* [v2][PATCH 1/3] kernel-features: add new class
@ 2021-05-31 18:16 Armin Kuster
2021-05-31 18:16 ` [v2][PATCH 2/3] kernel.bbclass: link in kernel-features Armin Kuster
2021-05-31 18:16 ` [v2][PATCH 3/3] kernel-features: add ima kfrag selection Armin Kuster
0 siblings, 2 replies; 6+ messages in thread
From: Armin Kuster @ 2021-05-31 18:16 UTC (permalink / raw)
To: openembedded-core
This provides a common place to define kernel fragments
that may be usefull to the larger community.
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
v2]
Rename class
Add warning
Add TPM
---
meta/classes/kernel-features.bbclass | 13 +++++++++++++
1 file changed, 13 insertions(+)
create mode 100644 meta/classes/kernel-features.bbclass
diff --git a/meta/classes/kernel-features.bbclass b/meta/classes/kernel-features.bbclass
new file mode 100644
index 0000000000..5735edbd7d
--- /dev/null
+++ b/meta/classes/kernel-features.bbclass
@@ -0,0 +1,13 @@
+#
+# Class to place yocto-kernel-cache fragments
+# selections usfull to anyone
+#
+python __anonymous() {
+ if not (bb.data.inherits_class('kernel-yocto', d)):
+ bb.warn("kernel-features class being inherited without kernel-yocto")
+}
+
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", " features/apparmor/apparmor.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "dm-verity", " features/device-mapper/dm-verity.scc", "" ,d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains_any("MACHINE_FEATURES", "tpm tpm2", " features/tpm/tpm.scc","", d)}"
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [v2][PATCH 2/3] kernel.bbclass: link in kernel-features
2021-05-31 18:16 [v2][PATCH 1/3] kernel-features: add new class Armin Kuster
@ 2021-05-31 18:16 ` Armin Kuster
2021-05-31 18:20 ` [OE-core] " Bruce Ashfield
2021-05-31 18:16 ` [v2][PATCH 3/3] kernel-features: add ima kfrag selection Armin Kuster
1 sibling, 1 reply; 6+ messages in thread
From: Armin Kuster @ 2021-05-31 18:16 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Armin Kuster <akuster808@gmail.com>
--
V2]
rename kernel-kfrag to kernel-features
---
meta/classes/kernel.bbclass | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
index 8693ab86be..493136dfb0 100644
--- a/meta/classes/kernel.bbclass
+++ b/meta/classes/kernel.bbclass
@@ -1,4 +1,4 @@
-inherit linux-kernel-base kernel-module-split
+inherit linux-kernel-base kernel-module-split kernel-features
COMPATIBLE_HOST = ".*-linux"
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [v2][PATCH 3/3] kernel-features: add ima kfrag selection
2021-05-31 18:16 [v2][PATCH 1/3] kernel-features: add new class Armin Kuster
2021-05-31 18:16 ` [v2][PATCH 2/3] kernel.bbclass: link in kernel-features Armin Kuster
@ 2021-05-31 18:16 ` Armin Kuster
1 sibling, 0 replies; 6+ messages in thread
From: Armin Kuster @ 2021-05-31 18:16 UTC (permalink / raw)
To: openembedded-core
Signed-off-by: Armin Kuster <akuster808@gmail.com>
---
meta/classes/kernel-features.bbclass | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/classes/kernel-features.bbclass b/meta/classes/kernel-features.bbclass
index 5735edbd7d..2531b42d59 100644
--- a/meta/classes/kernel-features.bbclass
+++ b/meta/classes/kernel-features.bbclass
@@ -11,3 +11,7 @@ KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "apparmor", "
KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "smack", " features/smack/smack.scc", "" ,d)}"
KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "dm-verity", " features/device-mapper/dm-verity.scc", "" ,d)}"
KERNEL_FEATURES_append = " ${@bb.utils.contains_any("MACHINE_FEATURES", "tpm tpm2", " features/tpm/tpm.scc","", d)}"
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "ima", " features/ima/ima.scc", "" ,d)}"
+
+KERNEL_FEATURES_append = " ${@bb.utils.contains("DISTRO_FEATURES", "modsign", " features/ima/modsign.scc", "", d)}"
+
--
2.25.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [OE-core] [v2][PATCH 2/3] kernel.bbclass: link in kernel-features
2021-05-31 18:16 ` [v2][PATCH 2/3] kernel.bbclass: link in kernel-features Armin Kuster
@ 2021-05-31 18:20 ` Bruce Ashfield
2021-05-31 18:41 ` Armin Kuster
0 siblings, 1 reply; 6+ messages in thread
From: Bruce Ashfield @ 2021-05-31 18:20 UTC (permalink / raw)
To: Armin Kuster; +Cc: Patches and discussions about the oe-core layer
Thanks for v2!
