Re: [yocto] cve-checker tool

2016-10-28 Thread Sona Sarmadi 
> > ./bzip2/1.0.6-r5/cve/cve.log
> > ./libxml2/2.9.4-r0/cve/cve.log
> > ./perl/5.22.1-r0/cve/cve.log
> > ./expat/2.2.0-r0/cve/cve.log
> > ./flex/2.6.0-r0/cve/cve.log
> 
> perhaps you can add this info to "How Do I”
> section in wiki here https://wiki.yoctoproject.org/wiki/How_do_I

Good idea, thanks for the hint. I did it, please feel free to improve it :)

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-security][PATCH 2/2] smack kernel: add smack kernel config fragments

2016-10-28 Thread Patrick Ohly 
On Thu, 2016-10-27 at 19:32 -0700, Khem Raj wrote:
> > On Oct 27, 2016, at 12:22 AM, Patrick Ohly  wrote:
> > Can you say a bit more about your plans regarding Smack support in
> > meta-security? A recipe for the userspace tool and the kernel config is
> > a start, but for a fully functional Smack-enabled image, the rootfs also
> > needs to be set up a bit differently.
> 
> FWIW meta-security seems to be right place for smack related infra.

I don't disagree :-) But it would be good to know more about the rest of
the infrastructure before adding (or reviewing) bits and pieces that by
themselves don't do much.

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.



-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] Raspberry pi (version 1) model B+

2016-10-28 Thread S. M. Anayetullah 
Hi Andrea Galbusera,
Thank you very much for your reply. This time I have used the same branch
for all the layers. Yet I am getting errors. It seems like it cannot fetch
files from wiki.qemu-project.org/  because of the firewall policy of my
company. I have manually downloaded it (qemu-2.7.0.tar.bz2) and placed it
in "/poky/rpi-build/downloads/"  directory. I have changed the location in
the file "qemu_2.7.0.bb". Changed it from url "
http://wiki.qemu-project.org/download/${BP}.tar.bz2"; to absolute location
"file://home/anayet/workspace/yocto_project/oct_new/poky/rpi-build/downloads/qemu-2.7.0.tar.bz2".
Also I have experimented(kept / comment out by # ) with following 2 lines.

SRC_URI[md5sum] = "08d4d06d1cb598efecd796137f4844ab"
SRC_URI[sha256sum] =
"326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53"

Running bitbake rpi-basic-image now gives me following error.


Loading cache...done.
Loaded 2129 entries from dependency cache.
NOTE: Resolving any missing task queue dependencies

Build Configuration:
BB_VERSION= "1.32.0"
BUILD_SYS = "x86_64-linux"
NATIVELSBSTRING   = "universal"
TARGET_SYS= "arm-poky-linux-gnueabi"
MACHINE   = "raspberrypi"
DISTRO= "poky"
DISTRO_VERSION= "2.2"
TUNE_FEATURES = "arm armv6  vfp arm1176jzfs callconvention-hard"
TARGET_FPU= "hard"
meta
meta-poky
meta-yocto-bsp= "master:e5815d0b607ff262663864d51fe51fbb37172329"
meta-oe
meta-multimedia   = "master:7a491f384c277ee42ac895fec6fc2ef70f15df4d"
meta-raspberrypi  = "master:de016ceef63028f5578191785c50529695f76a1a"

