Template has been taken from old gitlab instance.

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

I added the content as per review on the MR.

Signed-off-by: NawabAhmad <nawab.ahmad.reshi@huawei.com>

Alberto Pianon authored 3 years ago and Andrei Gherzan committed 3 years ago

While Apache 2.0 license is the recommended option when choosing an open
source permissive (i.e. non-copyleft) license, such license is
incompatible with some other open source licenses (namely, GPL-2.0) so
it is not the best suited choice for patch files, since patch files are
naturally intended to modify third party code, which at times may be
subject to incompatible licenses.

Instead of checking license compatibility on a case by case basis (which
not only is time consuming, but it also a hardly maintainable/scalable
process and, most important, error-prone), a more practical approach
would be to adopt an open source license with the broadest compatibility
possible, namely, the MIT license.

Signed-off-by: Alberto Pianon <pianon@array.eu>

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Introduce machine variable for lava-test and search build images for the
test target device only to make sure only images for the target device
submitted for test.

This closes #215.

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Signed-off-by: Chase Qi <chase.qi@linaro.org>

The old ostc-builder cannot be patched now as the project has been
migrated to the `distro/oniro` project.

This closes: #218

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Convert all headings into title case.

Closes: https://booting.oniroproject.org/distro/oniro/-/issues/204


Signed-off-by: Gururaj Shetty <gururaj.shetty@huawei.com>

Marta Rybczynska authored 3 years ago and Pavel Zhukov committed 3 years ago

Improper access control in BlueZ may allow an authenticated user to
potentially enable information disclosure via adjacent access.

This issue can be fixed in the kernel, in BlueZ or both. This patch
fixes it on the BlueZ side, so that the configuration no longer
depends on the kernel fix.

https://nvd.nist.gov/vuln/detail/CVE-2021-0129

Upstream-Status: Submitted [https://lists.openembedded.org/g/openembedded-core/message/159682

]

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

Bump openembedded-core revision to bring in CVE fixes (libgcrypt and
busybox).

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

This update brings few CVE fixes (vim, ncurces, glib, etc) as well as
bind and python updates. We had python updated downstream and bind is
unsupported so the update should not break current API.

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

This is a follow up fix for e791c29b

The writables part is correct, but it can not live in the
meta-oniro-staging layer. This layer is in preparation of upstreaming
and the writables class we have in core is not at this stage yet.

Instead we split out the writables part into a bbappend to live in
meta-oniro-core. This solved an implicit layer dependcy from staging to
core as well which we saw with the meta-openharmony build.

Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>

Signed-off-by: Francesco Pham <francesco.pham@huawei.com>

Chase Qi authored 3 years ago and Stevan Radaković committed 3 years ago

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Skip git operations in lava jobs as these jobs operate exclusively on
artifacts.

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Gururaj Shetty authored 3 years ago and Andrei Gherzan committed 3 years ago

    * Restructure main page

    * Supported-technologies folder moved one level up

    * This is part of MR: https://booting.oniroproject.org/distro/docs/-/merge_requests/227

    * Rework on the documentation flow

    * Closes:  https://git.ostc-eu.org/distro/docs/-/issues/80



Signed-off-by: Gururaj Shetty <gururaj.shetty@huawei.com>

OTBR stores at least one .data file in this path and some functionality
does not work without it being read-write. Mark the path as writable.

Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>

This change fixes patches for two issues reported in a research
paper [1]: a side channel attack (*) and a cross-configuration
attack (**).

In this commit we add a fix for (*) that wasn't marked as a CVE
initially in the upstream. A fix of (**) available in Yocto
backport is in fact fixing CVE-2021-40528, not CVE-2021-33560
as marked in the commit message.

We commit the accual fix for CVE-2021-33560 and whitelist
CVE-2021-40528 until we rename the patch upstream.

For details of the mismatch and the timeline see [2] (fix of the
documentation) and [3] (the related ticket upstream).

[1] https://eprint.iacr.org/2021/923.pdf
[2] https://dev.gnupg.org/rCb118681ebc4c9ea4b9da79b0f9541405a64f4c13
[3] https://dev.gnupg.org/T5328#149606



Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

This is no longer needed as we switched to a setup where we build bossac
with bitbake and use the internal version for flashing.