On Mon, May 31, 2021 at 2:16 PM Armin Kuster <akuster808@gmail.com> wrote:
>
> Signed-off-by: Armin Kuster <akuster808@gmail.com>
>
> --
> V2]
> rename kernel-kfrag to kernel-features
> ---
> meta/classes/kernel.bbclass | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
> index 8693ab86be..493136dfb0 100644
> --- a/meta/classes/kernel.bbclass
> +++ b/meta/classes/kernel.bbclass
> @@ -1,4 +1,4 @@
> -inherit linux-kernel-base kernel-module-split
> +inherit linux-kernel-base kernel-module-split kernel-features
Since we have the bbwarn, can this just go into kernel-yocto.bbclass
as a default include (for now) ?
As part of my series to move things around, I can relocate it to kernel.bbclass.
We are sending two different messages as it stands, and everyone is
going to get a bbawarn that isn't using linux-yocto, but is using
kernel.bbclass :D (not that i mind, but others will object ;))
Bruce
>
> COMPATIBLE_HOST = ".*-linux"
>
> --
> 2.25.1
>
>
>
>
--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [OE-core] [v2][PATCH 2/3] kernel.bbclass: link in kernel-features
2021-05-31 18:20 ` [OE-core] " Bruce Ashfield
@ 2021-05-31 18:41 ` Armin Kuster
2021-05-31 19:01 ` Bruce Ashfield
0 siblings, 1 reply; 6+ messages in thread
From: Armin Kuster @ 2021-05-31 18:41 UTC (permalink / raw)
To: Bruce Ashfield; +Cc: Patches and discussions about the oe-core layer
On 5/31/21 11:20 AM, Bruce Ashfield wrote:
> Thanks for v2!
>
> On Mon, May 31, 2021 at 2:16 PM Armin Kuster <akuster808@gmail.com> wrote:
>> Signed-off-by: Armin Kuster <akuster808@gmail.com>
>>
>> --
>> V2]
>> rename kernel-kfrag to kernel-features
>> ---
>> meta/classes/kernel.bbclass | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
>> index 8693ab86be..493136dfb0 100644
>> --- a/meta/classes/kernel.bbclass
>> +++ b/meta/classes/kernel.bbclass
>> @@ -1,4 +1,4 @@
>> -inherit linux-kernel-base kernel-module-split
>> +inherit linux-kernel-base kernel-module-split kernel-features
> Since we have the bbwarn, can this just go into kernel-yocto.bbclass
> as a default include (for now) ?
sure.
>
> As part of my series to move things around, I can relocate it to kernel.bbclass.
>
> We are sending two different messages as it stands, and everyone is
> going to get a bbawarn that isn't using linux-yocto, but is using
> kernel.bbclass :D (not that i mind, but others will object ;))
Well. One message is from the Crazy Uncle ( and its not you )
I am not hung up on my solution. Whatevery works when I define a
'unique name' to pull in kernel fragment that live in the
yocto-kernel-cache. I think is silly I am doing this in a s/w layer.