Initialising tasks...done.
NOTE: Executing SetScene Tasks
NOTE: Executing RunQueue Tasks
NOTE: Running task 393 of 2019
(/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-core/gettext/gettext_0.19.8.1.bb:
do_install)
NOTE: Running task 527 of 2019
(/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-core/readline/readline_6.3.bb:
do_configure)
NOTE: recipe gettext-0.19.8.1-r0: task do_install: Started
NOTE: Running task 667 of 2019
(virtual:native:/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-devtools/qemu/qemu_2.7.0.bb:
do_fetch)
NOTE: Running task 692 of 2019
(/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-devtools/opkg-utils/opkg-utils_git.bb:
do_package)
NOTE: recipe readline-6.3-r0: task do_configure: Started
NOTE: recipe opkg-utils-0.3.2+gitAUTOINC+3ffece9bf1-r0: task do_package:
Started
NOTE: recipe qemu-native-2.7.0-r1: task do_fetch: Started
WARNING: qemu-native-2.7.0-r1 do_fetch: Failed to fetch URL
file://home/anayet/workspace/yocto_project/oct_new/poky/rpi-build/downloads/qemu-2.7.0.tar.bz2,
attempting MIRRORS if available
NOTE: recipe qemu-native-2.7.0-r1: task do_fetch: Failed
NOTE: recipe opkg-utils-0.3.2+gitAUTOINC+3ffece9bf1-r0: task do_package:
Succeeded
NOTE: recipe readline-6.3-r0: task do_configure: Succeeded
NOTE: recipe gettext-0.19.8.1-r0: task do_install: Succeeded
NOTE: Tasks Summary: Attempted 693 tasks of which 689 didn't need to be
rerun and 1 failed.

Summary: 1 task failed:

virtual:native:/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-devtools/qemu/qemu_2.7.0.bb:
do_fetch
Summary: There was 1 WARNING message shown.
Summary: There were 3 ERROR messages shown, returning a non-zero exit code.

**

I have checked that the compressed file (qemu-2.7.0.tar.bz2) is indeed in
the directory still I am getting this error. Please give me some idea what
am I missing or what could be wrong.

Thanks in advance.


On Thu, Oct 27, 2016 at 5:59 PM, Andrea Galbusera  wrote:

> Hi,
>
> On Thu, Oct 27, 2016 at 1:35 PM, S. M. Anayetullah 
> wrote:
>
>> Dear Experts,
>> I got the error while running bitbake rpi-basic-image
>>
>> Loading cache...done.
>> Loaded 1361 entries from dependency cache.
>> NOTE: Resolving any missing task queue dependencies
>>
>> Build Configuration:
>> BB_VERSION= "1.30.0"
>> BUILD_SYS = "x86_64-linux"
>> NATIVELSBSTRING   = "universal"
>> TARGET_SYS= "arm-poky-linux-gnueabi"
>> MACHINE   = "raspberrypi"
>> DISTRO= "poky"
>> DISTRO_VERSION= "2.1.1"
>> TUNE_FEATURES = "arm armv6  vfp arm1176jzfs callconvention-hard"
>> TARGET_FPU= "hard"
>> meta
>> meta-poky
>> meta-yocto-bsp
>> meta-raspberrypi  = "krogoth:204b2bae4a5958735fdd19c63a69f4ed3780bba7"
>>
>
> Where di you get this layer from? The commit doesn't seems to belong to
> meta-raspberrypi repository.
>
>
>> meta-multimedia   = "fido:902964a4da26e46018d2a8d17dcdda1ac4627a39"
>>
>
> Mixing different main branches (krogoth and fido) might hit you with
> problems... Any reason for not using the same branch?
>
>
>>
>> NOTE: Preparing RunQueue
>> NOTE: Exec

Re: [yocto] Raspberry pi (version 1) model B+

2016-10-28 Thread Gary Thomas 

On 2016-10-28 13:50, S. M. Anayetullah wrote:

Hi Andrea Galbusera,
Thank you very much for your reply. This time I have used the same branch for 
all the layers. Yet I am getting errors.
It seems like it cannot fetch files from wiki.qemu-project.org/ 
  because of the firewall
policy of my company. I have manually downloaded it (qemu-2.7.0.tar.bz2) and placed it in 
"/poky/rpi-build/downloads/"
directory. I have changed the location in the file "qemu_2.7.0.bb 
". Changed it from url
"http://wiki.qemu-project.org/download/${BP}.tar.bz2"; to absolute location
"file://home/anayet/workspace/yocto_project/oct_new/poky/rpi-build/downloads/qemu-2.7.0.tar.bz2".
 Also I have
experimented(kept / comment out by # ) with following 2 lines.

SRC_URI[md5sum] = "08d4d06d1cb598efecd796137f4844ab"
SRC_URI[sha256sum] = 
"326e739506ba690daf69fc17bd3913a6c313d9928d743bd8eddb82f403f81e53"

Running bitbake rpi-basic-image now gives me following error.


