED)
return PKCS11_CKR_PIN_LOCKED;
return PKCS11_CKR_PIN_INCORRECT;
}
- if (token->db_main->user_pin_count) {
- token->db_main->user_pin_count = 0;
+ if (rc)
+ db->user_pin_count--;
+ else
+ db->user_pin_count = 0;
- update_persistent_db(token);
+ db->flags &= ~PKCS11_CKFT_USER_PIN_LOCKED;
+ if (db->user_pin_count < PKCS11_TOKEN_USER_PIN_COUNT_MAX - 1) {
+ db->flags &= ~PKCS11_CKFT_USER_PIN_FINAL_TRY;
+ if (!db->user_pin_count)
+ db->flags &= ~PKCS11_CKFT_USER_PIN_COUNT_LOW;
}
- if (token->db_main->flags & (PKCS11_CKFT_USER_PIN_COUNT_LOW |
- PKCS11_CKFT_USER_PIN_FINAL_TRY)) {
- token->db_main->flags &= ~(PKCS11_CKFT_USER_PIN_COUNT_LOW |
- PKCS11_CKFT_USER_PIN_FINAL_TRY);
-
- update_persistent_db(token);
- }
+ update_persistent_db(token);
- return PKCS11_CKR_OK;
+ return rc;
}
enum pkcs11_rc entry_ck_set_pin(struct pkcs11_client *client,
--
2.25.1
@@ -10,4 +10,5 @@ SRC_URI += " \
file://0002-core-Define-section-attributes-for-clang.patch \
file://0003-optee-enable-clang-support.patch \
file://0004-core-link-add-no-warn-rwx-segments.patch \
file://0005-ta-pkcs11-Improve-PIN-counter-handling-robustness.patch \
"
@@ -12,12 +12,11 @@
INHIBIT_DEFAULT_DEPS = "1"
COMPATIBLE_HOST = "aarch64-*"
PACKAGE_ARCH = "${MACHINE_ARCH}"
inherit nopackages deploy rootfs-postcommands ${IMAGE_CLASSES} python3native
inherit nopackages deploy rootfs-postcommands ${IMAGE_CLASSES} python3native testimage
do_configure[noexec] = "1"
do_compile[noexec] = "1"
do_install[noexec] = "1"
do_testimage[depends] += "mtools-native:do_populate_sysroot"
# Deploy with this suffix so it is picked up in the machine configuration
IMAGE_DEPLOY_SUFFIX ?= ".wic"
@@ -80,7 +79,9 @@ RM_WORK_EXCLUDE_ITEMS += "${@ os.path.basename(d.getVar('TEST_LOG_DIR')) }"
do_testimage[postfuncs] += "acs_logs_handle"
do_testimage[depends] += "edk2-test-parser-native:do_populate_sysroot \
arm-systemready-scripts-native:do_populate_sysroot"
arm-systemready-scripts-native:do_populate_sysroot \
mtools-native:do_populate_sysroot \
parted-native:do_populate_sysroot"
# Process the logs
python acs_logs_handle() {
@@ -0,0 +1,46 @@
From 45b3fae4675dc1d4ee2d7aefa19d85ee4f891377 Mon Sep 17 00:00:00 2001
From: "Gustavo A. R. Silva" <gustavoars@kernel.org>
Date: Sat, 25 Nov 2023 15:33:58 -0600
Subject: [PATCH] neighbour: Fix __randomize_layout crash in struct neighbour
Previously, one-element and zero-length arrays were treated as true
flexible arrays, even though they are actually "fake" flex arrays.
The __randomize_layout would leave them untouched at the end of the
struct, similarly to proper C99 flex-array members.
However, this approach changed with commit 1ee60356c2dc ("gcc-plugins:
randstruct: Only warn about true flexible arrays"). Now, only C99
flexible-array members will remain untouched at the end of the struct,
while one-element and zero-length arrays will be subject to randomization.
Fix a `__randomize_layout` crash in `struct neighbour` by transforming
zero-length array `primary_key` into a proper C99 flexible-array member.
Fixes: 1ee60356c2dc ("gcc-plugins: randstruct: Only warn about true flexible arrays")
Closes: https://lore.kernel.org/linux-hardening/20231124102458.GB1503258@e124191.cambridge.arm.com/
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Tested-by: Joey Gouly <joey.gouly@arm.com>
Link: https://lore.kernel.org/r/ZWJoRsJGnCPdJ3+2@work
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Upstream-Status: Backport
Signed-off-by: Jon Mason <jon.mason@arm.com>
---
include/net/neighbour.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/include/net/neighbour.h b/include/net/neighbour.h
index 07022bb0d44d..0d28172193fa 100644
--- a/include/net/neighbour.h
+++ b/include/net/neighbour.h
@@ -162,7 +162,7 @@ struct neighbour {
struct rcu_head rcu;
struct net_device *dev;
netdevice_tracker dev_tracker;
- u8 primary_key[0];
+ u8 primary_key[];
} __randomize_layout;
struct neigh_ops {
@@ -1,5 +1,8 @@
ARMFILESPATHS := "${THISDIR}/files:"
FILESEXTRAPATHS:prepend:aarch64 = "${ARMFILESPATHS}"
SRC_URI:append:aarch64 = " file://0001-neighbour-Fix-__randomize_layout-crash-in-struct-nei.patch"
COMPATIBLE_MACHINE:generic-arm64 = "generic-arm64"
FILESEXTRAPATHS:prepend:generic-arm64 = "${ARMFILESPATHS}"
SRC_URI:append:generic-arm64 = " \