Transform OpenWRT to a Yocto / openembedded layer (was: Re: dm-verity support)
abuse at basmevissen.nl
Thu Jul 30 04:54:00 EDT 2020
On 2020-07-30 09:13, Thomas Petazzoni wrote:
> On Thu, 30 Jul 2020 00:17:28 +0200
> <mail at adrianschmutzler.de> wrote:
>> your dm-verity patchset is in our patchwork since November 2019 (v2).
>> Unfortunately, nobody seemed to be particularly interested in
>> reviewing/merging it.
>> Since I don't see a reason why this should change in another 8
>> months, I'm going to finally mark it as Rejected now. After all, our
>> resources are limited.
Isn't there some deferred or other state that better expresses the
>> I'm sorry, and although I fear a similar fate will hit the SELinux
>> effort, I still hope you will not feel repelled and continue to
>> contribute to OpenWrt in the future.
> This is overall quite unfortunate. Initially, I have done this work for
> a customer that was using an old vendor-modified OpenWrt version.
> Instead of doing like most companies do: simply hack the old
> vendor-modified OpenWrt and keep the changes private, I instead took an
> upstream compatible approach: I did all my development on the latest
> OpenWrt upstream, submitted it to the community, and only then
> backported it to my customer vendor-specific OpenWrt.
> It is therefore quite sad that despite this intention of being a good
> open-source citizen and try to do the "right" thing, OpenWrt as an
> upstream project is not interested. Such security features are more and
> more commonly needed, and it will at some point be a problem for
> OpenWrt to not have such features supported.
This is another reason why OpenWRT IMHO should become a Yocto layer (or
set of layers preferably). It would relief the OpenWRT community from
maintaining a lot of generic infrastructure and open source packages.
Freeing up their resources to work on what distinguishes OpenWRT from a
generic Linux distribution.
Things like dm-verity and SELinux for smaller and targeted embedded
devices could than be picked up by the much larger Yocto community and
become available for OpenWRT almost for free or there would be at least
the benefit of the main infrastructure being there.
FYI: there is already such a layer
(https://github.com/kraj/meta-openwrt), but still very limited.
> Best regards,
> Thomas Petazzoni
More information about the openwrt-devel