Loading cache...done.
Loaded 2129 entries from dependency cache.
NOTE: Resolving any missing task queue dependencies

Build Configuration:
BB_VERSION= "1.32.0"
BUILD_SYS = "x86_64-linux"
NATIVELSBSTRING   = "universal"
TARGET_SYS= "arm-poky-linux-gnueabi"
MACHINE   = "raspberrypi"
DISTRO= "poky"
DISTRO_VERSION= "2.2"
TUNE_FEATURES = "arm armv6  vfp arm1176jzfs callconvention-hard"
TARGET_FPU= "hard"
meta
meta-poky
meta-yocto-bsp= "master:e5815d0b607ff262663864d51fe51fbb37172329"
meta-oe
meta-multimedia   = "master:7a491f384c277ee42ac895fec6fc2ef70f15df4d"
meta-raspberrypi  = "master:de016ceef63028f5578191785c50529695f76a1a"

Initialising tasks...done.
NOTE: Executing SetScene Tasks
NOTE: Executing RunQueue Tasks
NOTE: Running task 393 of 2019
(/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-core/gettext/gettext_0.19.8.1.bb:do_install)
NOTE: Running task 527 of 2019
(/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-core/readline/readline_6.3.bb:do_configure)
NOTE: recipe gettext-0.19.8.1-r0: task do_install: Started
NOTE: Running task 667 of 2019
(virtual:native:/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-devtools/qemu/qemu_2.7.0.bb:do_fetch)
NOTE: Running task 692 of 2019
(/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-devtools/opkg-utils/opkg-utils_git.bb:do_package)
NOTE: recipe readline-6.3-r0: task do_configure: Started
NOTE: recipe opkg-utils-0.3.2+gitAUTOINC+3ffece9bf1-r0: task do_package: Started
NOTE: recipe qemu-native-2.7.0-r1: task do_fetch: Started
WARNING: qemu-native-2.7.0-r1 do_fetch: Failed to fetch URL
file://home/anayet/workspace/yocto_project/oct_new/poky/rpi-build/downloads/qemu-2.7.0.tar.bz2,
 attempting MIRRORS if
available
NOTE: recipe qemu-native-2.7.0-r1: task do_fetch: Failed
NOTE: recipe opkg-utils-0.3.2+gitAUTOINC+3ffece9bf1-r0: task do_package: 
Succeeded
NOTE: recipe readline-6.3-r0: task do_configure: Succeeded
NOTE: recipe gettext-0.19.8.1-r0: task do_install: Succeeded
NOTE: Tasks Summary: Attempted 693 tasks of which 689 didn't need to be rerun 
and 1 failed.

Summary: 1 task failed:
  
virtual:native:/home/anayet/workspace/yocto_project/oct_new/poky/meta/recipes-devtools/qemu/qemu_2.7.0.bb:do_fetch
Summary: There was 1 WARNING message shown.
Summary: There were 3 ERROR messages shown, returning a non-zero exit code.

**

I have checked that the compressed file (qemu-2.7.0.tar.bz2) is indeed in the 
directory still I am getting this error.
Please give me some idea what am I missing or what could be wrong.


Try
  % touch downloads/qemu-2.7.0.tar.bz2.done

Better yet, try using your own download [mirror] cache:
  
http://www.yoctoproject.org/docs/2.1/mega-manual/mega-manual.html#setting-up-effective-mirrors



Thanks in advance.


On Thu, Oct 27, 2016 at 5:59 PM, Andrea Galbusera mailto:giz...@gmail.com>> wrote:

Hi,

On Thu, Oct 27, 2016 at 1:35 PM, S. M. Anayetullah mailto:anayet...@gmail.com>> wrote:

Dear Experts,
I got the error while running bitbake rpi-basic-image

Loading cache...done.
Loaded 1361 entries from dependency cache.
NOTE: Resolving any missing task queue dependencies

Build Configuration:
BB_VERSION= "1.30.0"
BUILD_SYS = "x86_64-linux"
NATIVELSBSTRING   = "universal"
TARGET_SYS= "arm-poky-linux-gnueabi"
MACHINE   = "raspberrypi"
DISTRO= "poky"
DISTRO_VERSION= "2.1.1"
TUNE_FEATURES = "arm armv6  vfp arm1176jzfs callconvention-hard"
TARGET_FPU= "hard"
meta
meta-poky