The result is a streamlined flashing experience where no extra
installation of the Arduino IDE and search for the PATH is needed
anymore.

Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>

Signed-off-by: Chase Qi <chase.qi@linaro.org>

After all test jobs for a pipeline finish, trigger lava-report via gitlab api
to collect test results from all jobs.

Signed-off-by: Chase Qi <chase.qi@linaro.org>

* fix the syntax for CI/CD var check
* enable lava report

Signed-off-by: Chase Qi <chase.qi@linaro.org>

Pavel Zhukov authored 3 years ago and Stefan Schmidt committed 3 years ago

dunfell branch is not Jasmine (1.0.0) anymore. bumping to 1.99.99 to be
symver compatible.

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Marta Rybczynska authored 3 years ago and Stefan Schmidt committed 3 years ago

According to the upstream [1], the bug happens only if the programmer
does not follow the API definition.

[1] https://github.com/akheron/jansson/issues/548



Upstream-Status: Pending

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Stefan Schmidt <stefan.schmidt@huawei.com>

philippe coval authored 3 years ago and Pavel Zhukov committed 3 years ago

It worked for me on latest ubuntu,
and can adapter for other distros

Forwarded: https://booting.oniroproject.org/distro/oniro/-/merge_requests/375
Relate-to: https://git.ostc-eu.org/OSTC/OHOS/meta-ohos/-/merge_requests/235


Signed-off-by: Philippe Coval <philippe.coval@huawei.com>

Set the preferred Python version to 3.8.12 with security
fixes.

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

Python 3.8.12 is a security release, including a fix for
CVE-2021-29921.

From the official announcement [1]: Security content in this
release contains four fixes. There are also four additional
fixes for bugs that might have lead to denial-of-service attacks.

[1] https://www.python.org/downloads/release/python-3812/

Upstream-Status: Submitted [https://lists.openembedded.org/g/openembedded-core/message/158829

]

Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>

philippe coval authored 3 years ago and Andrei Gherzan committed 3 years ago

Forwarded: https://github.com/openembedded/meta-openembedded/pull/489
Origin: https://booting.oniroproject.org/rzr/oniro/-/tree/sandbox/rzr/devel/master
Relate-to: https://github.com/lvgl/lvgl/issues/2534
Relate-to: https://booting.oniroproject.org/distro/oniro/-/merge_requests/450


Signed-off-by: Philippe Coval <philippe.coval@huawei.com>

This commit adds support for the qemu-generic-arm64 machine as a basic
qemu machine for arm SystemReady devices. It requires
meta-arm-dunfell-backports in order to function.

Signed-off-by: Eilís Ní Fhlannagáin <elizabeth.flanagan@huawei.com>

Fixes: https://booting.oniroproject.org/distro/oniro/-/issues/192



Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Signed-off-by: Amit Kucheria <amit.kucheria.ext@huawei.com>

This was needed for meta-homeassistant and now that we have moved this
out of the main oniro repository, we can also drop this fix which will
be included in the meta-oniro-blueprint repository.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

The blueprint layer was the only layer having a dependency on the
homeassistant layer. With the meta-oniro-blueprint now handled
externally, as a separate repository, we can remove this dependency and
deal with it in the respective blueprint layer.

Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com>

dunfell ships go 1.14.% which is EOL'ed and doesn't get security fixes
anymore.

Upstream-status: Backport
Upstream-URL: https://git.openembedded.org/openembedded-core/commit/?id=69c68f470e8e12456a4d9abf2d1c33b857e4ea37
Fixes: https://booting.oniroproject.org/distro/oniro/-/issues/188


Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

Homeassistant requires pyyaml == 5.3 while oe layer provides newer
version. Specifying preferred older version to fix the broken
dependencies.

Fixes: https://booting.oniroproject.org/distro/oniro/-/issues/187


Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>

philippe coval authored 3 years ago and philippe coval committed 3 years ago

For optimisation purpose there is no need to launch
extra weston-keyboard on systems where input is handled differently
(eg: Using custom UI)

This can be disabled in blueprints conf if desired

Relate-to: https://forum.ostc-eu.org/t/226#bootchart
Forwarded: https://booting.oniroproject.org/distro/oniro/-/merge_requests/442


Signed-off-by: Philippe Coval <philippe.coval@huawei.com>