-armin
>
> Bruce
>
>
>> COMPATIBLE_HOST = ".*-linux"
>>
>> --
>> 2.25.1
>>
>>
>>
>>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [OE-core] [v2][PATCH 2/3] kernel.bbclass: link in kernel-features
2021-05-31 18:41 ` Armin Kuster
@ 2021-05-31 19:01 ` Bruce Ashfield
0 siblings, 0 replies; 6+ messages in thread
From: Bruce Ashfield @ 2021-05-31 19:01 UTC (permalink / raw)
To: akuster808; +Cc: Patches and discussions about the oe-core layer
On Mon, May 31, 2021 at 2:41 PM akuster808 <akuster808@gmail.com> wrote:
>
>
>
> On 5/31/21 11:20 AM, Bruce Ashfield wrote:
> > Thanks for v2!
> >
> > On Mon, May 31, 2021 at 2:16 PM Armin Kuster <akuster808@gmail.com> wrote:
> >> Signed-off-by: Armin Kuster <akuster808@gmail.com>
> >>
> >> --
> >> V2]
> >> rename kernel-kfrag to kernel-features
> >> ---
> >> meta/classes/kernel.bbclass | 2 +-
> >> 1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/meta/classes/kernel.bbclass b/meta/classes/kernel.bbclass
> >> index 8693ab86be..493136dfb0 100644
> >> --- a/meta/classes/kernel.bbclass
> >> +++ b/meta/classes/kernel.bbclass
> >> @@ -1,4 +1,4 @@
> >> -inherit linux-kernel-base kernel-module-split
> >> +inherit linux-kernel-base kernel-module-split kernel-features
> > Since we have the bbwarn, can this just go into kernel-yocto.bbclass
> > as a default include (for now) ?
> sure.
> >
> > As part of my series to move things around, I can relocate it to kernel.bbclass.
> >
> > We are sending two different messages as it stands, and everyone is
> > going to get a bbawarn that isn't using linux-yocto, but is using
> > kernel.bbclass :D (not that i mind, but others will object ;))
> Well. One message is from the Crazy Uncle ( and its not you )
>
> I am not hung up on my solution. Whatevery works when I define a
> 'unique name' to pull in kernel fragment that live in the
> yocto-kernel-cache. I think is silly I am doing this in a s/w layer.
I'm doing similar things in my layers as well, since from some points
of view it is better to keep the userspace components that need those
features close to where the KERNEL_FEATURE is enabled. But having a
place where it is easy to look at what is available via
DISTRO_FEATURES -> KERNEL_FEATURES is a good idea, and that's what I
see in your solution.
But for this comment, I'm just suggesting that until we have some
other features in place, it can serve the same purpose, but be limited
in scope to kernel-yocto, where we know that it will work (and there's
a smaller set of kernel versions).
The other concern that I had with some of my earlier implementations,
is that with the _append technique, it isn't easy for a layer to
opt-out of having those fragments applied. They can of course provide
their own fragments, but keeping them out of KERNEL_FEATURES at all,
is harder. Which led me to think that there should also be a global
toggle.
Let me dig up my bugzilla and and see if there's any elements of that
we can apply to this.
Bruce
>
> -armin
> >
> > Bruce
> >
> >
> >> COMPATIBLE_HOST = ".*-linux"
> >>
> >> --
> >> 2.25.1
> >>
> >>
> >>
> >>
> >
>
--
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2021-05-31 19:01 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-31 18:16 [v2][PATCH 1/3] kernel-features: add new class Armin Kuster
2021-05-31 18:16 ` [v2][PATCH 2/3] kernel.bbclass: link in kernel-features Armin Kuster
2021-05-31 18:20 ` [OE-core] " Bruce Ashfield
2021-05-31 18:41 ` Armin Kuster
2021-05-31 19:01 ` Bruce Ashfield
2021-05-31 18:16 ` [v2][PATCH 3/3] kernel-features: add ima kfrag selection Armin Kuster
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.