Re: [yocto] cve-checker tool

2016-10-28 Thread Mariano Lopez 



On 10/27/2016 06:03 AM, Sona Sarmadi wrote:



-Original Message-
From: Sona Sarmadi
Sent: den 27 oktober 2016 10:57
To: Scott Rifenbark ; 'mariano.lo...@intel.com'
; yocto@yoctoproject.org
Subject: cve-checker tool

Hi guys,

I have some questions regarding cve-check tool. I don't find anything
about this tool in Yocto
2.2 release, dose documentation mention this tool and how to use it?


Currently we don't have documentation about it, I'll work on it along 
with Scott. Thanks for updating "How do I?" as Khem suggested.




Is this tool planned to be integrated with daily build so the Yocto project
can detect Not addressed CVEs automatically?

Mariano:
Does this tool look at CVE tag inside the recipe as well or only checks the
package version?


If there is a version affected by a CVE it will look for a patch that 
solves that particular CVE using the the metadata in the patch format. 
For example, the current bind version is affected by CVE-2016-1285, but 
there is patch for that, so the cve-check class will find this and will 
generate a log file saying the vulnerability has been addressed.


After the previous example I know you are familiar with the CVE tag, if 
someone stumble in the thread, here is more information on the CVE tag 
needed:

http://openembedded.org/wiki/Commit_Patch_Message_Guidelines#CVE_Patches



Can this tool be used together with "meta-security-isafw" and get a fancy
report?


When I was working on this it was the transition to python3 so, 
meta-security-isafw didn't behave as expected. To be honest I haven't 
checked again but it will be a good test. I'll try to do this during the 
weekend.



There are some useful info in the cve-check.bbclass:

#In order to use this class just inherit the class in the
# local.conf file and it will add the cve_check task for
# every recipe. The task can be used per recipe, per image,
# or using the special cases "world" and "universe". The
# cve_check task will print a warning for every unpatched
# CVE found and generate a file in the recipe WORKDIR/cve
# directory. If an image is build it will generate a report
# in DEPLOY_DIR_IMAGE for all the packages used.

I see following logs are generated:
./unzip/1_6.0-r5/cve/cve.log
./gnutls/3.5.3-r0/cve/cve.log
./glibc/2.24-r0/cve/cve.log
./glibc-initial/2.24-r0/cve/cve.log
./foomatic-filters/4.0.17-r1/cve/cve.log
./bzip2/1.0.6-r5/cve/cve.log
./libxml2/2.9.4-r0/cve/cve.log
./perl/5.22.1-r0/cve/cve.log
./expat/2.2.0-r0/cve/cve.log
./flex/2.6.0-r0/cve/cve.log

//Sona


Just remember that those logs are created for patched and unpatched CVEs.

--
Mariano Lopez
--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] Yocto Project Status WW44

2016-10-28 Thread Jolley, Stephen K 
Current Dev Position: YP 2.3 M1

Next Deadline: YP 2.3 M1


SWAT team rotation: Paul -> Ross

https://wiki.yoctoproject.org/wiki/Yocto_Build_Failure_Swat_Team


Key Status/Updates:

*The YP 2.2rc4 QA report looked good and we were nearly able to release.

*The kernel CVE issue meant we rebuilt the release and the rc6 build is 
in QA (rc5 was misconfigured).  https://wiki.yoctoproject.org/wiki/2.2_QA_Status

*The rebuild means we are slightly behind our release date but this was 
preferred to releasing with the kernel CVE issues.

*2.3 planning is underway and RP will send more thoughts on the plans 
for that in the next couple of weeks. Recipe specific sysroots look like one 
desired feature for multiple reasons and there was good discussion and feedback 
from OEDEM. If people do have things they're planning to work on in the 2.3 
cycle, adding them to the bugzilla for tracking purposes would be very helpful.

*We are going to make a strong effort to load balance things up front 
this time so work is spread over M1-3 rather than the usual 'front loaded' 
everything in M1 approach which is currently how bugzilla looks.


