1
0
mirror of https://git.yoctoproject.org/meta-arm synced 2026-07-18 04:27:08 +00:00

Compare commits

..

55 Commits

Author SHA1 Message Date
Ross Burton 8961c3e10a arm-toolchain/layer.conf: remove BB_DANGLINGAPPENDS_WARNONLY
This appears to be historical from when the toolchain was in meta-linaro.

It isn't needed anymore, there's one bbappend in meta-arm-toolchain for
grub which is part of oe-core, so will never be dangling.

This variable has a global effect, so leaving it in here has a negative
impact on users.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2022-08-04 14:08:22 -04:00
Jon Mason 1f815d6e9a arm/trusted-firmware-a: Fix v2.4 recipe
The previous patch didn't have the necessary space when doing an
append.  Luckily, the include file append before this one had an extra
space.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2022-07-11 11:15:11 -04:00
Jon Mason b1e01a2ced arm/trusted-firmware-a: Fix v1.5 recipe
0003-xlat-tables-v2-remove-tautological-assert.patch does not apply on
the TF-A v1.5 sources.  Move that file append to the v2.4 recipe so that
it will not attempt to apply for v1.5.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2022-07-02 15:17:07 -04:00
Jon Mason 878fabbfc7 ci: make get-binary-toolchain run per build
In a distributed, non-homogeneous CI setup, the binary-toolchain setup
script might not run on the machine that needs the toolchains.  Make
this per-build and it will always be there, at the expense of running on
builds that might not need it (though it still should be fast).

Also, there is an issue with the directory where the binary toolchain is
located being global, and racing against other systems using, setting up,
and tearing down.  Link this to a local directory to avoid any races.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2022-03-11 13:24:24 -05:00
Jon Mason d2d7bfa38f arm-bsp: fix yylloc kernel build error
Backport patch from upstream to address the following error:
scripts/dtc/dtc-parser.tab.o:(.bss+0x20): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here

Signed-off-by: Jon Mason <jon.mason@arm.com>
2022-03-11 11:52:53 -05:00
Ross Burton fe35ff5ba8 CI: use the latest release of the Kas container
If we don't specify a tag name GitLab uses the 'latest' tag, which for
Kas is moved whenever an image build is made.

Instead explicitly use the latest-release tag, which is only updated
when a release is made.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2022-01-28 15:00:08 -05:00
Hugo L'Hostis 71686ac05c arm-bsp/n1sdp: remove debug and verbose kernel cmd line parameters from grub cfg
By removing the verbose and debug kernel command line parameters from the grub
menu entries we prevent the console printing unnecessary messages and slowing
down the boot process.

Issue-Id: SCM-3027
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: Ieb68c606b7ed5b20191f6989aea84963b8cda778
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-09-21 11:53:18 -04:00
Ross Burton e9d695f132 arm/generic-arm64: recommend kernel modules and firmware
The generic-arm64 machine is meant to be generic, so pull in all the
kernel modules and firmware we have to increase the chances of hardware
working out of the box.

Change-Id: I51f500f6a6f821fa8df5bee062a52077dcf8e564
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-09-16 09:12:38 -04:00
Ross Burton f86bf75a6e arm/generic-arm64: set machine features
Set a slew of generic machine features that other parts of oe-core will
respect.

Change-Id: I47ea187128c7e3a9f8b711b74467b20b9cb4fcee
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-09-16 09:12:38 -04:00
Ross Burton 2d7af5f9d7 arm/generic-arm64: use a custom EFI wic file
Instead of using the pre-canned Wic kickstart file, provide our own.
This lets us specify that UUIDs should be used in the fstab, meaning
that the image is agnostic to the device type.

Change-Id: If9c0083c16f8bd2ad7d573a0d356383553aa8936
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-09-16 09:12:38 -04:00
Ross Burton ee1b109e36 arm/generic-arm64: don't set SERIAL_CONSOLES
This machine expects something approximating SystemReady, which means
the firmware should be capable of telling the kernel where the console
is.

Remove SERIAL_CONSOLES so the kernel does what the firmware is told, and
doesn't try to use serial consoles that don't exist.

Change-Id: Ib0b008fececf4c046112bdede9d0d3ebf9dc332b
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-09-16 09:12:38 -04:00
Ross Burton ba82ea920a arm-bsp/linux-yocto: drop upstreamed N1SDP patch
This patch was upstreamed in 5.10.54.

Change-Id: Iacf6345c4d4ffa8e512e2f812876fdd50a057f96
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-08-29 10:42:07 -04:00
Jon Mason e82b83c92e juno: temporarily pin 5.4 kernel version
Recent changes in the 5.4 kernel are preventing the juno patches from
applying.  Temporarily pin the kernel to the version prior to this until
the patches can be rebased.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-08-09 16:14:53 -04:00
Jon Mason 30077d988f CI: add ssh tests
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-08-09 16:14:53 -04:00
Jon Mason 85f2a93c0a CI: merge testimage into the build stage
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-08-09 16:14:53 -04:00
Anastasios Kavoukis e4520e2a63 CI: enable debug-tweaks IMAGE_FEATURE
This makes the images suitable for development and test,
debug-tweaks includes settings like empty root password.

All CI image builds inheriting from base.yml will
have this include this setting.

Signed-off-by: Anastasios Kavoukis <anastasios.kavoukis@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-08-09 16:14:53 -04:00
Hugo L'Hostis 328c85778b arm-autonomy/fvp-base: Add support for runfvp for arm-autonomy-host
Expand the FVP_DATA variable used by the fvpboot.bbclass to load both Xen
and its device tree when building arm-autonomy-host image for fvp-base.

Issue-Id: SCM-2718
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: Ia6e2f6a13e84c8e762d297ac34ccbe5417a7793b
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-07-27 14:23:18 -04:00
Ross Burton 4e14a1c5ee CI: set interruptible on all jobs
The previous attempt at setting interruptible didn't work as it needs to
happen on all tasks, as once a single uninterruptible job has executed
the pipeline cannot be cancelled.  Unfortunately the setup jobs were
not interruptible, so the pipeline could never be cancelled.

Change-Id: I5416bc3f9a883ace24c12607b2ebc24bc428b50b
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-07-22 12:26:47 +01:00
Ross Burton 3d9cf26be1 ci/check-warnings: ignore warnings that we're using the mirror
SourceForge in particular doesn't like multiple connections from the
same IP, but when a source mirror is being populated for the first time
this will happen. Our fetch falls back to the Yocto mirror so it doesn't
cause a failure, but there is a warning logged which our CI then fails
because of.

As we don't care about these warnings, filter them out of the log before
checking if there were any errors.

Change-Id: I36c97c5d9923f1c4d14c4588f3780211cccb57b2
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
2021-07-22 12:26:00 +01:00
Sumit Garg afd9bf7ee6 arm/qemuarm64-secureboot: Enable kernel TEE drivers
Add a config fragment to enable kernel TEE drivers.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-07-20 08:54:26 -04:00
Timothy Mertz e82d9fdd49 external-arm-sdk-toolchain: Fix parsing error with INCOMPATIBLE_LICENSE
This change fixes parsing error that occurs when INCOMPATIBLE_LICENSE =
"GPLv3" by defining EAT_BFD_LICENSE, EAT_GDB_LICENSE and EAT_RLE_LICENSE
in license.inc and requiring it in external-arm-sdk-toolchain.bb

Definitions in external-arm-toolchain-versions.inc are made redundant so
they are removed.

Signed-off-by: Timothy Mertz <timothy.mertz@garmin.com>
Signed-off-by: Joshua Watt <Joshua.Watt@garmin.com>
Reviewed-by: Denys Dmytriyenko <denis@denix.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-07-02 10:54:52 -04:00
Diego Sueiro eec8640c16 arm-bsp/u-boot/fvp-base: Make usage of config fragments to set CONFIG_BOOTARGS
Since u-boot recipe supports using config fragments let's use it instead of
patching the vexpress_aemv8a_semi_defconfig file.

Issue-Id: SCM-2329
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: I7feba5d23a6eab501cade38c188cb8414d0b86bd
(cherry picked from commit 1a46824760)
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-29 13:45:40 -04:00
Jon Mason 4e3f2de11d CI: add testing and testimage
Add a testing task to the gitlab CI and run testimage in that job.
Currently, it only runs against some of the qemu based machines.
Using slirp, there is no need for a privileged container or tun/tap
devices.

Change-Id: Ia85a3d0089f7d4dc7595c3a45d328c79d8e675f1
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-29 11:14:23 -04:00
Jon Mason 04d9436f9d arm/linux: temporarily use 5.10.21 kernel for qemuarm64-secureboot
Patches for ZONE_DMA continue to be added to the 5.10.x kernel, causing
the removal patch to constantly break.  While working on a better fix,
regress the kernel to 5.10.21 (last version before ZONE_DMA was added)
to keep the CI working.

Change-Id: I537dd061ae0c6d2adce6649d03bd63a3d5dfffe9
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-23 09:41:11 -04:00
Ross Burton b8e69c8bb3 ci: add yocto-check-layers step
Add a job to run yocto-check-layers to validate a selection of layers
are Yocto Project Compatible.

Right now we validate:
- meta-arm
- meta-arm-bsp
- meta-arm-toolchain
- meta-gem5

meta-atp and meta-arm-autonomy are currently skipped: meta-atp fails and
meta-arm-autonomy has a larger set of dependant layers and will be added
later.

Change-Id: Ia0c8c16e4228eeb461bd213b30703e950ede656f
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-23 09:41:11 -04:00
Ross Burton 1de9c1ffb8 arm-bsp/linux: guard FILESEXTRAPATHS changes in overrides
Because of how the kernel class searches for files any changes to
FILESEXTRAPATHS should be done in an override so it doesn't potentially
impact unrelated builds.

Issue spotted by running yocto-check-layer.

Change-Id: Id3b741d184a024d0cc6d2d5031e150a8f0ae4b0d
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-23 09:41:11 -04:00
Ross Burton ae5fed3951 arm-bsp/tc0-artifacts-image: restrict to TC0
This recipe is for TC0, so set COMPATIBLE_MACHINE appropriately.

This is both logically correct, and fixes a Yocto Compatible test failure
where tc0-artifacts-image isn't buildable for arbitrary machines.

Change-Id: I6381fc08076d4ddea254f7efc84f90c4a7f65d26
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-23 09:41:11 -04:00
Diego Sueiro e0c855cc24 arm-autonomy/fvp-base: Make usage of wic images
In meta-arm-bsp fvp-base switched to wic images. Hence, make the appropriate
changes to also use wic images in meta-arm-autonomy.

Change-Id: I34d68fee11ea339fb52a97d7593e373aa69faa1c
Issue-Id: SCM-2329
Signed-off-by: Diego Sueiro <diego.sueiro@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
(cherry picked from commit b2031ed7ca)
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-21 14:53:01 -04:00
Kamil Dziezyk 8f2dcc25f0 arm-bsp/fvp-base*: Introduce WIC support for fvp-base* machines
Add wks script that contains two partitions.
Rootfs is populated to second partition, because the first one is empty,
to keep compatibility with image_types_disk_img.bbclass
and use the same root device set in u-boot bootargs parameter.

Both wic and disk.img files are built by default.

Issue-Id: SCM-2698
Signed-off-by: Kamil Dziezyk <kamil.dziezyk@arm.com>
Change-Id: Ib5b5c3a7aa6e8fe9fa90a2955ae1e461caa01356
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-21 14:53:01 -04:00
Ross Burton 646239278a arm-bsp/fvp-base: set FVP_ variables
So that a fvp-base image can be tested easily, set the relevant FVP_*
variables.

After setting IMAGE_CLASSES += "fvpboot" in local.conf, this will show
the firmware start and Linux boot:

$ MACHINE=fvp-base bitbake core-image-base
$ runfvp fvp-base --console

Change-Id: Id1bd6cea57958117103e53ab9f78a58ce92b6a2e
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton 6873363ede runfvp: drop --parameter, users can use -- --parameter
Now that arbitrary parameters can be passed to the FVP binary, runfvp
doesn't need to handle --parameter itself.

Anyone using runfvp --parameter should simply use runfvp -- --parameter.

Change-Id: I8a79200fe927c253308731e7e0cb228e53cd989a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton b36052691e runfvp: pass arbitrary options after -- to the FVP binary
To allow passing arbitrary options to the FVP binary, split the passed
options on --.  Anything before the separator is handled by runfvp,
anything afterwards is passed as-is to the FVP binary.

Change-Id: I686b2fb79d217e26988753be7bd067c638d69eac
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton 8fe982f8d0 runfvp: exit with the return code of the FVP binary
Change-Id: If79e31e61110161c9a13dd512b0146d1d515d77a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton 77f4023c82 scripts: add runfvp
runfvp is a script that reads existing .fvpconf files (as written by
fvpboot.bbclass) and executes the FVP binary appropriately.

By default the behaviour is the same as running a FVP by hand, but by
passing --console the first serial port is connected to stdin/stdout.

Change-Id: Ibd26867c09e8692be4c02a7ea13571dcfe36db9b
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton c5ebdb44d2 arm/fvpboot: add class to write FVP boot configuration
The fvpboot class is used to write a machine-readable file that describes
how to boot a given machine image inside a FVP, similar to how qemuboot
writes files for runqemu.

BSPs should set the FVP_* variables as appropriate in their machine
configuration, but let the user opt-in to adding fvpboot to IMAGE_CLASSES.

Change-Id: I2d1cd86ec4affc1d688a293987890d6a89124d94
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton 6c622ca3da arm/fvp-library: add recipe for the FVP Library
Add a recipe for the FVP Library:

https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms

This is free to download but is behind a login-wall, and the FVPs are
license managed.

Change-Id: Ia0e7b1bfac54e06faf9d517d5b769acf9670724a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton de18bcf3d2 arm/fvp-base-a-aem: add Architecture Envelope Model FVP for Arm v8-A
Add a recipe for the general purpose Armv-A Base RevC AEM FVP.

This FVP is behind a login-wall so the user has to download it themselves,
but the FVP is free to use.

Change-Id: I14d7b965a05ff9f405a2a12d4da2afd3dd2ecb87
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Ross Burton c9eda152b0 arm/fvp: add recipes for Ecosystem FVPs
Add recipes for the SGI-575 and N1-Edge reference designs from the
Ecosystem FVP collection:

https://developer.arm.com/tools-and-software/open-source-software/arm-platforms-software/arm-ecosystem-fvps

These FVPs are free to download and use.

Change-Id: Ia645e4a7264f73ec42ee61ab2907a9bfdbe7c25d
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-17 11:35:10 -04:00
Hugo L'Hostis 9851e5714a arm-autonomy/xenguest-network: add "none" network type to xenguests
This patch adds a new "none" network type that can be set for xenguests
using XENGUEST_IMAGE_NETWORK_TYPE in their configuration.

Issue-Id: SCM-2338
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: If4f6de282b0048e5c68d293a3db5b56cd5adce66
Signed-off-by: Ross Burton <ross.burton@arm.com>
2021-06-14 10:35:36 -04:00
Hugo L'Hostis 318b47ae05 arm-autonomy/n1sdp: add kernel modules to mount FAT filesystem
This patch adds kernel modules necessary for n1sdp to mount the FAT filesystem
codepage 437 and NLS ISO 8859-1.

Issue-Id: SCM-2682
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: I2d4fede311544917050326564b2b0a7d0123cb21
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-14 10:35:36 -04:00
Jon Mason 4482136c29 ci: clean regularly to reduce size
The Gitlab CI executors do not clean-up after each run, which will
result in a ballooning size over time. Remove all files in the work
tree, removing the problem.  SSTATE should prevent this from causing
any performance by not having the files there.

Change-Id: I57df3cf470c519286fe194739a0a7722794f3b25
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-08 11:29:33 -04:00
Hugo L'Hostis 65d41185b0 arm-autonomy/xenguest-manager: fix xenguest initscript stop sequence
This patch fixes an issue where xenguest initscript stop sequence was not
properly identifying the running guests.

Issue-Id: SCM-2772
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: I3ad88e00f48fab07f99936a10c0d1deb7459e83b
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-08 10:20:29 -04:00
Hugo L'Hostis 10e5981995 arm-bsp/docs: documentation improvements for fvp-baser-aemv8r64
This patch updates the documentation for fvp-baser-aemv8r64 :

- Update link to the yocto documentation.
- Add details about what Host OS version are supported. Add Ubuntu
20.04 specific instructions.
- Warn user about disk space.

Issue-Id: SCM-2665
Signed-off-by: Hugo L'Hostis <hugo.lhostis@arm.com>
Change-Id: I37e6bd3ae0a04258743a5bf1dfc80e515078d524
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-01 11:00:03 -04:00
Filipe Rinaldi 48ffd24725 arm-bsp/docs: Updated documentation fvp-baser-aemv8r64 MACHINE
This update has mainly format related changes (no functional changes) to
improve readability when reading the non-rendered version of it.
- Use underlined style for headers level 1 and 2
- Use indentation to create blocks
- Use double space at the end of each section
- Add indentation to the FVP parameters
- Add pip command to install the kas tool

Issue-Id: SCM-2665
Signed-off-by: Filipe Rinaldi <filipe.rinaldi@arm.com>
Change-Id: I9d4b4dbcef6dc13638b62563ebdf90b6b9d5b686
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-01 11:00:03 -04:00
luca fancellu a727cfe74b arm-autonomy: fix building for xen-tools >=4.15
The 0001-vif-nat-fix-hostname.patch is merged in xen-tools
4.15, so fix the layer to apply the patch only for 4.14.

Issue-Id: SCM-2608
Signed-off-by: Luca Fancellu <luca.fancellu@arm.com>
Change-Id: I1306955ab0b1ee435a8da42e953e142270c4b2d3
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-06-01 11:00:03 -04:00
Ross Burton 12af38f31b ci/base: don't try to make warnings fatal
The generated local.conf has ERROR_QA=${WARN_QA} in an attempt to make
warnings fatal, but this appears to be just disabling some warnings and
error instead.

As we already have warning detection in the GitLab CI script, this is
redundant and can be removed.

Change-Id: I393874edbae148ee338a7069bbf800603c028242
Signed-off-by: Ross Burton <ross.burton@arm.com>
2021-05-25 12:12:44 +01:00
Ross Burton 7ca13b4f15 arm/linux-yocto: add missing LINUX_VERSION to qemuarm64-sbsa
As the SRCREV is pinned to a specific SHA we should also set LINUX_VERSION, as future kernel
upgrades in oe-core master will change both SRCREV and LINUX_VERSION.

Change-Id: Iafababe83ff54625112d2fae859d8a3938001cd5
Signed-off-by: Ross Burton <ross.burton@arm.com>
2021-05-11 16:01:14 +01:00
Peter Hoyes 33e88e8a3a arm-autonomy/linux-arm-autonomy: Remove Xen irq lock patch
The following patch has been backported to kernel 5.10.30:
    0001-xen-evtchn-Change-irq_info-lock-to-raw_spinlock_t.patch

Issue-Id: SCM-2307
Signed-off-by: Peter Hoyes <Peter.Hoyes@arm.com>
Change-Id: I9cef017b60891780176dff944e3eca5986746d8a
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-05-04 10:54:59 -04:00
Jon Mason 301bf3b5fd arm/kernel: fix previous patch
The previous patch broke for qemuarm64-sbsa, ebcause they share the same
defconfig patch but now the upstream kernel SHAs are different.  Change
them to have the same SHAs.

Also, the previous patch lost the patch header.  So re-add that.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-05-02 11:13:02 -04:00
Ross Burton f3227b7a8e arm/linux: guard FILESEXTRAPATHS changes in overrides
Because of how the kernel class searches for files any changes to
FILESEXTRAPATHS should be done in an override so it doesn't potentially
impact unrelated builds.

Issue spotted by running yocto-check-layer.

Change-Id: I3e915a0cafc850d4b2594b655a849977d389465a
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-05-02 11:12:58 -04:00
Jon Mason bd2e25959f arm: combine linux-yocto bbappend files
Combining linux-yocto bbappend into a single file.

Change-Id: Ica4fc2d0edc9939451c572e5eb65f34e4002c26f
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-05-02 11:12:58 -04:00
Jon Mason 6c08dd6c76 arm/kernel: fix broken defconfig patch
Upstream kernel is now being patched, which prevents the patch being
fixed here from applying cleanly.  Rebase it on top of the existing one
to resolve the issue.

Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-05-01 18:39:42 -04:00
Jon Mason a637fa88f2 CI: enable non-arm64 builders
Abstract away all of the things preventing the current setup from
working on only internal, arm64 build hardware.

Change-Id: Ib8d0e8e76602d4553e044520a91349015b1aa19b
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-04-30 13:24:48 -04:00
Jon Mason ef9b9c8e70 CI: use public KAS image
Use the KAS docker image provided by the KAs project for Gitlab CI.
This allows for the external (non-Arm Corp) users/developers to run
Gitlab CI.

Change-Id: I9fee9a0d571e3fd60862d4ccd36176f9e583fc91
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-04-30 13:24:48 -04:00
Jon Mason 235f2a8ca7 CI: Reorder manual tasks to be alphabetical
Change-Id: I2e5bfdf5794c99da530bc2645fb56a5444444be3
Signed-off-by: Jon Mason <jon.mason@arm.com>
2021-04-30 13:24:48 -04:00
1000 changed files with 48866 additions and 35944 deletions
-2
View File
@@ -1,2 +0,0 @@
__pycache__
build
+123 -266
View File
@@ -1,44 +1,22 @@
image: ${MIRROR_GHCR}/siemens/kas/kas:4.3.2
variables:
# These are needed as the k8s executor doesn't respect the container
# entrypoint by default
FF_KUBERNETES_HONOR_ENTRYPOINT: 1
FF_USE_LEGACY_KUBERNETES_EXECUTION_STRATEGY: 0
# The default value for KUBERNETES_CPU_REQUEST
CPU_REQUEST: ""
# The default machine tag for the build jobs
DEFAULT_TAG: ""
# The machine tag for the ACS test jobs
ACS_TAG: ""
# The directory to use as the persistent cache (the root for DL_DIR, SSTATE_DIR, etc)
CACHE_DIR: $CI_BUILDS_DIR/persist
# The container mirror to use
MIRROR_GHCR: ghcr.io
# Whether to run the SystemReady ACS tests
ACS_TEST: 0
# The list of extra Kas fragments to be used when building
EXTRA_KAS_FILES: ""
# The NVD API key to use when fetching CVEs
NVDCVE_API_KEY: ""
image: ghcr.io/siemens/kas/kas:latest-release
# First do a common bootstrap, and then build all the targets
stages:
- prep
- bootstrap
- build
# Common job fragment to get a worker ready
.setup:
tags:
- $DEFAULT_TAG
stage: build
interruptible: true
variables:
KAS_WORK_DIR: $CI_PROJECT_DIR/work
KAS_REPO_REF_DIR: $CACHE_DIR/repos
SSTATE_DIR: $CACHE_DIR/sstate
DL_DIR: $CACHE_DIR/downloads
KAS_REPO_REF_DIR: $CI_BUILDS_DIR/persist/repos
SSTATE_DIR: $CI_BUILDS_DIR/persist/sstate
DL_DIR: $CI_BUILDS_DIR/persist/downloads
BB_LOGCONFIG: $CI_PROJECT_DIR/ci/logging.yml
TOOLCHAIN_DIR: $CACHE_DIR/toolchains
TOOLCHAIN_DIR: $CI_BUILDS_DIR/persist/toolchains
IMAGE_DIR: $CI_PROJECT_DIR/work/build/tmp/deploy/images
TOOLCHAIN_LINK_DIR: $CI_PROJECT_DIR/work/build/toolchains
before_script:
@@ -53,193 +31,93 @@ stages:
# Generalised fragment to do a Kas build
.build:
extends: .setup
variables:
KUBERNETES_CPU_REQUEST: $CPU_REQUEST
rules:
# Don't run MR pipelines
- if: $CI_PIPELINE_SOURCE == "merge_request_event"
when: never
# Don't run pipelines for tags
- if: $CI_COMMIT_TAG
when: never
# Don't run if BUILD_ENABLE_REGEX is set, but the job doesn't match the regex
- if: '$BUILD_ENABLE_REGEX != null && $CI_JOB_NAME !~ $BUILD_ENABLE_REGEX'
when: never
# Allow the dev kernels to fail and not fail the overall build
- if: '$KERNEL == "linux-yocto-dev"'
allow_failure: true
# Catch all for everything else
- if: '$KERNEL != "linux-yocto-dev"'
script:
- KASFILES=$(./ci/jobs-to-kas "$CI_JOB_NAME" $EXTRA_KAS_FILES):lockfile.yml
- echo KASFILES=$KASFILES
- kas dump --update --force-checkout --resolve-refs --resolve-env $KASFILES
- KASFILES=$(./ci/jobs-to-kas $CI_JOB_NAME)
- kas shell --update --force-checkout $KASFILES -c 'cat conf/*.conf'
- kas build $KASFILES
- ./ci/check-warnings $KAS_WORK_DIR/build/warnings.log
artifacts:
name: "logs"
when: always
paths:
- $CI_PROJECT_DIR/work/build/tmp*/work*/**/temp/log.do_*.*
- $CI_PROJECT_DIR/work/build/tmp*/work*/**/testimage/*
#
# Prep stage, update repositories once.
# Set the CI variable CI_CLEAN_REPOS=1 to refetch the respositories from scratch
# Prep stage, update repositories once
#
update-repos:
extends: .setup
stage: prep
allow_failure:
exit_codes: 128
script:
- |
flock --verbose --timeout 60 $KAS_REPO_REF_DIR ./ci/update-repos
# Only generate if doesn't already exist, to allow feature branches to drop one in.
if test -f lockfile.yml; then
echo Using existing lockfile.yml
else
# Be sure that this is the complete list of layers being fetched
kas dump --lock --update ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/clang.yml:ci/meta-virtualization.yml | tee lockfile.yml
fi
artifacts:
name: "lockfile"
paths:
- lockfile.yml
- flock --verbose --timeout 60 $KAS_REPO_REF_DIR ./ci/update-repos
#
# Bootstrap stage, bootstrap and machine coverage
#
# Build a number of native tools first to ensure the other builders don't race
# over them
n1sdp/bootstrap:
extends: .build
stage: bootstrap
# What percentage of machines in the layer do we build
machine-coverage:
stage: bootstrap
interruptible: true
script:
- ./ci/check-machine-coverage
coverage: '/Coverage: \d+/'
#
# Build stage, the actual build jobs
#
# Available options for building are
# DISTRO: [poky, poky-tiny]
# KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
# TOOLCHAINS: [gcc, clang, external-gccarm]
# TCLIBC: [glibc, musl]
# FIRMWARE: [u-boot, edk2]
# TS: [none, trusted-services]
# VIRT: [none, xen]
# TESTING: testimage
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: fvp-base
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
# Validate layers are Yocto Project Compatible
check-layers:
extends: .setup
coverage: '/Coverage: \d+/'
script:
- kas shell --update --force-checkout ci/base.yml:ci/meta-openembedded.yml:lockfile.yml --command \
"yocto-check-layer-wrapper $CI_PROJECT_DIR/$LAYER --dependency $CI_PROJECT_DIR/meta-* $KAS_WORK_DIR/meta-openembedded/meta-oe --no-auto-dependency"
parallel:
matrix:
- LAYER: [meta-arm, meta-arm-bsp, meta-arm-toolchain]
- kas shell --update --force-checkout ci/base.yml:ci/meta-python.yml --command \
"$CI_PROJECT_DIR/ci/check-layers.py $CI_PROJECT_DIR/ci/check-layers.yml $CI_PROJECT_DIR $KAS_WORK_DIR"
corstone1000-fvp:
corstone500:
extends: .build
parallel:
matrix:
- FIRMWARE: corstone1000-firmware-only
TESTING: [testimage, tftf]
- FIRMWARE: none
TESTING: testimage
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
corstone1000-mps3:
corstone700-fvp:
extends: .build
parallel:
matrix:
- FIRMWARE: corstone1000-firmware-only
TESTING: [none, tftf]
- FIRMWARE: none
documentation:
extends: .setup
script:
- |
# This can be removed when the kas container has python3-venv installed
sudo apt-get update && sudo apt-get install --yes python3-venv
python3 -m venv venv
. ./venv/bin/activate
pip3 install -r meta-arm-bsp/documentation/requirements.txt
for CONF in meta-*/documentation/*/conf.py ; do
echo Building $CONF...
SOURCE_DIR=$(dirname $CONF)
MACHINE=$(basename $SOURCE_DIR)
sphinx-build -vW $SOURCE_DIR build-docs/$MACHINE
done
test -d build-docs/
artifacts:
paths:
- build-docs/
corstone700-mps3:
extends: .build
fvp-base:
extends: .build
parallel:
matrix:
- TS: [none, fvp-base-ts]
TESTING: testimage
- FIRMWARE: edk2
- SYSTEMREADY_FIRMWARE: arm-systemready-firmware
arm-systemready-ir-acs:
extends: .build
timeout: 12h
parallel:
matrix:
# arm-systemready-ir-acs must be specified after fvp-base for ordering
# purposes for the jobs-to-kas output. It is not enough to just have it
# in the job name because fvp-base.yml overwrites the target.
- PLATFORM: [fvp-base, corstone1000-fvp]
ARM_SYSTEMREADY_IR_ACS: arm-systemready-ir-acs
tags:
- ${ACS_TAG}
fvps:
fvp-base-arm32:
extends: .build
genericarm64:
fvp-base-arm32/external-gccarm:
extends: .build
fvp-baser-aemv8r64:
extends: .build
gem5-arm64:
extends: .build
gem5-arm64-xen:
extends: .build
gem5-atp-arm64:
extends: .build
generic-arm64:
extends: .build
parallel:
matrix:
- TOOLCHAINS: [gcc, clang]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
juno:
extends: .build
parallel:
matrix:
- TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
# What percentage of machines in the layer do we build
machine-coverage:
extends: .setup
script:
- ./ci/check-machine-coverage
coverage: '/Coverage: \d+/'
juno/clang:
extends: .build
metrics:
extends: .setup
artifacts:
reports:
metrics: metrics.txt
script:
- kas shell --update --force-checkout ci/base.yml --command \
"$CI_PROJECT_DIR/ci/patchreview $CI_PROJECT_DIR/meta-* --verbose --metrics $CI_PROJECT_DIR/metrics.txt"
microbit-v1:
extends: .build
musca-b1:
extends: .build
@@ -249,107 +127,86 @@ musca-s1:
n1sdp:
extends: .build
parallel:
matrix:
- TESTING: [none, n1sdp-ts, n1sdp-optee, tftf]
pending-updates:
extends: .setup
artifacts:
paths:
- update-report
script:
- rm -fr update-report
# This configuration has all of the layers we need enabled
- kas shell --update --force-checkout ci/qemuarm64.yml:ci/meta-openembedded.yml:ci/meta-secure-core.yml:lockfile.yml --command \
"$CI_PROJECT_DIR/scripts/machine-summary.py -t report -o $CI_PROJECT_DIR/update-report $($CI_PROJECT_DIR/ci/listmachines.py meta-arm meta-arm-bsp)"
# Do this on x86 whilst the compilers are x86-only
tags:
- x86_64
qemuarm64-secureboot:
n1sdp/armgcc:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
TCLIBC: [glibc, musl]
TS: [none, qemuarm64-secureboot-ts]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarm64:
qemu-cortex-a53:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarm-secureboot:
qemuarm/testimage:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
TCLIBC: [glibc, musl]
TESTING: testimage
- TOOLCHAINS: external-gccarm
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarm:
qemuarm64-sbsa:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
FIRMWARE: [u-boot, edk2]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
- VIRT: xen
- KERNEL: linux-yocto-dev
TESTING: testimage
qemuarmv5:
qemuarm64-secureboot/testimage:
extends: .build
parallel:
matrix:
- DISTRO: poky
KERNEL: [linux-yocto, linux-yocto-dev, linux-yocto-rt]
TESTING: testimage
- DISTRO: poky-tiny
TESTING: testimage
sbsa-ref:
qemuarm64-secureboot/clang/testimage:
extends: .build
parallel:
matrix:
- KERNEL: [linux-yocto, linux-yocto-rt]
TOOLCHAINS: [gcc, clang]
TESTING: testimage
- KERNEL: linux-yocto-dev
TESTING: testimage
selftest:
extends: .setup
script:
- KASFILES=./ci/qemuarm64.yml:./ci/selftest.yml:lockfile.yml
- kas shell --update --force-checkout $KASFILES -c 'oe-selftest --num-processes 2 --select-tag meta-arm --run-all-tests'
qemuarm64-secureboot/clang/musl/testimage:
extends: .build
qemuarm64-secureboot/musl/testimage:
extends: .build
qemuarmv5/testimage:
extends: .build
sgi575:
extends: .build
toolchains:
tc0:
extends: .build
#
# Utility tasks, not executed automatically
#
delete-dl-dir:
extends: .setup
stage: prep
when: manual
script:
- rm -rf $DL_DIR/*
delete-repo-dir:
extends: .setup
stage: prep
when: manual
script:
- rm -rf $KAS_REPO_REF_DIR/*
# Delete all sstate
delete-sstate:
extends: .setup
stage: prep
when: manual
script:
- rm -rf $SSTATE_DIR/*
delete-toolchains:
extends: .setup
stage: prep
when: manual
script:
- rm -rf $TOOLCHAIN_DIR/*
# Wipe out old sstate
prune-sstate:
extends: .setup
stage: prep
when: manual
script:
- find $SSTATE_DIR -type f -atime +30 -delete
# Report on disk usage
usage:
extends: .setup
stage: prep
when: manual
script:
- du -h -s $DL_DIR $SSTATE_DIR $KAS_REPO_REF_DIR $TOOLCHAIN_DIR
+13 -37
View File
@@ -1,40 +1,23 @@
Introduction
------------
This repository contains the Arm layers for OpenEmbedded.
This repository contains Arm layers for OpenEmbedded
* meta-arm
meta-arm:
This layer provides support for general recipes for the Arm
architecture. Anything that's not needed explicitly for BSPs, the IOTA
distribution, or destined to be upstreamed belongs here.
This layer contains general recipes for the Arm architecture, such as firmware, FVPs, and Arm-specific integration.
meta-arm-bsp:
This layer provides support for Arm reference platforms
* meta-arm-bsp
meta-arm-iota:
This layer provides support for Arm's IOTA Linux Distribution
This layer contains machines for Arm reference platforms, for example FVP Base, N1SDP, and Juno.
meta-arm-toolchain:
This layer provides support for Arm's GNU-A toolset releases
* meta-arm-toolchain
This layer contains recipes for Arm's binary toolchains (GCC and Clang for -A and -M), and a recipe to build Arm's GCC.
Other Directories
-----------------
* ci
This directory contains gitlab continuous integration configuration files (KAS yaml files) as well as scripts needed for this
* kas
This directory contains KAS yaml files to describe builds for systems not used in CI
* scripts
This directory contains scripts used in running the CI tests
Mailing List
------------
To interact with the meta-arm developer community, please email the meta-arm mailing list at meta-arm@lists.yoctoproject.org
Currently, it is configured to only allow emails to members from those subscribed.
To subscribe to the meta-arm mailing list, please go to
https://lists.yoctoproject.org/g/meta-arm
meta-arm-autonomy:
This layer provides a reference stack for autonomous systems.
Contributing
------------
@@ -56,13 +39,6 @@ The component being changed in the shortlog should be prefixed with the layer na
arm-toolchain/gcc: enable foobar v2
Releases and Release Schedule
--------------
We follow the Yocto Project release methodology, schedule, and stable/LTS support timelines. For more information on these, please reference:
https://docs.yoctoproject.org/ref-manual/release-process.html
https://wiki.yoctoproject.org/wiki/Releases
https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS
Reporting bugs
--------------
E-mail meta-arm@lists.yoctoproject.org with the error encountered and the steps
-37
View File
@@ -1,37 +0,0 @@
# Reporting vulnerabilities
Arm takes security issues seriously and welcomes feedback from researchers and
the security community in order to improve the security of its products and
services. We operate a coordinated disclosure policy for disclosing
vulnerabilities and other security issues.
Security issues can be complex and one single timescale doesn't fit all
circumstances. We will make best endeavours to inform you when we expect
security notifications and fixes to be available and facilitate coordinated
disclosure when notifications and patches/mitigations are available.
## How to Report a Potential Vulnerability?
If you would like to report a public issue (for example, one with a released CVE
number), please contact the meta-arm mailing list at
meta-arm@lists.yoctoproject.org and arm-security@arm.com.
If you are dealing with a not-yet released or urgent issue, please send a mail
to the maintainers (see README.md) and arm-security@arm.com, including as much
detail as possible. Encrypted emails using PGP are welcome.
For more information, please visit https://developer.arm.com/support/arm-security-updates/report-security-vulnerabilities.
## Branches maintained with security fixes
meta-arm follows the Yocto release model, so see
[https://wiki.yoctoproject.org/wiki/Stable_Release_and_LTS Stable release and
LTS] for detailed info regarding the policies and maintenance of stable
branches.
The [https://wiki.yoctoproject.org/wiki/Releases Release page] contains a list of all
releases of the Yocto Project. Versions in grey are no longer actively maintained with
security patches, but well-tested patches may still be accepted for them for
significant issues.
-6
View File
@@ -1,6 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-firmware.yml
-19
View File
@@ -1,19 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 11
includes:
- kas/arm-systemready-ir-acs.yml
env:
ACS_TEST: "0"
local_conf_header:
testimage: |
TESTIMAGE_AUTO = "${ACS_TEST}"
target:
- arm-systemready-ir-acs
- arm-systemready-linux-distros-debian
- arm-systemready-linux-distros-opensuse
- arm-systemready-linux-distros-fedora
+6
View File
@@ -0,0 +1,6 @@
header:
version: 9
local_conf_header:
cc: |
GCCVERSION = "arm-10.2"
+14 -13
View File
@@ -1,13 +1,11 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
distro: poky
defaults:
repos:
branch: scarthgap
refspec: hardknott
repos:
meta-arm:
@@ -17,7 +15,7 @@ repos:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/poky
url: https://git.yoctoproject.org/git/poky
layers:
meta:
meta-poky:
@@ -28,17 +26,20 @@ env:
local_conf_header:
base: |
CONF_VERSION = "2"
setup: |
CONF_VERSION = "1"
PACKAGE_CLASSES = "package_ipk"
PACKAGECONFIG:remove:pn-qemu-system-native = "gtk+ sdl"
PACKAGECONFIG:append:pn-perf = " coresight"
LICENSE_FLAGS_WHITELIST += "armcompiler"
PACKAGECONFIG_remove_pn-qemu-system-native = "gtk+ sdl"
EXTRA_IMAGE_FEATURES_append = " debug-tweaks"
BB_NUMBER_THREADS = "16"
PARALLEL_MAKE = "-j16"
INHERIT += "rm_work"
extrapackages: |
CORE_IMAGE_EXTRA_INSTALL += "perf opencsd"
CORE_IMAGE_EXTRA_INSTALL:append:aarch64 = " gator-daemon"
PACKAGECONFIG_append_pn-perf = " coresight"
noptest: |
DISTRO_FEATURES_remove = "ptest"
machine: unset
target:
- core-image-sato
- core-image-base
- perf
+9
View File
@@ -0,0 +1,9 @@
header:
version: 9
target:
- binutils-cross-aarch64
- gcc-cross-aarch64
- python3-native
- opkg-native
- rpm-native
+43
View File
@@ -0,0 +1,43 @@
#! /usr/bin/env python3
import argparse
import pathlib
import re
import subprocess
import sys
import yaml
if __name__ == "__main__":
parser = argparse.ArgumentParser()
parser.add_argument("config", type=argparse.FileType())
parser.add_argument("metaarm", type=pathlib.Path, help="Path to meta-arm")
parser.add_argument("others", type=pathlib.Path, help="Path to parent of dependencies")
args = parser.parse_args()
config = yaml.safe_load(args.config)
layers = config["layers"]
dependencies = config["dependencies"]
found_layers = [p for p in args.metaarm.glob("meta-*") if p.is_dir()]
print(f"Testing {len(layers)} layers: {', '.join(layers)}.")
print(f"Found {len(found_layers)} layers in meta-arm.")
print()
cli = ["yocto-check-layer-wrapper",]
cli.extend([args.metaarm / layer for layer in layers])
cli.append("--dependency")
cli.extend([args.others / layer for layer in dependencies])
passed = 0
process = subprocess.Popen(cli, stdout=subprocess.PIPE, stderr=subprocess.STDOUT, universal_newlines=True)
while True:
line = process.stdout.readline()
if process.poll() is not None:
break
print(line.strip())
if re.search(r"meta-.+ PASS", line):
passed += 1
print(f"Coverage: {int(passed / len(found_layers) * 100)}%")
sys.exit(process.returncode)
+7
View File
@@ -0,0 +1,7 @@
layers:
- meta-arm
- meta-arm-bsp
- meta-arm-toolchain
- meta-gem5
dependencies:
- meta-openembedded/meta-oe
+2 -4
View File
@@ -2,7 +2,6 @@
from pathlib import Path
import sys
from listmachines import list_machines
metaarm = Path.cwd()
@@ -10,10 +9,9 @@ if metaarm.name != "meta-arm":
print("Not running inside meta-arm")
sys.exit(1)
# Find all layers
layers = (p.name for p in metaarm.glob("meta-*") if p.is_dir())
# All machine configurations
machines = list_machines(layers)
machines = metaarm.glob("meta-*/conf/machine/*.conf")
machines = set(p.stem for p in machines)
# All kas files
kas = metaarm.glob("ci/*.yml")
+2 -13
View File
@@ -1,21 +1,10 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
repos:
meta-clang:
url: https://github.com/kraj/meta-clang
local_conf_header:
toolchain: |
clang: |
TOOLCHAIN = "clang"
PREFERRED_PROVIDER_llvm = "clang"
PREFERRED_PROVIDER_llvm-native = "clang-native"
PREFERRED_PROVIDER_nativesdk-llvm = "nativesdk-clang"
PROVIDES:pn-clang = "llvm"
PROVIDES:pn-clang-native = "llvm-native"
PROVIDES:pn-nativesdk-clang = "nativesdk-llvm"
# This is needed to stop bitbake getting confused about what clang/llvm is
# being used, see https://github.com/kraj/meta-clang/pull/766
BBMASK += "/meta/recipes-devtools/llvm/llvm.*\.bb"
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
- ci/meta-openembedded.yml
- ci/meta-secure-core.yml
- kas/corstone1000-image-configuration.yml
target:
- core-image-minimal
- perf
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- kas/corstone1000-firmware-only.yml
target:
- corstone1000-flash-firmware-image
- perf
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/corstone1000-common.yml
- ci/fvp.yml
machine: corstone1000-fvp
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/corstone1000-common.yml
machine: corstone1000-mps3
+6
View File
@@ -0,0 +1,6 @@
header:
version: 9
includes:
- base.yml
machine: corstone500
+10
View File
@@ -0,0 +1,10 @@
header:
version: 9
includes:
- base.yml
machine: corstone700-fvp
local_conf_header:
image: |
CORE_IMAGE_EXTRA_INSTALL = "corstone700-test-app"
+6
View File
@@ -0,0 +1,6 @@
header:
version: 9
includes:
- corstone700-fvp.yml
machine: corstone700-mps3
-21
View File
@@ -1,21 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
cve: |
INHERIT += "cve-check"
# Allow the runner environment to provide an API key
NVDCVE_API_KEY = "${@d.getVar('BB_ORIGENV').getVar('NVDCVE_API_KEY') or ''}"
# Just show the warnings for our layers
CVE_CHECK_SHOW_WARNINGS = "0"
CVE_CHECK_SHOW_WARNINGS:layer-arm-toolchain = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-bsp = "1"
CVE_CHECK_SHOW_WARNINGS:layer-meta-arm-systemready = "1"
# Ignore the kernel, we sometime carry kernels in meta-arm
CVE_CHECK_SHOW_WARNINGS:pn-linux-yocto = "0"
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
# Add universally helpful features when testing boards
local_conf_header:
debug: |
EXTRA_IMAGE_FEATURES:append = " debug-tweaks"
-31
View File
@@ -1,31 +0,0 @@
#! /usr/bin/env python3
"""
Download the lockfile.yml produced by a CI pipeline, specified by the GitLab
server, full name of the meta-arm project, and the refspec that was executed.
For example,
$ ./download-lockfile.py https://gitlab.com/ rossburton/meta-arm master
SPDX-FileCopyrightText: Copyright 2023 Arm Limited and Contributors
SPDX-License-Identifier: GPL-2.0-only
"""
import argparse
import gitlab
import io
import zipfile
parser = argparse.ArgumentParser()
parser.add_argument("server", help="GitLab server name")
parser.add_argument("project", help="meta-arm project name")
parser.add_argument("refspec", help="Branch/commit")
args = parser.parse_args()
gl = gitlab.Gitlab(args.server)
project = gl.projects.get(args.project)
artefact = project.artifacts.download(ref_name=args.refspec, job="update-repos")
z = zipfile.ZipFile(io.BytesIO(artefact))
z.extract("lockfile.yml")
print("Fetched lockfile.yml")
-19
View File
@@ -1,19 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
bootfirmware: |
PREFERRED_PROVIDER_virtual/bootloader = "edk2-firmware"
MACHINE_FEATURES += "efi"
TFA_UBOOT = "0"
TFA_UEFI = "1"
EXTRA_IMAGEDEPENDS += "edk2-firmware"
EFI_PROVIDER ?= "grub-efi"
QB_DEFAULT_BIOS = "QEMU_EFI.fd"
WKS_FILE ?= "efi-disk.wks.in"
failing_tests: |
TEST_SUITES:remove = "xorg"
+2 -7
View File
@@ -1,13 +1,8 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
local_conf_header:
cc: |
SKIP_RECIPE[gcc-cross-arm] = "Using external toolchain"
PNBLACKLIST[gcc-cross-arm] = "Using external toolchain"
TCMODE = "external-arm"
EXTERNAL_TOOLCHAIN = "${TOPDIR}/toolchains/${TARGET_ARCH}"
# Disable ptest as this pulls target compilers, which don't
# work with external toolchain currently
DISTRO_FEATURES:remove = "ptest"
+6
View File
@@ -0,0 +1,6 @@
header:
version: 9
includes:
- base.yml
machine: fvp-base-arm32
-34
View File
@@ -1,34 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/fvp-base.yml
- ci/meta-openembedded.yml
- ci/testimage.yml
local_conf_header:
trusted_services: |
# Enable the needed test suites
TEST_SUITES = " ping ssh trusted_services"
# Include all Secure Partitions into the image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its"
MACHINE_FEATURES:append = " ts-attestation ts-smm-gateway optee-spmc-test"
MACHINE_FEATURES:append = " ts-block-storage ts-fwu"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
CORE_IMAGE_EXTRA_INSTALL += "optee-test"
# Set the TS environment
TS_ENV="sp"
# Enable and configure semihosting
FVP_CONFIG[cluster0.cpu0.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu1.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu2.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster0.cpu3.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu0.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu1.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu2.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[cluster1.cpu3.semihosting-cwd] = "${DEPLOY_DIR_IMAGE}"
FVP_CONFIG[semihosting-enable] = "True"
+2 -8
View File
@@ -1,13 +1,7 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- ci/fvp.yml
- base.yml
machine: fvp-base
target:
- core-image-sato
- boot-wrapper-aarch64
+7
View File
@@ -0,0 +1,7 @@
header:
version: 9
includes:
- base.yml
machine: fvp-baser-aemv8r64
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
testimagefvp: |
LICENSE_FLAGS_ACCEPTED += "Arm-FVP-EULA"
IMAGE_CLASSES += "fvpboot"
failing_tests: |
# This fails but we can't add to the ignorelist from meta-arm yet
# https://bugzilla.yoctoproject.org/show_bug.cgi?id=14604
TEST_SUITES:remove = "parselogs"
TEST_SUITES:remove = "xorg"
-26
View File
@@ -1,26 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
# Simple target to build the FVPs that are publically available
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm64
local_conf_header:
license: |
LICENSE_FLAGS_ACCEPTED += "Arm-FVP-EULA"
sdk: |
SDKMACHINE = "x86_64"
target:
# Target packages to test aarch64
- fvp-base-a-aem
- fvp-corstone1000
# Nativesdk to test x86-64
- nativesdk-fvp-base-a-aem
- nativesdk-fvp-corstone1000
- nativesdk-fvp-n1-edge
- nativesdk-fvp-sgi575
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
local_conf_header:
toolchain: |
TOOLCHAIN = "gcc"
+28
View File
@@ -0,0 +1,28 @@
header:
version: 9
includes:
- base.yml
- meta-python.yml
repos:
meta-arm:
layers:
meta-gem5:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
layers:
meta-oe:
meta-filesystems:
meta-networking:
meta-virtualization:
url: git://git.yoctoproject.org/meta-virtualization
machine: gem5-arm64
local_conf_header:
meta-virt:
DISTRO_FEATURES_append = " virtualization xen"
target:
- xen-image-minimal
+21
View File
@@ -0,0 +1,21 @@
header:
version: 9
includes:
- base.yml
repos:
meta-arm:
layers:
meta-gem5:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
layers:
meta-oe:
machine: gem5-arm64
target:
- core-image-minimal
- perf
- gem5-aarch64-native
+15
View File
@@ -0,0 +1,15 @@
header:
version: 9
includes:
- gem5-arm64.yml
repos:
meta-arm:
layers:
meta-atp:
machine: gem5-atp-arm64
target:
- atp-native
- core-image-minimal
+6
View File
@@ -0,0 +1,6 @@
header:
version: 9
includes:
- base.yml
machine: generic-arm64
-18
View File
@@ -1,18 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
repos:
poky:
layers:
meta-yocto-bsp:
local_conf_header:
bootloader: |
# If running genericarm64 in a qemu we need to manually build the bootloader
EXTRA_IMAGEDEPENDS += "virtual/bootloader"
machine: genericarm64
+22 -27
View File
@@ -1,51 +1,46 @@
#!/bin/bash
set -u -e
set -u
BASENAME=arm-gnu-toolchain
VER=${VER:-13.2.Rel1}
HOST_ARCH=${HOST_ARCH:-$(uname -m)}
HOST_ARCH=$(uname -m)
VER="10.2-2020.11"
# Use the standard kas container locations if nothing is passed into the script
DOWNLOAD_DIR="${1:-/builds/persist/downloads/}"
TOOLCHAIN_DIR="${2:-/builds/persist//toolchains/}"
TOOLCHAIN_LINK_DIR="${3:-build/toolchains/}"
DOWNLOAD_DIR=$1
TOOLCHAIN_DIR=$2
TOOLCHAIN_LINK_DIR=$3
# These should be already created by .gitlab-ci.yml, but do here if run outside of that env
mkdir -p $DOWNLOAD_DIR $TOOLCHAIN_DIR $TOOLCHAIN_LINK_DIR
download() {
TRIPLE=$1
URL=https://developer.arm.com/-/media/Files/downloads/gnu/$VER/binrel/$BASENAME-$VER-$HOST_ARCH-$TRIPLE.tar.xz
wget -P $DOWNLOAD_DIR -nc $URL
}
if [ $HOST_ARCH = "aarch64" ]; then
# AArch64 Linux hosted cross compilers
#AArch64 Linux hosted cross compilers
# AArch32 target with hard float
download arm-none-linux-gnueabihf
#AArch32 target with hard float (arm-none-linux-gnueabihf)
wget -P $DOWNLOAD_DIR -nc https://developer.arm.com/-/media/Files/downloads/gnu-a/$VER/binrel/gcc-arm-$VER-$HOST_ARCH-arm-none-linux-gnueabihf.tar.xz
elif [ $HOST_ARCH = "x86_64" ]; then
# x86_64 Linux hosted cross compilers
#x86_64 Linux hosted cross compilers
# AArch32 target with hard float
download arm-none-linux-gnueabihf
#AArch32 target with hard float (arm-linux-none-gnueabihf)
wget -P $DOWNLOAD_DIR -nc https://developer.arm.com/-/media/Files/downloads/gnu-a/$VER/binrel/gcc-arm-$VER-$HOST_ARCH-arm-none-linux-gnueabihf.tar.xz
# AArch64 GNU/Linux target
download aarch64-none-linux-gnu
#AArch64 GNU/Linux target (aarch64-none-linux-gnu)
wget -P $DOWNLOAD_DIR -nc https://developer.arm.com/-/media/Files/downloads/gnu-a/$VER/binrel/gcc-arm-$VER-$HOST_ARCH-aarch64-none-linux-gnu.tar.xz
#AArch64 GNU/Linux target (aarch64_be-none-linux-gnu)
wget -P $DOWNLOAD_DIR -nc https://developer.arm.com/-/media/Files/downloads/gnu-a/$VER/binrel/gcc-arm-$VER-$HOST_ARCH-aarch64_be-none-linux-gnu.tar.xz
else
echo "ERROR - Unknown build arch of $HOST_ARCH"
exit 1
fi
for i in arm aarch64; do
if [ ! -d $TOOLCHAIN_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*/ ]; then
if [ ! -f $DOWNLOAD_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz ]; then
for i in arm aarch64 aarch64_be; do
if [ ! -d $TOOLCHAIN_DIR/gcc-arm-$VER-$HOST_ARCH-$i-none-linux-gnu*/ ]; then
if [ ! -f $DOWNLOAD_DIR/gcc-arm-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz ]; then
continue
fi
tar -C $TOOLCHAIN_DIR -axvf $DOWNLOAD_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz
tar -C $TOOLCHAIN_DIR -axvf $DOWNLOAD_DIR/gcc-arm-$VER-$HOST_ARCH-$i-none-linux-gnu*.tar.xz
fi
# Setup a link for the toolchain to use local to the building machine (e.g., not in a shared location)
ln -s $TOOLCHAIN_DIR/$BASENAME-$VER-$HOST_ARCH-$i-none-linux-gnu* $TOOLCHAIN_LINK_DIR/$i
ln -s $TOOLCHAIN_DIR/gcc-arm-$VER-$HOST_ARCH-$i-none-linux-gnu* $TOOLCHAIN_LINK_DIR/$i
done
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
local_conf_header:
libc: |
TCLIBC = "glibc"
+11 -35
View File
@@ -1,43 +1,19 @@
#! /bin/bash
# This script is expecting an input of machine name, optionally followed by a
# colon and a list of one or more parameters separated by commas between
# brackets. For example, the following are acceptable:
# corstone1000-mps3
# fvp-base: [testimage]
# qemuarm64-secureboot: [clang, glibc, testimage]
# This argument should be quoted to avoid expansion and to be handled
# as a single value.
#
# Any further arguments will be handled as further yml file basenames.
#
# Turn this list into a series of yml files separated by colons to pass to kas
# Read a GitLab CI job name on $1 and transform it to a
# list of Kas yaml files
set -e -u
# First, parse the GitLab CI job name (CI_JOB_NAME via $1) and accumulate a list
# of Kas files.
JOBNAME="$1"
shift
# Read Job namne from $1 and split on /
IFS=/ read -r -a PARTS<<<$1
# The base name of the job
FILES="ci/$(echo $JOBNAME | cut -d ':' -f 1).yml"
# Prefix each part with ci/
PARTS=("${PARTS[@]/#/ci/}")
# The list of matrix variations
for i in $(echo $JOBNAME | cut -s -d ':' -f 2 | sed 's/[][,]//g'); do
# Given that there are no yml files for gcc or glibc, as those are the
# defaults, we can simply ignore those parameters. They are necessary
# to pass in so that matrix can correctly setup all of the permutations
# of each individual run.
if [[ $i == 'none' ]]; then
continue
fi
FILES+=":ci/$i.yml"
done
# Suffix each part with .yml
PARTS=("${PARTS[@]/%/.yml}")
# Now pick up any further names
for i in $*; do
FILES+=":ci/$i.yml"
done
echo $FILES
# Print colon-separated
IFS=":"
echo "${PARTS[*]}"
+2 -4
View File
@@ -1,8 +1,6 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- base.yml
machine: juno
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
kernel: |
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-dev"
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
kernel: |
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-rt"
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
#NOTE: This is the default for poky. This is only being added for completeness/clarity
local_conf_header:
kernel: |
PREFERRED_PROVIDER_virtual/kernel = "linux-yocto"
-29
View File
@@ -1,29 +0,0 @@
#! /usr/bin/env python3
import pathlib
import typing
import sys
"""
List all of the machines available under the listed sub-layers of meta-arm.
"""
def list_machines(layers: typing.Sequence[str]) -> typing.Set[str]:
machines = set()
# We know we're in meta-arm/scripts, so find the top-level directory
metaarm = pathlib.Path(__file__).resolve().parent.parent
if metaarm.name != "meta-arm":
raise Exception("Not running inside meta-arm")
for layer in layers:
machines |= set(p.stem for p in (metaarm / layer / "conf" / "machine").glob("*.conf"))
return machines
if __name__ == "__main__":
if len(sys.argv) > 1:
machines = list_machines(sys.argv[1:])
print(" ".join(sorted(machines)))
sys.exit(0)
else:
print("Usage:\n$ %s [layer name ...] " % sys.argv[0])
sys.exit(1)
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
repos:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
layers:
meta-filesystems:
meta-networking:
meta-oe:
meta-python:
meta-perl:
+9
View File
@@ -0,0 +1,9 @@
header:
version: 9
repos:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
layers:
meta-oe:
meta-python:
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
repos:
meta-secure-core:
url: https://github.com/Wind-River/meta-secure-core.git
layers:
meta-secure-core-common:
meta-signing-key:
meta-efi-secure-boot:
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
repos:
meta-virtualization:
url: https://git.yoctoproject.org/meta-virtualization
+8
View File
@@ -0,0 +1,8 @@
header:
version: 9
includes:
- meta-python.yml
repos:
meta-zephyr:
url: https://git.yoctoproject.org/git/meta-zephyr
+10
View File
@@ -0,0 +1,10 @@
header:
version: 9
includes:
- base.yml
- meta-zephyr.yml
machine: microbit-v1
target:
- zephyr-philosophers
+4 -5
View File
@@ -1,12 +1,11 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- ci/meta-openembedded.yml
- base.yml
- meta-zephyr.yml
machine: musca-b1
target:
- trusted-firmware-m
- zephyr-philosophers
+3 -5
View File
@@ -1,10 +1,8 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- ci/meta-openembedded.yml
- base.yml
- meta-python.yml
machine: musca-s1
+1 -3
View File
@@ -1,7 +1,5 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
local_conf_header:
libc: |
-14
View File
@@ -1,14 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
# Config specific for the optee-xtests
local_conf_header:
optee-test: |
# Include ARM FFA
MACHINE_FEATURES:append = " arm-ffa"
# Include trusted services
TEST_SUITES:append = " trusted_services"
# Include Optee xtests
IMAGE_INSTALL:append = " optee-test"
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
local_conf_header:
trusted_services: |
TEST_SUITES:append = " trusted_services"
# Include TS Crypto, TS Protected Storage, TS Internal and Trusted Storage SPs into optee-os image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
+2 -8
View File
@@ -1,12 +1,6 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- base.yml
machine: n1sdp
local_conf_header:
unsupported_trusted_services: |
MACHINE_FEATURES:remove = "ts-smm-gateway"
-286
View File
@@ -1,286 +0,0 @@
#! /usr/bin/env python3
#
# SPDX-License-Identifier: GPL-2.0-only
#
# TODO
# - option to just list all broken files
# - test suite
# - validate signed-off-by
import argparse
import collections
import json
import os
import re
import subprocess
status_values = (
"accepted",
"pending",
"inappropriate",
"backport",
"submitted",
"denied",
)
class PatchResult:
# Whether the patch has an Upstream-Status or not
missing_upstream_status = False
# If the Upstream-Status tag is malformed in some way (string for bad bit)
malformed_upstream_status = None
# If the Upstream-Status value is unknown (boolean)
unknown_upstream_status = False
# The upstream status value (Pending, etc)
upstream_status = None
# Whether the patch has a Signed-off-by or not
missing_sob = False
# Whether the Signed-off-by tag is malformed in some way
malformed_sob = False
# The Signed-off-by tag value
sob = None
# Whether a patch looks like a CVE but doesn't have a CVE tag
missing_cve = False
class Summary:
total = 0
cve_missing = 0
sob_missing = 0
sob_malformed = 0
status_missing = 0
status_malformed = 0
status_pending = 0
def blame_patch(patch):
"""
From a patch filename, return a list of "commit summary (author name <author
email>)" strings representing the history.
"""
return subprocess.check_output(("git", "log",
"--follow", "--find-renames", "--diff-filter=A",
"--format=%s (%aN <%aE>)",
"--", patch)).decode("utf-8").splitlines()
def patchreview(patches):
# General pattern: start of line, optional whitespace, tag with optional
# hyphen or spaces, maybe a colon, some whitespace, then the value, all case
# insensitive.
sob_re = re.compile(r"^[\t ]*(Signed[-_ ]off[-_ ]by:?)[\t ]*(.+)", re.IGNORECASE | re.MULTILINE)
status_re = re.compile(r"^[\t ]*(Upstream[-_ ]Status:?)[\t ]*(\w*)", re.IGNORECASE | re.MULTILINE)
cve_tag_re = re.compile(r"^[\t ]*(CVE:)[\t ]*(.*)", re.IGNORECASE | re.MULTILINE)
cve_re = re.compile(r"cve-[0-9]{4}-[0-9]{4,6}", re.IGNORECASE)
results = {}
for patch in patches:
result = PatchResult()
results[patch] = result
content = open(patch, encoding="ascii", errors="ignore").read()
# Find the Signed-off-by tag
match = sob_re.search(content)
if match:
value = match.group(1)
if value != "Signed-off-by:":
result.malformed_sob = value
result.sob = match.group(2)
else:
result.missing_sob = True
# Find the Upstream-Status tag
match = status_re.search(content)
if match:
value = match.group(1)
if value != "Upstream-Status:":
result.malformed_upstream_status = value
value = match.group(2).lower()
# TODO: check case
if value not in status_values:
result.unknown_upstream_status = True
result.upstream_status = value
else:
result.missing_upstream_status = True
# Check that patches which looks like CVEs have CVE tags
if cve_re.search(patch) or cve_re.search(content):
if not cve_tag_re.search(content):
result.missing_cve = True
# TODO: extract CVE list
return results
def analyse(results, want_blame=False, verbose=True):
"""
want_blame: display blame data for each malformed patch
verbose: display per-file results instead of just summary
"""
# want_blame requires verbose, so disable blame if we're not verbose
if want_blame and not verbose:
want_blame = False
summary = Summary()
for patch in sorted(results):
r = results[patch]
summary.total += 1
need_blame = False
# Build statistics
if r.missing_sob:
summary.sob_missing += 1
if r.malformed_sob:
summary.sob_malformed += 1
if r.missing_upstream_status:
summary.status_missing += 1
if r.malformed_upstream_status or r.unknown_upstream_status:
summary.status_malformed += 1
# Count patches with no status as pending
summary.status_pending += 1
if r.missing_cve:
summary.cve_missing += 1
if r.upstream_status == "pending":
summary.status_pending += 1
# Output warnings
if r.missing_sob:
need_blame = True
if verbose:
print("Missing Signed-off-by tag (%s)" % patch)
if r.malformed_sob:
need_blame = True
if verbose:
print("Malformed Signed-off-by '%s' (%s)" % (r.malformed_sob, patch))
if r.missing_cve:
need_blame = True
if verbose:
print("Missing CVE tag (%s)" % patch)
if r.missing_upstream_status:
need_blame = True
if verbose:
print("Missing Upstream-Status tag (%s)" % patch)
if r.malformed_upstream_status:
need_blame = True
if verbose:
print("Malformed Upstream-Status '%s' (%s)" % (r.malformed_upstream_status, patch))
if r.unknown_upstream_status:
need_blame = True
if verbose:
print("Unknown Upstream-Status value '%s' (%s)" % (r.upstream_status, patch))
if want_blame and need_blame:
print("\n".join(blame_patch(patch)) + "\n")
return summary
def display_summary(summary, verbose):
def percent(num):
try:
return "%d (%d%%)" % (num, round(num * 100.0 / summary.total))
except ZeroDivisionError:
return "N/A"
if verbose:
print()
print("""Total patches found: %d
Patches missing Signed-off-by: %s
Patches with malformed Signed-off-by: %s
Patches missing CVE: %s
Patches missing Upstream-Status: %s
Patches with malformed Upstream-Status: %s
Patches in Pending state: %s""" % (summary.total,
percent(summary.sob_missing),
percent(summary.sob_malformed),
percent(summary.cve_missing),
percent(summary.status_missing),
percent(summary.status_malformed),
percent(summary.status_pending)))
def generate_metrics(summary, output):
# https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md
# Summary attribute name, MetricPoint help
mapping = (
("total", "Total patches"),
("cve_missing", "Patches missing CVE tag"),
("sob_malformed", "Patches with malformed Signed-off-by"),
("sob_missing", "Patches with missing Signed-off-by"),
("status_malformed", "Patches with malformed Upstream-Status"),
("status_missing", "Patches with missing Upstream-Status"),
("status_pending", "Patches with Pending Upstream-Status")
)
for attr, help in mapping:
metric = f"patch_check_{attr}"
value = getattr(summary, attr)
output.write(f"""
# TYPE {metric} gauge
# HELP {help}
{metric} {value}
""")
output.write("\n# EOF\n")
def histogram(results):
import math
from toolz import dicttoolz, recipes
counts = recipes.countby(lambda r: r.upstream_status, results.values())
bars = dicttoolz.valmap(lambda v: "#" * int(math.ceil(float(v) / len(results) * 100)), counts)
for k in bars:
print("%-20s %s (%d)" % (k.capitalize() if k else "No status", bars[k], counts[k]))
def gather_patches(directories):
patches = []
for directory in directories:
filenames = subprocess.check_output(("git", "-C", directory, "ls-files", "recipes-*/**/*.patch", "recipes-*/**/*.diff")).decode("utf-8").split()
patches += [os.path.join(directory, f) for f in filenames]
return patches
if __name__ == "__main__":
args = argparse.ArgumentParser(description="Patch Review Tool")
args.add_argument("-b", "--blame", action="store_true", help="show blame for malformed patches")
args.add_argument("-v", "--verbose", action="store_true", help="show per-patch results")
args.add_argument("-g", "--histogram", action="store_true", help="show patch histogram")
args.add_argument("-j", "--json", help="update JSON")
args.add_argument("-m", "--metrics", type=argparse.FileType('w'), help="write OpenMetrics")
args.add_argument("dirs", metavar="DIRECTORY", nargs="+", help="directory to scan")
args = args.parse_args()
patches = gather_patches(args.dirs)
results = patchreview(patches)
summary = analyse(results, want_blame=args.blame, verbose=args.verbose)
display_summary(summary, verbose=args.verbose)
if args.json:
if os.path.isfile(args.json):
data = json.load(open(args.json))
else:
data = []
row = collections.Counter()
row["total"] = len(results)
row["date"] = subprocess.check_output(["git", "-C", args.dirs[0], "show", "-s", "--pretty=format:%cd", "--date=format:%s"]).decode("utf-8").strip()
for r in results.values():
if r.upstream_status in status_values:
row[r.upstream_status] += 1
if r.malformed_upstream_status or r.missing_upstream_status:
row["malformed-upstream-status"] += 1
if r.malformed_sob or r.missing_sob:
row["malformed-sob"] += 1
data.append(row)
json.dump(data, open(args.json, "w"))
if args.metrics:
generate_metrics(summary, args.metrics)
if args.histogram:
print()
histogram(results)
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
distro: poky-tiny
local_conf_header:
hacking: |
TEST_SUITES = "_qemutiny ping"
extrapackages: |
# Intentionally blank to prevent perf from being added to the image in base.yml
target:
- core-image-minimal
- perf
-6
View File
@@ -1,6 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
distro: poky
+10
View File
@@ -0,0 +1,10 @@
header:
version: 9
includes:
- base.yml
- meta-zephyr.yml
machine: qemu-cortex-a53
target:
- zephyr-philosophers
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm-secureboot
target:
- core-image-base
local_conf_header:
optee: |
IMAGE_INSTALL:append = " optee-test optee-client optee-os-ta"
TEST_SUITES:append = " optee ftpm"
+2 -4
View File
@@ -1,8 +1,6 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- base.yml
machine: qemuarm
+11
View File
@@ -0,0 +1,11 @@
header:
version: 9
includes:
- base.yml
machine: qemuarm64-sbsa
target:
- core-image-base
- perf
- sbsa-acs
-16
View File
@@ -1,16 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-openembedded.yml
local_conf_header:
trusted_services: |
TEST_SUITES:append = " trusted_services"
# Include TS Crypto, TS Protected Storage, TS Internal Trusted Storage and SMM-Gateway SPs into optee-os image
MACHINE_FEATURES:append = " arm-ffa ts-crypto ts-storage ts-its ts-smm-gateway"
# Include TS demo/test tools into image
IMAGE_INSTALL:append = " packagegroup-ts-tests"
# Include TS PSA Arch tests into image
IMAGE_INSTALL:append = " packagegroup-ts-tests-psa"
+9 -9
View File
@@ -1,16 +1,16 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- base.yml
machine: qemuarm64-secureboot
local_conf_header:
bugs: |
# Only ping until errors can be resolved
TEST_SUITES = "ping"
target:
- core-image-base
local_conf_header:
optee: |
IMAGE_INSTALL:append = " optee-test optee-client optee-os-ta"
TEST_SUITES:append = " optee ftpm"
- perf
- optee-examples
-8
View File
@@ -1,8 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: qemuarm64
+7 -4
View File
@@ -1,8 +1,11 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- base.yml
machine: qemuarmv5
local_conf_header:
bugs: |
# Remove parselogs until errors can be resolved
TEST_SUITES_remove = "parselogs"
-12
View File
@@ -1,12 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
machine: sbsa-ref
target:
- core-image-sato
- sbsa-acs
-9
View File
@@ -1,9 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
setup: |
BB_LOGCONFIG = ""
SANITY_TESTED_DISTROS = ""
+2 -4
View File
@@ -1,8 +1,6 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
version: 9
includes:
- ci/base.yml
- base.yml
machine: sgi575
-11
View File
@@ -1,11 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
sstate_mirror: |
BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws"
SSTATE_MIRRORS = "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
BB_HASHSERVE = "auto"
BB_SIGNATURE_HANDLER = "OEEquivHash"
+6
View File
@@ -0,0 +1,6 @@
header:
version: 9
includes:
- base.yml
machine: tc0
+9 -13
View File
@@ -1,21 +1,17 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/debug.yml
version: 9
local_conf_header:
testimage: |
IMAGE_CLASSES += "testimage"
TESTIMAGE_AUTO = "1"
kvm: |
QEMU_USE_KVM = ""
slirp: |
TEST_RUNQEMUPARAMS = "slirp"
sshd: |
IMAGE_FEATURES += "ssh-server-dropbear"
sshkeys: |
CORE_IMAGE_EXTRA_INSTALL += "ssh-pregen-hostkeys"
universally_failing_tests: |
TEST_SUITES:remove = "opkg"
TEST_SERVER_IP = "127.0.0.1"
QEMU_USE_SLIRP = "1"
packages: |
IMAGE_FEATURES_append = " ssh-server-dropbear"
# Multiple targets are available, put it down to just one
target:
- core-image-base
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
tftf: |
TFA_UBOOT = "0"
TFA_UEFI = "0"
TFTF_TESTS = "1"
-20
View File
@@ -1,20 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/base.yml
# Target is arm64 and SDK is x86-64 to ensure that we exercise both
# architectures
machine: qemuarm64
local_conf_header:
toolchains: |
SDKMACHINE = "x86_64"
target:
- gcc-aarch64-none-elf
- nativesdk-gcc-aarch64-none-elf
- gcc-arm-none-eabi
- nativesdk-gcc-arm-none-eabi
-10
View File
@@ -1,10 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
local_conf_header:
bootfirmware: |
PREFERRED_PROVIDER_virtual/bootloader = "u-boot"
TFA_UBOOT = "1"
TFA_UEFI = "0"
+5 -18
View File
@@ -4,7 +4,6 @@
import sys
import os
import shutil
import subprocess
import pathlib
@@ -20,9 +19,10 @@ def repo_shortname(url):
.replace('*', '.'))
repositories = (
"https://git.yoctoproject.org/poky",
"https://git.yoctoproject.org/git/poky",
"https://git.openembedded.org/meta-openembedded",
"https://git.yoctoproject.org/meta-virtualization",
"https://git.yoctoproject.org/git/meta-virtualization",
"https://git.yoctoproject.org/git/meta-zephyr",
"https://github.com/kraj/meta-clang",
)
@@ -32,25 +32,12 @@ if __name__ == "__main__":
sys.exit(1)
base_repodir = pathlib.Path(os.environ["KAS_REPO_REF_DIR"])
failed = False
for repo in repositories:
repodir = base_repodir / repo_shortname(repo)
if "CI_CLEAN_REPOS" in os.environ:
print("Cleaning %s..." % repo)
shutil.rmtree(repodir, ignore_errors=True)
if repodir.exists():
try:
print("Updating %s..." % repo)
subprocess.run(["git", "-C", repodir, "-c", "gc.autoDetach=false", "fetch"], check=True)
except subprocess.CalledProcessError as e:
print(e)
failed = True
print("Updating %s..." % repo)
subprocess.run(["git", "-C", repodir, "fetch"], check=True)
else:
print("Cloning %s..." % repo)
subprocess.run(["git", "clone", "--bare", repo, repodir], check=True)
if failed:
sys.exit(128)
-13
View File
@@ -1,13 +0,0 @@
# yaml-language-server: $schema=https://raw.githubusercontent.com/siemens/kas/master/kas/schema-kas.json
header:
version: 14
includes:
- ci/meta-virtualization.yml
local_conf_header:
meta-virt: |
DISTRO_FEATURES:append = " virtualization xen"
target:
- xen-image-minimal
-49
View File
@@ -1,49 +0,0 @@
# OEQA on Arm FVPs
OE-Core's [oeqa][OEQA] framework provides a method of performing runtime tests on machines using the `testimage` Yocto task. meta-arm has good support for writing test cases against [Arm FVPs][FVP], meaning the [runfvp][RUNFVP] boot configuration can be re-used.
Tests can be configured to run automatically post-build by setting the variable `TESTIMAGE_AUTO="1"`, e.g. in your Kas file or local.conf.
meta-arm provides the OEFVPTarget which must be set up in the machine configuration:
```
TEST_TARGET = "OEFVPTarget"
TEST_SERVER_IP = "127.0.0.1"
TEST_TARGET_IP = "127.0.0.1:2222"
IMAGE_FEATURES:append = " ssh-server-dropbear"
FVP_CONFIG[bp.virtio_net.hostbridge.userNetPorts] ?= "2222=22"
FVP_CONSOLES[default] = "terminal_0"
FVP_CONSOLES[tf-a] = "s_terminal_0"
```
The test target also generates a log file with the prefix 'fvp_log' in the image recipe's `${WORKDIR}/testimage` containing the FVP's stdout.
OEFVPTarget supports two different test interfaces - SSH and pexpect.
## SSH
As in OEQA in OE-core, tests cases can run commands on the machine using SSH. It therefore requires that an SSH server is installed in the image.
This uses the `run` method on the target, e.g:
```
(status, output) = self.target.run('uname -a')
```
which executes a single command on the target (using `ssh -c`) and returns the status code and the output. It is therefore useful for running tests in a Linux environment.
For examples of test cases, see meta/lib/oeqa/runtime/cases in OE-Core. The majority of test cases depend on `ssh.SSHTest.test_ssh`, which first validates that the SSH connection is functioning.
## pexpect
To support firmware and baremetal testing, OEFVPTarget also allows test cases to make assertions against one or more consoles using the pexpect library.
Internally, this test target launches a [Pexpect][PEXPECT] instance for each entry in FVP_CONSOLES which can be used with the provided alias. The whole Pexpect API is exposed on the target, where the alias is always passed as the first argument, e.g.:
```
self.target.expect('default', r'root@.*\:~#', timeout=30)
self.assertNotIn(b'ERROR:', self.target.before('tf-a'))
```
For an example of a full test case, see meta-arm/lib/oeqa/runtime/cases/linuxboot.py This test case can be used to minimally verify that a machine boots to a Linux shell. The default timeout is 10 minutes, but this can be configured with the variable TEST_FVP_LINUX_BOOT_TIMEOUT, which expects a value in seconds.
[OEQA]: https://docs.yoctoproject.org/test-manual/intro.html
[FVP]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms
[RUNFVP]: runfvp.md
[PEXPECT]: https://pexpect.readthedocs.io/en/stable/overview.html
-131
View File
@@ -1,131 +0,0 @@
# Running Images with a FVP
The `runfvp` tool in meta-arm makes it easy to run Yocto Project disk images inside a [Fixed Virtual Platform (FVP)][FVP]. Some FVPs, such as the [Arm Architecture Models][AEM], are available free to download, but others need registration or are only available commercially. The `fvp-base` machine in meta-arm-bsp uses one of these AEM models.
## Running images with `runfvp`
To build images with the FVP integration, the `fvpboot` class needs to be inherited. If the machine does not do this explicitly it can be done in `local.conf`:
```
INHERIT += "fvpboot"
```
The class will download the correct FVP and write a `.fvpconf` configuration file when an image is built.
To run an image in a FVP, pass either a machine name or a `.fvpconf` path to `runfvp`.
```
$ ./meta-arm/scripts/runfvp tmp/deploy/images/fvp-base/core-image-minimal-fvp-base.fvpconf
```
When a machine name is passed, `runfvp` will start the latest image that has been built for that machine. This requires that the BitBake environment has been initialized (using `oe-init-build-env` or similar) as it will start BitBake to determine where the images are.
```
$ ./meta-arm/scripts/runfvp fvp-base
```
Note that currently meta-arm's `scripts` directory isn't in `PATH`, so a full path needs to be used.
`runfvp` will automatically start terminals connected to each of the serial ports that the machine specifies. This can be controlled by using the `--terminals` option, for example `--terminals=none` will mean no terminals are started, and `--terminals=tmux` will start the terminals in [`tmux`][tmux] sessions. Alternatively, passing `--console` will connect the serial port directly to the current session, without needing to open further windows.
The default terminal can also be configured by writing a [INI-style][INI] configuration file to `~/.config/runfvp.conf`:
```
[RunFVP]
Terminal=tmux
```
Arbitrary options can be passed directly to the FVP by specifying them after a double dash, for example this will list all of the FVP parameters:
```
$ runfvp fvp-base -- --list-params
```
## Configuring machines with `fvpboot`
To configure a machine so that it can be ran inside `runfvp`, a number of variables need to be set in the machine configuration file (such as `meta-arm-bsp/conf/machine/fvp-base.conf`).
Note that at present these variables are not stable and their behaviour may be changed in the future.
### `FVP_EXE`
The name of the FVP binary itself, for example `fvp-base` uses `FVP_Base_RevC-2xAEMvA`.
### `FVP_PROVIDER`
The name of the recipe that provides the FVP executable set in `FVP_EXE`, for example `fvp-base` uses `fvp-base-a-aem-native`. This *must* be a `-native` recipe as the binary will be executed on the build host.
There are recipes for common FVPs in meta-arm already, and writing new recipes is trivial. For FVPs which are free to download `fvp-base-a-aem.bb` is a good example. Some FVPs must be downloaded separately as they need an account on Arm's website.
If `FVP_PROVIDER` is not set then it is assumed that `FVP_EXE` is installed on the host already.
### `FVP_CONFIG`
Parameters passed to the FVP with the `--parameter`/`-C` option. These are expressed as variable flags so individual parameters can be altered easily. For example:
```
FVP_CONFIG[bp.flashloader0.fname] = "fip-fvp.bin"
```
### `FVP_DATA`
Specify raw data to load at the specified address, passed to the FVP with the `--data` option. This is a space-separated list of parameters in the format `[INST=]FILE@[MEMSPACE:]ADDRESS`. For example:
```
FVP_DATA = "cluster0.cpu0=Image@0x80080000 \
cluster0.cpu0=fvp-base-revc.dtb@0x83000000"
```
### `FVP_APPLICATIONS`
Applications to load on the cores, passed to the FVP with the `--application` option. These are expressed as variable flags with the flag name being the instance and flag value the filename, for example:
```
FVP_APPLICATIONS[cluster0] = "linux-system.axf"
```
Note that symbols are not allowed in flag names, so if you need to use a wildcard in the instance then you'll need to use `FVP_EXTRA_ARGS` and `--application` directly.
### `FVP_TERMINALS`
Map hardware serial ports to abstract names. For example the `FVP_Base_RevC-2xAEMvA` FVP exposes four serial ports, `terminal_0` to `terminal_3`. Typically only `terminal_0` is used in the `fvp-base` machine so this can be named `"Console"` and the others `""`. When runfvp starts terminals it will only start named serial ports, so instead of opening four windows where only one is useful, it will only open one.
For example:
```
FVP_TERMINALS[bp.terminal_0] = "Console"
FVP_TERMINALS[bp.terminal_1] = ""
FVP_TERMINALS[bp.terminal_2] = ""
FVP_TERMINALS[bp.terminal_3] = ""
```
### `FVP_CONSOLES`
This specifies what serial ports can be used in oeqa tests, along with an alias to be used in the test cases. Note that the values have to be the FVP identifier but without the board prefix, for example:
```
FVP_CONSOLES[default] = "terminal_0"
FVP_CONSOLES[tf-a] = "s_terminal_0"
```
The 'default' console is also used when `--console` is passed to runfvp.
### `FVP_EXTRA_ARGS`
Arbitrary extra arguments that are passed directly to the FVP. For example:
```
FVP_EXTRA_ARGS = "--simlimit 60"
```
### `FVP_ENV_PASSTHROUGH`
The FVP is launched with an isolated set of environment variables. Add the name of a Bitbake variable to this list to pass it through to the FVP environment. For example:
```
FVP_ENV_PASSTHROUGH = "ARMLMD_LICENSE_FILE FM_TRACE_PLUGINS"
```
[AEM]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms/arm-ecosystem-models
[FVP]: https://developer.arm.com/tools-and-software/simulation-models/fixed-virtual-platforms
[tmux]: https://tmux.github.io/
[INI]: https://docs.python.org/3/library/configparser.html
-70
View File
@@ -1,70 +0,0 @@
# The Trusted Services: framework for developing root-of-trust services
meta-arm layer includes recipes for [Trusted Services][^1] Secure Partitions and Normal World applications
in `meta-arm/recipes-security/trusted-services`
## Secure Partitions recipes
We define dedicated recipes for all supported Trusted Services (TS) Secure Partitions.
These recipes produce ELF and DTB files for SPs.
These files are automatically included into optee-os image accordingly to defined MACHINE_FEATURES.
### How to include TS SPs
To include TS SPs into optee-os image you need to add into MACHINE_FEATURES
features for each [Secure Partition][^2] you would like to include:
| Secure Partition | MACHINE_FEATURE |
| ----------------- | --------------- |
| Attestation | ts-attesation |
| Crypto | ts-crypto |
| Firmware Update | ts-fwu
| Internal Storage | ts-its |
| Protected Storage | ts-storage |
| se-proxy | ts-se-proxy |
| smm-gateway | ts-smm-gateway |
| spm-test[1-4] | optee-spmc-test |
Other steps depend on your machine/platform definition:
1. For communications between Secure and Normal Words Linux kernel option `CONFIG_ARM_FFA_TRANSPORT=y`
is required. If your platform doesn't include it already you can add `arm-ffa` into MACHINE_FEATURES.
(Please see ` meta-arm/recipes-kernel/arm-tstee`.)
For running the `uefi-test` or the `xtest -t ffa_spmc` tests under Linux the `arm-ffa-user` drivel is required. This is
enabled if the `ts-smm-gateway` and/or the `optee-spmc-test` machine features are enabled.
(Please see ` meta-arm/recipes-kernel/arm-ffa-user`.)
2. optee-os might require platform specific OP-TEE build parameters (for example what SEL the SPM Core is implemented at).
You can find examples in `meta-arm/recipes-security/optee/optee-os_%.bbappend` for qemuarm64-secureboot machine
and in `meta-arm-bsp/recipes-security/optee/optee-os-n1sdp.inc` and `meta-arm-bsp/recipes-security/optee/optee-os-corstone1000-common.inc`
for N1SDP and Corstone1000 platforms accordingly.
3. trusted-firmware-a might require platform specific TF-A build parameters (SPD and SPMC details on the platform).
See `meta-arm/recipes-bsp/trusted-firmware-a/trusted-firmware-a_%.bbappend` for qemuarm64-secureboot machine
and in `meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-n1sdp.inc` and
`meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-corstone1000.inc` for N1SDP and Corstone1000 platforms.
4. Trusted Services supports an SPMC agonistic binary format. To build SPs to this format the `TS_ENV` variable is to be
set to `sp`. The resulting SP binaries should be able to boot under any FF-A v1.1 compliant SPMC implementation.
## Normal World applications
Optionally for testing purposes you can add `packagegroup-ts-tests` into your image. It includes
[Trusted Services test and demo tools][^3] and [xtest][^4] configured to include the `ffa_spmc` tests.
## OEQA Trusted Services tests
meta-arm also includes Trusted Service OEQA tests which can be used for automated testing.
See `ci/trusted-services.yml` for an example how to include them into an image.
------
[^1]: https://trusted-services.readthedocs.io/en/integration/overview/index.html
[^2]: https://trusted-services.readthedocs.io/en/integration/deployments/secure-partitions.html
[^3]: https://trusted-services.readthedocs.io/en/integration/deployments/test-executables.html
[^4]: https://optee.readthedocs.io/en/latest/building/gits/optee_test.html
-12
View File
@@ -1,12 +0,0 @@
header:
version: 13
repos:
meta-arm:
layers:
meta-arm-systemready:
distro: nodistro
target:
- arm-systemready-firmware
-12
View File
@@ -1,12 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
env:
TESTIMAGE_AUTO: "1"
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
target:
- arm-systemready-ir-acs
@@ -1,7 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
target:
- arm-systemready-linux-distros-debian
@@ -1,8 +0,0 @@
header:
version: 16
includes:
- kas/arm-systemready-firmware.yml
- kas/arm-systemready-linux-distros-unattended-installation.yml
target:
- arm-systemready-linux-distros-fedora
@@ -1,8 +0,0 @@
header:
version: 13
includes:
- kas/arm-systemready-firmware.yml
- kas/arm-systemready-linux-distros-unattended-installation.yml
target:
- arm-systemready-linux-distros-opensuse
@@ -1,11 +0,0 @@
header:
version: 16
env:
DISTRO_UNATTENDED_INST_TESTS:
# The full testimage run typically takes around 12-24h on fvp-base.
TEST_OVERALL_TIMEOUT: "${@ 24*60*60}"
local_conf_header:
systemready-unattended-inst: |
TESTIMAGE_AUTO = "${@oe.utils.vartrue("DISTRO_UNATTENDED_INST_TESTS", "1", "", d)}"
-53
View File
@@ -1,53 +0,0 @@
header:
version: 14
distro: poky
defaults:
repos:
branch: scarthgap
repos:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
commit: c5df9c829a549ca002c36afd6bdf23639831502e
layers:
meta:
meta-poky:
meta-openembedded:
url: https://git.openembedded.org/meta-openembedded
commit: 6de0ab744341ad61b0661aa28d78dc6767ce0786
layers:
meta-oe:
meta-python:
meta-perl:
meta-secure-core:
url: https://github.com/wind-river/meta-secure-core.git
commit: 13cb4867fb1245581c80da3b94b72c4b4f15d67e
layers:
meta-secure-core-common:
meta-signing-key:
meta-efi-secure-boot:
local_conf_header:
base: |
CONF_VERSION = "2"
setup: |
PACKAGE_CLASSES = "package_ipk"
BB_NUMBER_THREADS ?= "16"
PARALLEL_MAKE ?= "-j16"
PACKAGECONFIG:append:pn-perf = " coresight"
machine: unset
target:
- corstone1000-flash-firmware-image
-6
View File
@@ -1,6 +0,0 @@
header:
version: 14
local_conf_header:
extsys: |
MACHINE_FEATURES += "corstone1000-extsys"
-23
View File
@@ -1,23 +0,0 @@
---
header:
version: 14
local_conf_header:
firmwarebuild: |
BBMULTICONFIG:remove = "firmware"
# Need to ensure the rescue linux options are selected
OVERRIDES .= ":firmware"
# Need to ensure we build with a small libc
TCLIBC="musl"
mass-storage: |
# Ensure the Mass Storage device is absent
FVP_CONFIG[board.msd_mmc.p_mmc_file] = "invalid.dat"
test-configuration: |
TEST_SUITES = "_qemutiny ping"
# Remove Dropbear SSH as it will not fit into the corstone1000 image.
IMAGE_FEATURES:remove = "ssh-server-dropbear"
CORE_IMAGE_EXTRA_INSTALL:remove = "ssh-pregen-hostkeys"
-22
View File
@@ -1,22 +0,0 @@
header:
version: 14
includes:
- kas/corstone1000-base.yml
- kas/corstone1000-image-configuration.yml
- kas/corstone1000-firmware-only.yml
- kas/fvp-eula.yml
env:
DISPLAY:
WAYLAND_DISPLAY:
XAUTHORITY:
local_conf_header:
testimagefvp: |
IMAGE_CLASSES += "fvpboot"
mass-storage: |
# Ensure the Mass Storage device is absent
FVP_CONFIG[board.msd_mmc.p_mmc_file] = "invalid.dat"
machine: corstone1000-fvp
-49
View File
@@ -1,49 +0,0 @@
header:
version: 14
local_conf_header:
extrapackages: |
# Intentionally blank to prevent perf from being added to the image in base.yml
firmwarebuild: |
# Only needed as kas doesn't add it automatically unless you have 2 targets in seperate configs
BBMULTICONFIG ?= "firmware"
distrosetup: |
DISTRO_FEATURES = "usbhost ipv4"
initramfsetup: |
# Telling the build system which image is responsible of the generation of the initramfs rootfs
INITRAMFS_IMAGE_BUNDLE:firmware = "1"
INITRAMFS_IMAGE:firmware ?= "corstone1000-recovery-image"
IMAGE_FSTYPES:firmware:pn-corstone1000-recovery-image = "${INITRAMFS_FSTYPES}"
IMAGE_NAME_SUFFIX:firmware = ""
# enable mdev/busybox for init
INIT_MANAGER:firmware = "mdev-busybox"
VIRTUAL-RUNTIME_init_manager:firmware = "busybox"
# prevent the kernel image from being included in the intramfs rootfs
PACKAGE_EXCLUDE:firmware += "kernel-image-*"
# Disable openssl in kmod to shrink the initramfs size
PACKAGECONFIG:remove:firmware:pn-kmod = "openssl"
imageextras: |
# Don't include kernel binary in rootfs /boot path
RRECOMMENDS:${KERNEL_PACKAGE_NAME}-base = ""
# all optee packages
CORE_IMAGE_EXTRA_INSTALL += "optee-client"
# TS PSA API tests commands for crypto, its, ps and iat
CORE_IMAGE_EXTRA_INSTALL += "packagegroup-ts-tests-psa"
CORE_IMAGE_EXTRA_INSTALL:firmware += "packagegroup-ts-tests-psa"
# external system firmware
CORE_IMAGE_EXTRA_INSTALL:firmware += "external-system-elf"
capsule: |
CAPSULE_EXTENSION = "uefi.capsule"
CAPSULE_FW_VERSION = "6"
CAPSULE_NAME = "${MACHINE}-v${CAPSULE_FW_VERSION}"
-8
View File
@@ -1,8 +0,0 @@
header:
version: 14
includes:
- kas/corstone1000-base.yml
- kas/corstone1000-image-configuration.yml
- kas/corstone1000-firmware-only.yml
machine: corstone1000-mps3
-43
View File
@@ -1,43 +0,0 @@
header:
version: 13
includes:
- kas/fvp-eula.yml
env:
DISPLAY:
WAYLAND_DISPLAY:
XAUTHORITY:
distro: poky
machine: fvp-base
defaults:
repos:
refspec: scarthgap
repos:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
path: layers/poky
layers:
meta:
meta-poky:
local_conf_header:
base: |
CONF_VERSION = "2"
PACKAGE_CLASSES = "package_ipk"
PACKAGECONFIG:remove:pn-qemu-system-native = "gtk+ sdl"
EXTRA_IMAGE_FEATURES:append = " debug-tweaks ssh-server-openssh"
CORE_IMAGE_EXTRA_INSTALL:append = " ssh-pregen-hostkeys"
IMAGE_CLASSES:append = " testimage fvpboot"
target:
- core-image-minimal
+32
View File
@@ -0,0 +1,32 @@
header:
version: 9
distro: poky
machine: fvp-baser-aemv8r64
defaults:
repos:
refspec: hardknott
repos:
meta-arm:
layers:
meta-arm:
meta-arm-bsp:
meta-arm-toolchain:
poky:
url: https://git.yoctoproject.org/git/poky
layers:
meta:
meta-poky:
local_conf_header:
base: |
CONF_VERSION = "1"
PACKAGE_CLASSES = "package_ipk"
PACKAGECONFIG_remove_pn-qemu-system-native = "gtk+ sdl"
EXTRA_IMAGE_FEATURES_append = " debug-tweaks"
target:
- core-image-minimal
-5
View File
@@ -1,5 +0,0 @@
header:
version: 13
env:
ARM_FVP_EULA_ACCEPT:
-7
View File
@@ -1,7 +0,0 @@
header:
version: 9
local_conf_header:
tftf: |
TFA_UBOOT = "0"
TFTF_TESTS = "1"
+93
View File
@@ -0,0 +1,93 @@
meta-arm-autonomy Yocto Layer
=============================
Introduction
------------
This layer provides an hypervisor based solution (currently based on Xen) for
autonomous system. It contains recipes and classes to build host and guest
images.
To start using this layer, please check the
[Quick Start Guide](documentation/arm-autonomy-quickstart.md).
Dependencies
------------
This layer depends on several other Yocto layers:
* meta-openembedded (https://git.openembedded.org/meta-openembedded)
* poky (https://git.yoctoproject.org/poky)
* meta-virtualization (https://git.yoctoproject.org/meta-virtualization)
* meta-networking (git://git.openembedded.org/meta-openembedded)
Distribution Features
---------------------
This layer adds the following Yocto DISTRO_FEATURES:
* arm-autonomy-host: this feature activates functionalities required to build
an autonomy host system. It has the following effects:
- add 'xen' and 'ipv4' to DISTRO_FEATURES.
- add xen backend drivers to linux kernel configuration.
- To reduce the root filesystem image size the kernel image is not installed.
* arm-autonomy-guest: this feature activates functionalities to run as guest
of an autonomy system. It is doing the following:
- add 'ipv4' to DISTRO_FEATURES.
- add xen frontend drivers to linux kernel configuration.
- add console on hvc0 during init.
Bitbake variables
-----------------
Some recipes and classes in this layer are introducing variables which can be
modified by the user in local.conf.
Each recipe introducing such variables has a chapter "Bitbake parameters" in
its documentation.
Those documentation files should be checked for variables:
- [xen-devicetree](documentation/xen-devicetree.md)
- [xenguest-manager](documentation/xenguest-manager.md)
- [xenguest-network](documentation/xenguest-network.md)
BSPs
----
This layer adds the following machine:
* arm64-autonomy-guest: This machine creates a minimal BSP suitable to be used
as an autonomy guest. It is in fact only activating ARM64 architecture and
SMP in the linux kernel and is enabling the DISTRO_FEATURE
'arm-autonomy-guest'.
Images
------
This layer is adding the following images:
* arm-autonomy-host-image-minimal: This image includes all elements required
to create a minimal arm-autonomy-host system. This includes xen, and tools to
manage xen guests and xenguest images. This image depends on
'arm-autonomy-host' distribution feature.
Recipes and classes
-------------------
This layer adds the following recipes and classes:
* [xen-devicetree](documentation/xen-devicetree.md): This is a recipe to modify
a device tree blob to add information required to boot xen and a Dom0 linux.
* [xenguest-mkimage](documentation/xenguest-mkimage.md): This is a tool used to
create and modify images to be used as Xen guests.
* [xenguest-manager](documentation/xenguest-manager.md): This is a tool used to
create/remove/start/stop xen guest generated using xenguest-mkimage.
* [xenguest-network](documentation/xenguest-network.md): This
recipe add tools and init scripts to create a bridge connected to the
external network on the host and allow guests to be connected to it.
Contributing
------------
This project has not put in place a process for contributions currently. If you
would like to contribute, please contact the maintainers
Maintainer(s)
-------------
* Diego Sueiro <diego.sueiro@arm.com>
* Bertrand Marquis <bertrand.marquis@arm.com>
@@ -0,0 +1,26 @@
# This class is to be inherited by image recipes that want to build and install
# an alternate kernel (set via PREFERRED_PROVIDER_alternate/kernel).
#
# It is mandatory to also set the KERNEL_PACKAGE_NAME for the alternate kernel
# recipe via KERNEL_PACKAGE_NAME_pn-${PREFERRED_PROVIDER_alternate/kernel} and
# its value needs to be different from "kernel" since this is the default set
# for PREFERRED_PROVIDER_virtual/kernel.
#
# An example of these settings can be found at meta-arm-autonomy/dynamic-layers/meta-arm-bsp/conf/machine/n1sdp-extra-settings.inc
#
# When building and installing an alternate kernel, the kernel-modules packages
# for both virtual/kernel and alternate/kernel will be installed.
PREFERRED_PROVIDER_alternate/kernel ??= ""
python () {
alternate_kernel = d.getVar('PREFERRED_PROVIDER_alternate/kernel')
if alternate_kernel:
alternate_kernel_pkg_name = d.getVar('KERNEL_PACKAGE_NAME_pn-%s' % alternate_kernel)
if alternate_kernel_pkg_name:
d.appendVar('EXTRA_IMAGEDEPENDS', ' ' + alternate_kernel)
d.appendVar('IMAGE_INSTALL', ' kernel-modules')
d.appendVar('IMAGE_INSTALL', ' ' + alternate_kernel_pkg_name + '-modules')
else:
raise bb.parse.SkipRecipe("No KERNEL_PACKAGE_NAME_pn-%s set" % alternate_kernel )
}

Some files were not shown because too many files have changed in this diff Show More