Key YP 2.2 Dates:

*YP 2.2 M4 release would be: 10/28/16 but should be early next week.

Proposed upcoming releases after YP 2.2 are:

Key YP 2.3 Dates:

Milestone


Cutoff


Release


YP 2.0.3


11/7/2016


11/18/2016


YP 2.1.2


11/28/2016


12/9/2016


YP 2.3 M1


12/12/2016


12/23/2016


YP 2.2.1


1/9/2017


1/20/2017


YP 2.3 M2


1/23/2017


2/3/2017


YP 2.3 M3


2/27/2017


3/10/2017


YP 2.3 M4


4/3/2017


4/28/2017


YP 2.3


4/3/2017


4/28/2017


YP 2.1.3


5/8/2017


5/19/2017


YP 2.2.2


5/15/2017


5/30/2017



Tracking Metrics:

WDD 2394 (last week 2306)

(https://wiki.yoctoproject.org/charts/combo.html)


Key Status Links for YP:

https://wiki.yoctoproject.org/wiki/Yocto_Project_v2.2_Status

https://wiki.yoctoproject.org/wiki/Yocto_2.2_Schedule

https://wiki.yoctoproject.org/wiki/Yocto_2.2_Features

https://wiki.yoctoproject.org/wiki/Yocto_Project_v2.3_Status

https://wiki.yoctoproject.org/wiki/Yocto_2.3_Schedule

https://wiki.yoctoproject.org/wiki/Yocto_2.3_Features

[If anyone has suggestions for other information you'd like to see on this 
weekly status update, let us know!]

Thanks,

Stephen K. Jolley
Yocto Project Program Manager
INTEL, MS JF1-255, 2111 N.E. 25th Avenue, Hillsboro, OR 97124
*   Work Telephone:(503) 712-0534
*Cell:   (208) 244-4460
* Email:stephen.k.jol...@intel.com

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-security][PATCH 2/2] smack kernel: add smack kernel config fragments

2016-10-28 Thread akuster808 



On 10/28/2016 04:20 AM, Patrick Ohly wrote:

On Thu, 2016-10-27 at 19:32 -0700, Khem Raj wrote:

On Oct 27, 2016, at 12:22 AM, Patrick Ohly  wrote:
Can you say a bit more about your plans regarding Smack support in
meta-security? A recipe for the userspace tool and the kernel config is
a start, but for a fully functional Smack-enabled image, the rootfs also
needs to be set up a bit differently.

FWIW meta-security seems to be right place for smack related infra.

I don't disagree :-) But it would be good to know more about the rest of
the infrastructure before adding (or reviewing) bits and pieces that by
themselves don't do much.
I start of with basic support and refine over time.  Your statement can 
apply for many components within meta-secuirty. I recently started 
adding test images. Providing configurations or solutions for a niche 
area is outside the scope for this general layer, IMHO. I could be 
convinced  otherwise. I tend not to wait for 100% solution before 
sending out bits for review.


thanks for your input.

Regards,
Armin




--
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] cve-checker tool

2016-10-28 Thread Patrick Ohly 
On Fri, 2016-10-28 at 09:28 -0500, Mariano Lopez wrote:
> 
> On 10/27/2016 06:03 AM, Sona Sarmadi wrote:
> >> Can this tool be used together with "meta-security-isafw" and get a fancy
> >> report?
> 
> When I was working on this it was the transition to python3 so, 
> meta-security-isafw didn't behave as expected.

It does now.

>  To be honest I haven't 
> checked again but it will be a good test. I'll try to do this during the 
> weekend.

meta-security-isafw has its own support for generating CVE reports, for
example in the XMLunit format. Here's an example how Jenkins displays
that:
https://ostroproject.org/jenkins/view/Code-Analysis/job/code_isafw_reports/checker=cve,label=coordinator,machine=beaglebone/lastCompletedBuild/testReport/

-- 
Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.



-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

[yocto] QA Test Report for Yocto Project 2.2 rc6

2016-10-28 Thread Perez Carranza, Jose 
Hi

Here is the report for Partial QA Cycle on 2.2 rc6

Full Report :  
https://wiki.yoctoproject.org/wiki/WW44_-_2016-10-26_-_Full_Test_Cycle_2.2_rc6

Summary

Only a subset of components related to kernel and build appliance were tested 
on this cycle.  We found  3 new bugs found, 1 introduced after build appliance 
fix , another one for qemu and one more for parselogs, in general the fix for 
"Dirty COW" seems not affecting the functionality validated on components 
related to the kernel. Performance shows a little improvements on measurements 
for  "core-image-sato" and "rm-work" . pTest results were exactly the same of 
previous test cycle for 2.2 rc4. Regarding to bug 10447 [1] test were applied 
on "morty" and "master" branches and the error still appears so the bug was 
reopened.

Bugs

   *New bugs found

-10514   test_parselogs on genericx86-lsb minnow board max 32 
FAILED LOGIN (1) on '/dev/tty1' FOR 'UNKNOWN', Authentication failure [2]

-10504   [Build Appliance] The default user builder can not 
login [3]

-10519   Can not run multiple QEMU machines under UNFS [4]

   *Not New High and M+
-  10456   X can not launch on qemumips64 [5]
-  10434   runqemu can not launch qemu image in Build Appliance [6]
-  10447   eSDK: runqemu fails unless unless DEPLOY_DIR_IMAGE is 
set [7]
-  10477   yocto-bsp: tool should output a conf file to be consume 
by the qemu runner [8]

*Not New Medium Low
- 10494[Test Case 1059] Parselogs is failing on 
genericx86-64-WIC on NUC giving error: Failed to load DMC firmware [9]
  - 10455[Test Case 1059] Parselogs 
is failing on genericx86 (32 and 64 bits) giving error: blk_update_request: I/O 
error, dev loop0 [10]
- 10481[Test Case 1059] Parselogs is failing on genericx86 (32 
and 64 bits) WIC giving error: GPT: Use GNU Parted to correct GPT errors. [11]
- 10025Missing 'Connection Manager' icon for qemumips and 
qemumips64 [12]
Performance


-Core-image-sato has an improvement of around 6% (2 minutes) on Ubuntu 
machine, Fedora remains on the average ranges

-rm-work has an improvement of around 5% (1 minute) on both Ubuntu and 
Fedora

-Full performance charts [13]

Links

1. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10447
2. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10514
3. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10504
4. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10519
5. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10456
6. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10434
7. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10447
8. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10477
9. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10494
10. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10455
11. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10481
12. https://bugzilla.yoctoproject.org/show_bug.cgi?id=10025
13. 
https://wiki.yoctoproject.org/wiki/WW44_-_2016-10-26_-_Full_Test_Cycle_2.2_rc6#Build_Performance_Test


Regards,
José

-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto

Re: [yocto] [meta-security][PATCH 2/2] smack kernel: add smack kernel config fragments

2016-10-28 Thread Khem Raj 

> On Oct 28, 2016, at 8:41 AM, akuster808  wrote:
> 
> 
> 
> On 10/28/2016 04:20 AM, Patrick Ohly wrote:
>> On Thu, 2016-10-27 at 19:32 -0700, Khem Raj wrote:
 On Oct 27, 2016, at 12:22 AM, Patrick Ohly  wrote:
 Can you say a bit more about your plans regarding Smack support in
 meta-security? A recipe for the userspace tool and the kernel config is
 a start, but for a fully functional Smack-enabled image, the rootfs also
 needs to be set up a bit differently.
>>> FWIW meta-security seems to be right place for smack related infra.
>> I don't disagree :-) But it would be good to know more about the rest of
>> the infrastructure before adding (or reviewing) bits and pieces that by
>> themselves don't do much.
> I start of with basic support and refine over time.  Your statement can apply 
> for many components within meta-secuirty. I recently started adding test 
> images. Providing configurations or solutions for a niche area is outside the 
> scope for this general layer, IMHO. I could be convinced  otherwise. I tend 
> not to wait for 100% solution before sending out bits for review.

its a good start. If you have some more patches on the way to complete
the solution, that would be good to share.

> 
> thanks for your input.
> 
> Regards,
> Armin
>> 
> 



signature.asc
Description: Message signed with OpenPGP using GPGMail
-- 
___
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto