[OE-core] [meta-oe][PATCH V2] cpio: add ptest.

[Yan Xin Kuan]

From: yanxk 

add ptest function for oss 'cpio'.

this test takes less than 1 second with
kvm enabled, so it is a fast test.

autotest files would contain TMPDIR, they are
removed from script files atconfig and atlocal.

Signed-off-by: yanxk 
---
 .../distro/include/ptest-packagelists.inc |  1 +
 .../recipes-extended/cpio/cpio-2.13/run-ptest | 10 +
 meta/recipes-extended/cpio/cpio_2.13.bb   | 22 ++-
 3 files changed, 32 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-extended/cpio/cpio-2.13/run-ptest

diff --git a/meta/conf/distro/include/ptest-packagelists.inc 
b/meta/conf/distro/include/ptest-packagelists.inc
index 5422ecd378..0681b4b7a2 100644
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -12,6 +12,7 @@ PTESTS_FAST = "\
 bc-ptest \
 bluez5-ptest \
 busybox-ptest \
+cpio-ptest \
 diffstat-ptest \
 diffutils-ptest \
 ethtool-ptest \
diff --git a/meta/recipes-extended/cpio/cpio-2.13/run-ptest 
b/meta/recipes-extended/cpio/cpio-2.13/run-ptest
new file mode 100644
index 00..bdac7259c1
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/run-ptest
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Define cpio test work dir
+WORKDIR=/usr/lib/cpio/ptest/tests/
+
+# Run test
+cd ${WORKDIR}
+./atconfig ./atlocal ./testsuite
+
+./testsuite 2>&1 | grep -E '[0-9]{1,3}: ' | sed -e 's/^.//' -e 
'/[ok]$/s/^/PASS: /;/FAILED (.*)/s/^/FAIL: /;/skipped (.*)/s/^/SKIP: 
/;/expected failure/ s/^/PASS: /;/UNEXPECTED PASS/s/^/FAIL: /' -e 's/ok$//g' -e 
's/FAILED.*//g' -e 's/skipped.*//g' -e 's/expected failure.*//g' -e 
's/UNEXPECTED PASS.*//g'
diff --git a/meta/recipes-extended/cpio/cpio_2.13.bb 
b/meta/recipes-extended/cpio/cpio_2.13.bb
index eb3dc138a9..7a3c8b308b 100644
--- a/meta/recipes-extended/cpio/cpio_2.13.bb
+++ b/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -12,12 +12,13 @@ SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
file://0001-obstack-Fix-a-clang-warning.patch \
file://CVE-2021-38185.patch \
file://0001-Use-__alignof__-with-clang.patch \
+   file://run-ptest \
"
 
 SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810"
 SRC_URI[sha256sum] = 
"e87470d9c984317f658567c03bfefb6b0c829ff17dbf6b0de48d71a4c8f3db88"
 
-inherit autotools gettext texinfo
+inherit autotools gettext texinfo ptest
 
 # Issue applies to use of cpio in SUSE/OBS, doesn't apply to us
 CVE_CHECK_IGNORE += "CVE-2010-4226"
@@ -38,6 +39,25 @@ do_install () {
 mv "${D}${mandir}/man8/rmt.8" "${D}${mandir}/man8/rmt-cpio.8"
 }
 
+do_compile_ptest() {
+oe_runmake -C ${B}/gnu/ check
+oe_runmake -C ${B}/lib/ check
+oe_runmake -C ${B}/rmt/ check
+oe_runmake -C ${B}/src/ check
+oe_runmake -C ${B}/tests/ genfile
+}
+
+do_install_ptest() {
+install -d ${D}${PTEST_PATH}/tests/
+sed -i "/abs_/d" ${B}/tests/atconfig
+install --mode=755 ${B}/tests/atconfig ${D}${PTEST_PATH}/tests/
+sed -i "s%${B}/tests:%%g" ${B}/tests/atlocal
+sed -i "s%${B}/src:%%g" ${B}/tests/atlocal
+install --mode=755 ${B}/tests/atlocal ${D}${PTEST_PATH}/tests/
+install --mode=755 ${B}/tests/genfile ${D}${PTEST_PATH}/tests/
+install --mode=755 ${S}/tests/testsuite ${D}${PTEST_PATH}/tests/
+}
+
 PACKAGES =+ "${PN}-rmt"
 
 FILES:${PN}-rmt = "${sbindir}/rmt*"
-- 
2.25.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176917): 
https://lists.openembedded.org/g/openembedded-core/message/176917
Mute This Topic: https://lists.openembedded.org/mt/96848761/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] Qemu doesn't respond while logging in for the Rust Oe-Selftest implementation.

[Shinde, Yash]

I got the following error while logging in to qemu for Rust Oe-Selftest for x86 
target:

2023-02-07 04:09:21,688 - oe-selftest - INFO - Traceback (most recent call 
last):

  File 
"/ala-lpggp31/yshinde/rust-oe/poky/meta/lib/oeqa/selftest/cases/rust.py", line 
29, in test_rust
ssh.copy_to(builddir + "/" + 
"build/x86_64-unknown-linux-gnu/stage1-tools-bin/remote-test-server","~/")
  File "/ala-lpggp31/yshinde/rust-oe/poky/meta/lib/oeqa/utils/sshcontrol.py", 
line 156, in copy_to
return self._internal_run(command, ignore_status=False)
  File "/ala-lpggp31/yshinde/rust-oe/poky/meta/lib/oeqa/utils/sshcontrol.py", 
line 132, in _internal_run
raise AssertionError("Command '%s' returned non-zero exit status %d:\n%s" % 
(command, status, output))
AssertionError: Command '['scp', '-o', 'UserKnownHostsFile=/dev/null', '-o', 
'StrictHostKeyChecking=no', '-o', 'LogLevel=ERROR', 
'/ala-lpggp31/yshinde/rust-oe/poky/build-st/tmp/work/core2-32-poky-linux/rust/1.67.0-r0/rustc-1.67.0-src/build/x86_64-unknown-linux-gnu/stage1-tools-bin/remote-test-server',
 'root@192.168.7.2:~/']' returned non-zero exit status 1:
b'ssh: connect to host 192.168.7.2 port 22: Connection refused\r\nlost 
connection'

runqemu - INFO - Host uptime: 4269209.76

Waiting at most 1000 seconds for login banner (02/07/23 04:06:35)
Connection from 127.0.0.1:55320
Reached login banner in 46.25083827972412 seconds (02/07/23 04:07:21, 
1675771641.4426777)
Couldn't login into serial console as root using blank password

The output:
Poky (Yocto Project Reference Distro) 
4.1+snapshot-edb60ef6fd49764174d140ccae04fca65db131e0 qemux86 /dev/ttyS1
qemux86 login: <<< run_serial(): command timed out after 120 seconds without 
output >>>


The Rust Oe-selftest terminates after this and it happens only with the x86 
target. Any particular reason for this behaviour? I have attached 
oe-selftest-results (complete log file) of the Rust oe-selftest.
While analysing, I found a topic related to this in oe-core-
https://lists.openembedded.org/g/openembedded-core/topic/82536316
What is the final conclusion or fix here? (I am a bit confused here.)

The patch for Rust Oe-Selftest implementation can be found here:
https://lists.openembedded.org/g/openembedded-core/topic/93454351

Let me know if I am missing anything.


Regards,
Yash



oe-selftest-results
Description: oe-selftest-results

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176916): 
https://lists.openembedded.org/g/openembedded-core/message/176916
Mute This Topic: https://lists.openembedded.org/mt/96848446/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] Yocto Bug 14965 - Need info on rmeta hash

[Alex Kiernan]

Hi Sundeep

Not sure I can really help - at best I'm a novice rust user (albeit
with a team who are writing rust).

Looking at the source for rmeta generation
(https://github.com/rust-lang/rust/tree/master/compiler/rustc_metadata/src/rmeta)
it looks like it's really just a dump of internal state. So I'd expect
pretty much anything can cause it to change - running strings over a
couple of files I have here I see things like the compiler triple in
there and the paths to source files.

Given we're seeing this in libstd-rs, I wonder if this is really an
issue with how we're building libstd-rs - as far as I can tell the
(current) supported way to build it is as part of the whole compiler
build. Looking at the arch build by comparison its all in one pass,
albeit with no need for separate native/target complications:

https://github.com/archlinux/svntogit-packages/blob/packages/rust/trunk/PKGBUILD

Though I don't know how you'd fit that into our world.

On Tue, Feb 7, 2023 at 4:58 PM  wrote:
>
> Hello Alex,
>
>
>
> I am working on Yocto bug 14965. There is a build failure happening during 
> rust build because of 2 rmeta files with different hashes are generated.
>
>
>
> I found that the changes with below commit id causing the 2nd rmeta file 
> (libcore-c5fc82c620226960.rmeta) generation.
>
> e33afcd0dc rust-common.bbclass: use built-in rust targets for -native builds
>
>
>
> I am trying to find the changes in build which causing the generation of 2nd 
> rmeta with different hash. I gave 2 builds by with & without e33afcd0dc 
> commit changes.
>
> I checked the sigdata of librsvg & libstd-rs in both builds and those are 
> identical.
> The dependency files 
> (../build/tmp/work/core2-64-poky-linux/librsvg/2.54.5-r0/build/target/release/deps/*.d)
>  also analysed and the shown differences are only the changed hash value (did 
> not get any info on what is causing this change).
> But, some interesting changes I observed in '.rustc_info.json' which are 
> related to e33afcd0dc commit. In this json file,
>
> 'host' tag changed from 'x86_64-linux-gnu' -> 'x86_64-unknown-linux-gnu',
> an extra 'target_feature=\"fxsr\' is added, and
> ‘rustc_fingerprint’ has different values between 2 builds.
>
> Since you know much about rust, can you let me know is there any way I can 
> check which exact changes are causing the hash to be changed? also, are the 
> above changes in json file will cause hash to be changed?
>
>
>
>
>
> Thanks,
>
> Sundeep K.
>
>



-- 
Alex Kiernan

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176915): 
https://lists.openembedded.org/g/openembedded-core/message/176915
Mute This Topic: https://lists.openembedded.org/mt/96811314/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH] sstatesig: Improve output hash calculation

[Mateusz Marciniec]

From: Mateusz Marciniec 

Symbolic links to the files are included during the output hash
calculation but symlinks to the directories are missed.
So if the new symlink to a directory was the only change made,
then the output hash won't change,
and the Hash Equivalence server may change unihash.
In the next run bitbake may use an older package from sstate-cache.

To fix this followlinks=True flag could be set for os.walk
but it can lead to infinite recursion if link points
to a parent directory of itself.
Also, all files from a directory to which symlink points
would be included in depsig file.
Therefore another solution was applied, I added code that will loop
through directories and process those that are symlinks.

Signed-off-by: Mateusz Marciniec 
Signed-off-by: Tomasz Dziendzielski 
---
 meta/lib/oe/sstatesig.py | 5 +
 1 file changed, 5 insertions(+)

diff --git a/meta/lib/oe/sstatesig.py b/meta/lib/oe/sstatesig.py
index f0224454c9..a5bc030f58 100644
--- a/meta/lib/oe/sstatesig.py
+++ b/meta/lib/oe/sstatesig.py
@@ -652,6 +652,11 @@ def OEOuthashBasic(path, sigfile, task, d):
 if f == 'fixmepath':
 continue
 process(os.path.join(root, f))
+
+for d in dirs:
+if not os.path.islink(os.path.join(root, d)):
+continue
+process(os.path.join(root, d))
 finally:
 os.chdir(prev_dir)
 
-- 
2.39.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176914): 
https://lists.openembedded.org/g/openembedded-core/message/176914
Mute This Topic: https://lists.openembedded.org/mt/96843095/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] devshell.bbclass: Do not add scripts/git-intercept to PATH

[Peter Kjellerstedt]

The use of scripts/git-intercept was introduced in commit 3266c327df
(install/devshell: Introduce git intercept script due to fakeroot
issues) and later reverted in commit af27c81eaf (scripts: Make git
intercept global).

Signed-off-by: Peter Kjellerstedt 
---
 meta/classes-global/devshell.bbclass | 2 --
 1 file changed, 2 deletions(-)

diff --git a/meta/classes-global/devshell.bbclass 
b/meta/classes-global/devshell.bbclass
index 03af56b7a2..4c23049cf0 100644
--- a/meta/classes-global/devshell.bbclass
+++ b/meta/classes-global/devshell.bbclass
@@ -8,8 +8,6 @@ inherit terminal
 
 DEVSHELL = "${SHELL}"
 
-PATH:prepend:task-devshell = "${COREBASE}/scripts/git-intercept:"
-
 python do_devshell () {
 if d.getVarFlag("do_devshell", "manualfakeroot"):
d.prependVar("DEVSHELL", "pseudo ")

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176913): 
https://lists.openembedded.org/g/openembedded-core/message/176913
Mute This Topic: https://lists.openembedded.org/mt/96842705/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] wic/plugins/source/bootimg-efi: Configure installation of

[Luca Ceresoli via lists.openembedded.org]

Hi Kareem,

On Tue,  7 Feb 2023 20:03:04 +0100
"Kareem Zarka"  wrote:

> The issue with installing the kernel image to both rootfs
> and boot partition is that some systems rely on the kernel image in
> rootfs and not in the boot partition.
> This leads to duplication of the kernel image, which can cause
> unnecessary storage usage.
> 
> This patch provides a solution to the problem by adding a new parameter
> "install-kernel-into-boot-dir" to the wic kickstart file.
> If this parameter is set to 'true', the plugin will install the
> kernel image to the boot partition. If the parameter is set to 'false',
> the plugin will skip installing the kernel image, avoiding duplication.
> 
> Tests for this functionality will be added in the next patch.
> 
> Signed-off-by: Kareem Zarka 

I think your subject line is missing something: "Configure installation
of.. what?"

About the content, testing on the autobuilders with these patches
revealed this error:

AssertionError: Command 'wic cp 
/home/pokybuild/yocto-worker/oe-selftest-armhost/build/build-st-3401455/wic-tmp/tmp7rdi3u6g-202302081514-sda.direct:1
 /tmp/tmpenbv64e3' returned non-zero exit status 1:
ERROR: Can't find executable 'mcopy'

Can you check that?

Here are some logs:

https://autobuilder.yoctoproject.org/typhoon/#/builders/127/builds/929/steps/14/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/80/builds/4726/steps/14/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/86/builds/4778/steps/14/logs/stdio

Best regards,
-- 
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176912): 
https://lists.openembedded.org/g/openembedded-core/message/176912
Mute This Topic: https://lists.openembedded.org/mt/96814230/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [oe-core][PATCHv3] wic-imager-direct.py: use fstab update also for root device

[Markus Volk]

Hello Luca,

unfortunately I still have a qemu issue if running this test but I had 
a look at the files it creates and the entry for the root partition in 
/etc/fstab looks like this:


/dev/root/auto   ro  1 
0


Reasonable because it wants to check for read-only filesystem

if using the fstab-update this would be replaced by the default:

/dev/root   /   ext4defaults1   1

This is rw and i guess thats what makes the test fail.

Following this theory it should be a valid fix to just not use the 
fstab update here ?


diff --git a/meta/lib/oeqa/selftest/cases/overlayfs.py 
b/meta/lib/oeqa/selftest/cases/overlayfs.py

index dfd9f1486d..9b1538a16b 100644
--- a/meta/lib/oeqa/selftest/cases/overlayfs.py
+++ b/meta/lib/oeqa/selftest/cases/overlayfs.py
@@ -438,6 +438,7 @@ OVERLAYFS_ETC_DEVICE = "/dev/sda3"
configLower = """
OVERLAYFS_ETC_EXPOSE_LOWER = "1"
IMAGE_INSTALL:append = " overlayfs-user"
+WIC_CREATE_EXTRA_ARGS = "--no-fstab-update"
"""
testFile = "lower-layer-test.txt"



Am Mi, 8. Feb 2023 um 13:49:50 +0100 schrieb Luca Ceresoli via 
lists.openembedded.org 
:

Hello Markus,

On Tue,  7 Feb 2023 13:44:56 +0100
"Markus Volk" mailto:f_...@t-online.de>> wrote:

 wic imager is able to add entries for the partitions to fstab. This 
patch also
 creates an entry for the root device, which was previously ignored. 
The root

 device entry can now optionally be uuid or label based.

 The stock fstab file provided by base-files.bb already contains an 
entry for the
 root device. To avoid a duplicate entry in fstab, this  '/dev/root' 
line is removed

 during the fstab update.

 The default /dev/root entry in base-files adds the value '1' for 
dump and passno. Add an
 argument to set dump, which formerly has been hardcoded to '0'. 
Like this we can provide the

 same settings if using the fstab_update.

 The result looks something like this:

 proc /proc proc defaults 0 0
 devpts /dev/pts devpts mode=0620,ptmxmode=0666,gid=5 0 0
 tmpfs /run tmpfs mode=0755,nodev,nosuid,strictatime 0 0
 tmpfs /var/volatile tmpfs defaults 0 0

 UUID=055A-69B5 /boot vfat defaults 0 0
 UUID=0eb2df23-3638-4bbf-b045-9a425cb45954 / ext4 defaults 1 1

 If neither '--on-disk' nor '--use-label' nor '--use-uuid' are set 
in the wks file, wic falls
 back to '/dev/sda' as the default device entry, which may or may 
not be valid.
 Avoid starting to guess if we don't know anything and just skip the 
partition in that case,
 except for the root partition where we add back '/dev/root' as a 
reasonable default,

 because we can rely on it in the yocto/oe environment.

 The result is now like this:

 proc /procproc   defaults   
   0  0
 devpts   /dev/pts devpts 
mode=0620,ptmxmode=0666,gid=5  0  0
 tmpfs/run tmpfs  
mode=0755,nodev,nosuid,strictatime 0  0
 tmpfs/var/volatiletmpfs  defaults   
   0  0


 /dev/root  /   ext4defaults1   1

 Signed-off-by: Markus Volk >


This patch is failing on the autobuilders:

  AssertionError: False is not true : /dev/sda2 on / type ext4 
(rw,relatime)


and also this, even though I'm not sure how it relates to your 
changes:


  AssertionError: None is not true : diff: can't stat 
'/data/overlay-etc/lower/lower-layer-test.txt': No such file or 
directory


Logs:




--
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com 






-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176911): 
https://lists.openembedded.org/g/openembedded-core/message/176911
Mute This Topic: https://lists.openembedded.org/mt/96806003/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [oe][meta-networking][PATCH 1/1] net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception

[Narpat Mali]

Sorry, by mistake sent to OE-core.

Regards,
Narpat

From: Narpat Mali
Sent: 08 February 2023 23:00
To: 
openembedded-core@lists.openembedded.org
Cc: Polampalli, Archana; G Pillai, 
Hari; Mali, 
Narpat
Subject: [oe][meta-networking][PATCH 1/1] net-snmp: CVE-2022-44792 & 
CVE-2022-44793 Fix NULL Pointer Exception

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-44792
https://nvd.nist.gov/vuln/detail/CVE-2022-44793

Signed-off-by: Narpat Mali 
---
 .../CVE-2022-44792-CVE-2022-44793.patch   | 121 ++
 .../net-snmp/net-snmp_5.9.3.bb|   1 +
 2 files changed, 122 insertions(+)
 create mode 100644 
meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch

diff --git 
a/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
 
b/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
new file mode 100644
index 0..b18d4dc29
--- /dev/null
+++ 
b/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
@@ -0,0 +1,121 @@
+From d13302656d9ff0807c5defe18623adc947f43a2b Mon Sep 17 00:00:00 2001
+From: Narpat Mali 
+Date: Wed, 8 Feb 2023 13:15:39 +
+Subject: [PATCH] agent: Disallow SET requests with any NULL varbind Merge pull
+ request #490 from fenner/set-null
+
+fixes: #474 and #475
+
+CVE: CVE-2022-44792, CVE-2022-44793
+
+Upstream-Status: Backport 
[https://github.com/net-snmp/net-snmp/commit/be804106fd0771a7d05236cff36e199af077af57]
+
+Signed-off-by: Narpat Mali 
+---
+ agent/snmp_agent.c| 32 +++
+ apps/snmpset.c|  1 +
+ .../default/T0142snmpv2csetnull_simple| 31 ++
+ 3 files changed, 64 insertions(+)
+ create mode 100644 testing/fulltests/default/T0142snmpv2csetnull_simple
+
+diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c
+index 867d0c1..3f678fe 100644
+--- a/agent/snmp_agent.c
 b/agent/snmp_agent.c
+@@ -3719,12 +3719,44 @@ netsnmp_handle_request(netsnmp_agent_session *asp, int 
status)
+ return 1;
+ }
+
++static int
++check_set_pdu_for_null_varbind(netsnmp_agent_session *asp)
++{
++int i;
++netsnmp_variable_list *v = NULL;
++
++for (i = 1, v = asp->pdu->variables; v != NULL; i++, v = 
v->next_variable) {
++  if (v->type == ASN_NULL) {
++  /*
++   * Protect SET implementations that do not protect themselves
++   * against wrong type.
++   */
++  DEBUGMSGTL(("snmp_agent", "disallowing SET with NULL var for 
varbind %d\n", i));
++  asp->index = i;
++  return SNMP_ERR_WRONGTYPE;
++  }
++}
++return SNMP_ERR_NOERROR;
++}
++
+ int
+ handle_pdu(netsnmp_agent_session *asp)
+ {
+ int status, inclusives = 0;
+ netsnmp_variable_list *v = NULL;
+
++#ifndef NETSNMP_NO_WRITE_SUPPORT
++/*
++ * Check for ASN_NULL in SET request
++ */
++if (asp->pdu->command == SNMP_MSG_SET) {
++  status = check_set_pdu_for_null_varbind(asp);
++  if (status != SNMP_ERR_NOERROR) {
++  return status;
++  }
++}
++#endif /* NETSNMP_NO_WRITE_SUPPORT */
++
+ /*
+  * for illegal requests, mark all nodes as ASN_NULL
+  */
+diff --git a/apps/snmpset.c b/apps/snmpset.c
+index 48e14bd..d542713 100644
+--- a/apps/snmpset.c
 b/apps/snmpset.c
+@@ -182,6 +182,7 @@ main(int argc, char *argv[])
+ case 'x':
+ case 'd':
+ case 'b':
++case 'n': /* undocumented */
+ #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES
+ case 'I':
+ case 'U':
+diff --git a/testing/fulltests/default/T0142snmpv2csetnull_simple 
b/testing/fulltests/default/T0142snmpv2csetnull_simple
+new file mode 100644
+index 000..0f1b8f3
+--- /dev/null
 b/testing/fulltests/default/T0142snmpv2csetnull_simple
+@@ -0,0 +1,31 @@
++#!/bin/sh
++
++. ../support/simple_eval_tools.sh
++
++HEADER SNMPv2c set of system.sysContact.0 with NULL varbind
++
++SKIPIF NETSNMP_DISABLE_SET_SUPPORT
++SKIPIF NETSNMP_NO_WRITE_SUPPORT
++SKIPIF NETSNMP_DISABLE_SNMPV2C
++SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE
++
++#
++# Begin test
++#
++
++# standard V2C configuration: testcomunnity
++snmp_write_access='all'
++. ./Sv2cconfig
++STARTAGENT
++
++CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c 
$SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0"
++
++CHECK ".1.3.6.1.2.1.1.4.0 = STRING:"
++
++CAPTURE "snmpset -On $SNMP_FLAGS -c testcommunity -v 2c 
$SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 n x"
++
++CHECK "Reason: wrongType"
++
++STOPAGENT
++
++FINISHED
+--
+2.34.1
+
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb 
b/meta-networking/recipes-protocol

[OE-core] [oe][meta-networking][PATCH 1/1] net-snmp: CVE-2022-44792 & CVE-2022-44793 Fix NULL Pointer Exception

[Narpat Mali]

References:
https://nvd.nist.gov/vuln/detail/CVE-2022-44792
https://nvd.nist.gov/vuln/detail/CVE-2022-44793

Signed-off-by: Narpat Mali 
---
 .../CVE-2022-44792-CVE-2022-44793.patch   | 121 ++
 .../net-snmp/net-snmp_5.9.3.bb|   1 +
 2 files changed, 122 insertions(+)
 create mode 100644 
meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch

diff --git 
a/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
 
b/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
new file mode 100644
index 0..b18d4dc29
--- /dev/null
+++ 
b/meta-networking/recipes-protocols/net-snmp/net-snmp/CVE-2022-44792-CVE-2022-44793.patch
@@ -0,0 +1,121 @@
+From d13302656d9ff0807c5defe18623adc947f43a2b Mon Sep 17 00:00:00 2001
+From: Narpat Mali 
+Date: Wed, 8 Feb 2023 13:15:39 +
+Subject: [PATCH] agent: Disallow SET requests with any NULL varbind Merge pull
+ request #490 from fenner/set-null
+
+fixes: #474 and #475
+
+CVE: CVE-2022-44792, CVE-2022-44793
+
+Upstream-Status: Backport 
[https://github.com/net-snmp/net-snmp/commit/be804106fd0771a7d05236cff36e199af077af57]
+
+Signed-off-by: Narpat Mali 
+---
+ agent/snmp_agent.c| 32 +++
+ apps/snmpset.c|  1 +
+ .../default/T0142snmpv2csetnull_simple| 31 ++
+ 3 files changed, 64 insertions(+)
+ create mode 100644 testing/fulltests/default/T0142snmpv2csetnull_simple
+
+diff --git a/agent/snmp_agent.c b/agent/snmp_agent.c
+index 867d0c1..3f678fe 100644
+--- a/agent/snmp_agent.c
 b/agent/snmp_agent.c
+@@ -3719,12 +3719,44 @@ netsnmp_handle_request(netsnmp_agent_session *asp, int 
status)
+ return 1;
+ }
+ 
++static int
++check_set_pdu_for_null_varbind(netsnmp_agent_session *asp)
++{
++int i;
++netsnmp_variable_list *v = NULL;
++
++for (i = 1, v = asp->pdu->variables; v != NULL; i++, v = 
v->next_variable) {
++  if (v->type == ASN_NULL) {
++  /*
++   * Protect SET implementations that do not protect themselves
++   * against wrong type.
++   */
++  DEBUGMSGTL(("snmp_agent", "disallowing SET with NULL var for 
varbind %d\n", i));
++  asp->index = i;
++  return SNMP_ERR_WRONGTYPE;
++  }
++}
++return SNMP_ERR_NOERROR;
++}
++
+ int
+ handle_pdu(netsnmp_agent_session *asp)
+ {
+ int status, inclusives = 0;
+ netsnmp_variable_list *v = NULL;
+ 
++#ifndef NETSNMP_NO_WRITE_SUPPORT
++/*
++ * Check for ASN_NULL in SET request
++ */
++if (asp->pdu->command == SNMP_MSG_SET) {
++  status = check_set_pdu_for_null_varbind(asp);
++  if (status != SNMP_ERR_NOERROR) {
++  return status;
++  }
++}
++#endif /* NETSNMP_NO_WRITE_SUPPORT */
++
+ /*
+  * for illegal requests, mark all nodes as ASN_NULL 
+  */
+diff --git a/apps/snmpset.c b/apps/snmpset.c
+index 48e14bd..d542713 100644
+--- a/apps/snmpset.c
 b/apps/snmpset.c
+@@ -182,6 +182,7 @@ main(int argc, char *argv[])
+ case 'x':
+ case 'd':
+ case 'b':
++case 'n': /* undocumented */
+ #ifdef NETSNMP_WITH_OPAQUE_SPECIAL_TYPES
+ case 'I':
+ case 'U':
+diff --git a/testing/fulltests/default/T0142snmpv2csetnull_simple 
b/testing/fulltests/default/T0142snmpv2csetnull_simple
+new file mode 100644
+index 000..0f1b8f3
+--- /dev/null
 b/testing/fulltests/default/T0142snmpv2csetnull_simple
+@@ -0,0 +1,31 @@
++#!/bin/sh
++
++. ../support/simple_eval_tools.sh
++
++HEADER SNMPv2c set of system.sysContact.0 with NULL varbind
++
++SKIPIF NETSNMP_DISABLE_SET_SUPPORT
++SKIPIF NETSNMP_NO_WRITE_SUPPORT
++SKIPIF NETSNMP_DISABLE_SNMPV2C
++SKIPIFNOT USING_MIBII_SYSTEM_MIB_MODULE
++
++#
++# Begin test
++#
++
++# standard V2C configuration: testcomunnity
++snmp_write_access='all'
++. ./Sv2cconfig
++STARTAGENT
++
++CAPTURE "snmpget -On $SNMP_FLAGS -c testcommunity -v 2c 
$SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0"
++
++CHECK ".1.3.6.1.2.1.1.4.0 = STRING:"
++
++CAPTURE "snmpset -On $SNMP_FLAGS -c testcommunity -v 2c 
$SNMP_TRANSPORT_SPEC:$SNMP_TEST_DEST$SNMP_SNMPD_PORT .1.3.6.1.2.1.1.4.0 n x"
++
++CHECK "Reason: wrongType"
++
++STOPAGENT
++
++FINISHED
+-- 
+2.34.1
+
diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb 
b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb
index 78d711fbf..f40fb8bbd 100644
--- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb
+++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb
@@ -27,6 +27,7 @@ SRC_URI = 
"${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \
file://reproducibility-have-printcap.patch \

file://0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch \
file://0001-Add-noreturn-attribute-to-netsnmp_pci_error.patch \
+   

[OE-core] [PATCH] lttng-tools: Update LFS64 patch with upstream feedback

[Khem Raj]

See https://review.lttng.org/c/lttng-tools/+/9268

Signed-off-by: Khem Raj 
---
 ...pat-Define-off64_t-as-off_t-on-linux.patch | 26 ++-
 1 file changed, 14 insertions(+), 12 deletions(-)

diff --git 
a/meta/recipes-kernel/lttng/lttng-tools/0001-compat-Define-off64_t-as-off_t-on-linux.patch
 
b/meta/recipes-kernel/lttng/lttng-tools/0001-compat-Define-off64_t-as-off_t-on-linux.patch
index ef81703bc3..4e21d1e9f1 100644
--- 
a/meta/recipes-kernel/lttng/lttng-tools/0001-compat-Define-off64_t-as-off_t-on-linux.patch
+++ 
b/meta/recipes-kernel/lttng/lttng-tools/0001-compat-Define-off64_t-as-off_t-on-linux.patch
@@ -22,7 +22,14 @@ Change-Id: If2c6007a8c85bc3f3065002af8a7538b882fb4a8
 
 --- a/src/common/compat/compat-fcntl.c
 +++ b/src/common/compat/compat-fcntl.c
-@@ -13,7 +13,7 @@
+@@ -8,14 +8,17 @@
+ #define _LGPL_SOURCE
+ #include 
+ #include 
++#include 
++#include 
+ #include 
+ 
  #ifdef __linux__
  
  LTTNG_HIDDEN
@@ -30,25 +37,20 @@ Change-Id: If2c6007a8c85bc3f3065002af8a7538b882fb4a8
 +int compat_sync_file_range(int fd, off_t offset, off_t nbytes,
unsigned int flags)
  {
++  LTTNG_BUILD_BUG_ON(sizeof(off_t) != sizeof(int64_t));
  #ifdef HAVE_SYNC_FILE_RANGE
+   return sync_file_range(fd, offset, nbytes, flags);
+ #else
 --- a/src/common/compat/fcntl.h
 +++ b/src/common/compat/fcntl.h
-@@ -8,21 +8,21 @@
- #ifndef _COMPAT_FCNTL_H
- #define _COMPAT_FCNTL_H
- 
-+#include 
- #include 
- #include 
+@@ -13,16 +13,12 @@
  
  #include 
  
 -#if (defined(__CYGWIN__))
 -typedef long long off64_t;
 -#endif
-+static_assert(sizeof(off_t) == sizeof(int64_t),
-+"Build system is misconfigured, off_t must be 64-bit wide");
- 
+-
  #if (defined(__FreeBSD__) || defined(__sun__))
  typedef off64_t loff_t;
  #endif
@@ -59,7 +61,7 @@ Change-Id: If2c6007a8c85bc3f3065002af8a7538b882fb4a8
unsigned int flags);
  #define lttng_sync_file_range(fd, offset, nbytes, flags) \
compat_sync_file_range(fd, offset, nbytes, flags)
-@@ -37,8 +37,8 @@ extern int compat_sync_file_range(int fd
+@@ -37,8 +33,8 @@ extern int compat_sync_file_range(int fd
  #define SYNC_FILE_RANGE_WAIT_BEFORE   0
  #define SYNC_FILE_RANGE_WRITE 0
  
-- 
2.39.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176908): 
https://lists.openembedded.org/g/openembedded-core/message/176908
Mute This Topic: https://lists.openembedded.org/mt/96834188/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][dunfell 00/27] Pull request (cover letter only)

[Steve Sakoman]

The following changes since commit db81e3c7e7f1d4d9eba52ac35ac97627d0240b63:

  build-appliance-image: Update to dunfell head revision (2023-01-13 18:11:40 
+)

are available in the Git repository at:

  https://git.openembedded.org/openembedded-core-contrib stable/dunfell-next
  
http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-next

Alexander Kanavin (2):
  linux-firmware: upgrade 20221109 -> 20221214
  selftest/virgl: use pkg-config from the host

Benoît Mauduit (1):
  lib/oe/reproducible: Use git log without gpg signature

Bhabu Bindu (1):
  ffmpeg: Fix CVE-2022-3109

Bruce Ashfield (2):
  linux-yocto/5.4: update to v5.4.229
  linux-yocto/5.4: update to v5.4.230

Hitendra Prajapati (1):
  xserver-xorg: Fix Multiple CVEs

Jan Kircher (1):
  toolchain-scripts: compatibility with unbound variable protection

Jermain Horsman (1):
  cve-check: write the cve manifest to IMGDEPLOYDIR

Khem Raj (1):
  libtirpc: Check if file exists before operating on it

Marta Rybczynska (1):
  cve-update-db-native: avoid incomplete updates

Niko Mauno (2):
  systemd: Consider PACKAGECONFIG in RRECOMMENDS
  Fix missing leading whitespace with ':append'

Quentin Schulz (1):
  cairo: fix CVE patches assigned wrong CVE number

Randy MacLeod (1):
  vim: upgrade 9.0.0947 -> 9.0.1211

Ranjitsinh Rathod (1):
  libsdl2: Add fix for CVE-2022-4743

Ross Burton (2):
  cve-update-db-native: add more logging when fetching
  cve-update-db-native: show IP on failure

Steve Sakoman (5):
  python3: fix packaging of Windows distutils installer stubs
  lttng-modules: update 2.11.6 -> 2.11.7
  lttng-modules: update 2.11.7 -> 2.11.8
  lttng-modules: update 2.11.8 -> 2.11.9
  lttng-modules: fix build with 5.4.229 kernel

Thomas Roos (1):
  devtool: fix devtool finish when gitmodules file is empty

Vivek Kumbhar (1):
  go: fix CVE-2022-1962 go/parser stack exhaustion in all Parse*
functions

Xiaobing Luo (1):
  devtool: Fix _copy_file() TypeError

jan (1):
  cve-update-db-native: Allow to overrule the URL in a bbappend.

 meta/classes/cve-check.bbclass|   6 +-
 meta/classes/externalsrc.bbclass  |   2 +-
 meta/classes/populate_sdk_ext.bbclass |   2 +-
 meta/classes/toolchain-scripts.bbclass|   2 +-
 meta/lib/oe/reproducible.py   |   3 +-
 meta/lib/oeqa/selftest/cases/runtime_test.py  |   2 +-
 .../recipes-core/meta/cve-update-db-native.bb |  97 +++--
 meta/recipes-core/systemd/systemd_244.5.bb|   4 +-
 meta/recipes-devtools/go/go-1.14.inc  |   1 +
 .../go/go-1.14/CVE-2022-1962.patch| 357 ++
 .../python/python3/python3-manifest.json  |   4 +-
 .../libtirpc/libtirpc_1.2.6.bb|   2 +-
 .../cairo/cairo/CVE-2019-6461.patch   |  46 +--
 .../cairo/cairo/CVE-2019-6462.patch   |  46 ++-
 .../libsdl2/libsdl2/CVE-2022-4743.patch   |  38 ++
 .../libsdl2/libsdl2_2.0.12.bb |   1 +
 .../xserver-xorg/CVE-2022-4283.patch  |  39 ++
 .../xserver-xorg/CVE-2022-46340.patch |  55 +++
 .../xserver-xorg/CVE-2022-46341.patch |  86 +
 .../xserver-xorg/CVE-2022-46342.patch |  78 
 .../xserver-xorg/CVE-2022-46343.patch |  51 +++
 .../xserver-xorg/CVE-2022-46344.patch |  75 
 .../xorg-xserver/xserver-xorg_1.20.14.bb  |   8 +-
 ...20221109.bb => linux-firmware_20221214.bb} |   4 +-
 .../linux/linux-yocto-rt_5.4.bb   |   6 +-
 .../linux/linux-yocto-tiny_5.4.bb |   8 +-
 meta/recipes-kernel/linux/linux-yocto_5.4.bb  |  22 +-
 ...ncpy-equals-destination-size-warning.patch |  42 ---
 ...jtool-Rename-frame.h-objtool.h-v5.10.patch |  88 -
 ...oints-output-proper-root-owner-for-t.patch | 316 
 ...rdered-extent-tracepoint-take-btrfs_.patch | 179 -
 ...ext4-fast-commit-recovery-path-v5.10.patch |  91 -
 ...intr-vectoring-info-and-error-code-t.patch | 124 --
 ...x86-mmu-Add-TDP-MMU-PF-handler-v5.10.patch |  82 
 ...Return-unique-RET_PF_-values-if-the-.patch |  71 
 ...int-Optimize-using-static_call-v5.10.patch | 155 
 ...-fix-include-order-for-older-kernels.patch |  31 --
 .../0011-Add-release-maintainer-script.patch  |  59 ---
 .../0012-Improve-the-release-script.patch | 173 -
 ...fix-ext4-fast-commit-recovery-path-v.patch |  32 --
 ...-fix-include-order-for-older-kernels.patch |  32 --
 ...fix-tracepoint-Optimize-using-static.patch |  46 ---
 ...ion-range-for-trace_find_free_extent.patch |  30 --
 ...ix-jbd2-use-the-correct-print-format.patch | 147 
 ...ules_2.11.6.bb => lttng-modules_2.11.9.bb} |  21 +-
 .../ffmpeg/ffmpeg/CVE-2022-3109.patch |  41 ++
 .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb |   1 +
 meta/recipes-support/vim/vim.inc  |   4 +-
 scripts/lib/devtool/standard.py   |   2 +-
 49 files changed, 1135 insertions(+), 1677 deletions(-)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2022-19

[OE-core][PATCH] systemd: add PACKAGECONFIG for pstore

[Jan Luebbe]

pstore is used to collect crash logs in the journal after a crash. As it
needs a correctly configured kernel, it's not always enabled. Add a
PACKAGECONFIG to enable it when needed.

Signed-off-by: Jan Luebbe 
---
 meta/recipes-core/systemd/systemd_252.4.bb | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-core/systemd/systemd_252.4.bb 
b/meta/recipes-core/systemd/systemd_252.4.bb
index e6c873f53be2..64a3efa1d413 100644
--- a/meta/recipes-core/systemd/systemd_252.4.bb
+++ b/meta/recipes-core/systemd/systemd_252.4.bb
@@ -185,6 +185,7 @@ PACKAGECONFIG[polkit] = "-Dpolkit=true,-Dpolkit=false"
 # hostname without acquiring additional privileges
 PACKAGECONFIG[polkit_hostnamed_fallback] = "dbus-broker,polkit"
 PACKAGECONFIG[portabled] = "-Dportabled=true,-Dportabled=false"
+PACKAGECONFIG[pstore] = "-Dpstore=true,-Dpstore=false"
 PACKAGECONFIG[qrencode] = "-Dqrencode=true,-Dqrencode=false,qrencode,,qrencode"
 PACKAGECONFIG[quotacheck] = "-Dquotacheck=true,-Dquotacheck=false"
 PACKAGECONFIG[randomseed] = "-Drandomseed=true,-Drandomseed=false"
-- 
2.30.2


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176906): 
https://lists.openembedded.org/g/openembedded-core/message/176906
Mute This Topic: https://lists.openembedded.org/mt/96829770/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [oe-core][PATCHv3] wic-imager-direct.py: use fstab update also for root device

[Luca Ceresoli via lists.openembedded.org]

Hello Markus,

On Tue,  7 Feb 2023 13:44:56 +0100
"Markus Volk"  wrote:

> wic imager is able to add entries for the partitions to fstab. This patch also
> creates an entry for the root device, which was previously ignored. The root
> device entry can now optionally be uuid or label based.
> 
> The stock fstab file provided by base-files.bb already contains an entry for 
> the
> root device. To avoid a duplicate entry in fstab, this  '/dev/root' line is 
> removed
> during the fstab update.
> 
> The default /dev/root entry in base-files adds the value '1' for dump and 
> passno. Add an
> argument to set dump, which formerly has been hardcoded to '0'. Like this we 
> can provide the
> same settings if using the fstab_update.
> 
> The result looks something like this:
> 
> proc /proc proc defaults 0 0
> devpts /dev/pts devpts mode=0620,ptmxmode=0666,gid=5 0 0
> tmpfs /run tmpfs mode=0755,nodev,nosuid,strictatime 0 0
> tmpfs /var/volatile tmpfs defaults 0 0
> 
> UUID=055A-69B5 /boot vfat defaults 0 0
> UUID=0eb2df23-3638-4bbf-b045-9a425cb45954 / ext4 defaults 1 1
> 
> If neither '--on-disk' nor '--use-label' nor '--use-uuid' are set in the wks 
> file, wic falls
> back to '/dev/sda' as the default device entry, which may or may not be valid.
> Avoid starting to guess if we don't know anything and just skip the partition 
> in that case,
> except for the root partition where we add back '/dev/root' as a reasonable 
> default,
> because we can rely on it in the yocto/oe environment.
> 
> The result is now like this:
> 
> proc /procproc   defaults  0  > 0
> devpts   /dev/pts devpts 
> mode=0620,ptmxmode=0666,gid=5  0  0
> tmpfs/run tmpfs  
> mode=0755,nodev,nosuid,strictatime 0  0
> tmpfs/var/volatiletmpfs  defaults  0  > 0
> 
> /dev/root /   ext4defaults1   1
> 
> Signed-off-by: Markus Volk 

This patch is failing on the autobuilders:

  AssertionError: False is not true : /dev/sda2 on / type ext4 (rw,relatime)

and also this, even though I'm not sure how it relates to your changes:

  AssertionError: None is not true : diff: can't stat 
'/data/overlay-etc/lower/lower-layer-test.txt': No such file or directory

Logs:

https://autobuilder.yoctoproject.org/typhoon/#/builders/79/builds/4780/steps/15/logs/stdio
https://autobuilder.yoctoproject.org/typhoon/#/builders/80/builds/4725/steps/14/logs/stdio

-- 
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176905): 
https://lists.openembedded.org/g/openembedded-core/message/176905
Mute This Topic: https://lists.openembedded.org/mt/96806003/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] wic/plugins/source/bootimg-efi: Skip installing kernel-image into boot.

[Kareem Zarka]

Dear Luca

Thank you for the reply .

Please check https://lists.openembedded.org/g/openembedded-core/message/176829 
when you have time.

Kindest regards .

Kareem Zarka

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176904): 
https://lists.openembedded.org/g/openembedded-core/message/176904
Mute This Topic: https://lists.openembedded.org/mt/96791012/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core][PATCH 2/3] systemd.bbclass: add non-recursive service packaging

[Adrian Freihofer]

On Wed, 2023-02-08 at 08:12 +0100, Peter Marko wrote:
> When service is split to separate package, it will take
> all services it depends on. It does not matter is the dependency
> is strong or week or if there is rdepends/rrecommends which would
> be the proper way to pull it.
> 
> New variable SYSTEMD_PACKAGES_DONT_RECURSE allows to
> skip this recursion for packages which are extracted to a package.
> It is mostly useful for catch-all main package and splitting
> additional packages with PACKAGE_BEFORE_PN.
> 
> Signed-off-by: Peter Marko 
> ---
>  documentation/ref-manual/variables.rst | 10 ++
>  meta/classes-recipe/systemd.bbclass    | 15 ---
>  2 files changed, 18 insertions(+), 7 deletions(-)
> 
> diff --git a/documentation/ref-manual/variables.rst
> b/documentation/ref-manual/variables.rst
> index 725f5c54cc..910b99aed2 100644
> --- a/documentation/ref-manual/variables.rst
> +++ b/documentation/ref-manual/variables.rst
> @@ -8271,6 +8271,16 @@ system and gives an overview of their function
> and contents.
>    :term:`SYSTEMD_PACKAGES`. Overrides not included in
> :term:`SYSTEMD_PACKAGES`
>    will be silently ignored.
>  
> +   :term:`SYSTEMD_PACKAGES_DONT_RECURSE`
> +  By default service files declared in :term:`SYSTEMD_SERVICE`
> are scanned
> +  and all related service files are added to parsed package
> recursively.
> +
> +  It allows more readable and future-proof recipes, however it
> does not work well
> +  when services are split to separate packages. This variable
> prevents this behavior.
> +  Here is an example from systemd recipe::
> +
> + SYSTEMD_PACKAGES_DONT_RECURSE:${PN}-networkd = "1"
> +
>     :term:`SYSVINIT_ENABLED_GETTYS`
>    When using
>    :ref:`SysVinit  services>`,
> diff --git a/meta/classes-recipe/systemd.bbclass b/meta/classes-
> recipe/systemd.bbclass
> index f9c92e6c2a..c8cee482fe 100644
> --- a/meta/classes-recipe/systemd.bbclass
> +++ b/meta/classes-recipe/systemd.bbclass
> @@ -124,19 +124,19 @@ python systemd_populate_packages() {
>  return appended
>  
>  # Add systemd files to FILES:*-systemd, parse for Also= and
> follow recursive
> -    def systemd_add_files_and_parse(pkg_systemd, path, service,
> keys):
> +    def systemd_add_files_and_parse(pkg_systemd, path, service,
> keys, recurse):
>  # avoid infinite recursion
> -    if systemd_append_file(pkg_systemd, oe.path.join(path,
> service)):
> +    if systemd_append_file(pkg_systemd, oe.path.join(path,
> service)) and recurse:
>  fullpath = oe.path.join(d.getVar("D"), path, service)
>  if service.find('.service') != -1:
>  # for *.service add *@.service
>  service_base = service.replace('.service', '')
> -    systemd_add_files_and_parse(pkg_systemd, path,
> service_base + '@.service', keys)
> +    systemd_add_files_and_parse(pkg_systemd, path,
> service_base + '@.service', keys, recurse)
>  if service.find('.socket') != -1:
>  # for *.socket add *.service and *@.service
>  service_base = service.replace('.socket', '')
> -    systemd_add_files_and_parse(pkg_systemd, path,
> service_base + '.service', keys)
> -    systemd_add_files_and_parse(pkg_systemd, path,
> service_base + '@.service', keys)
> +    systemd_add_files_and_parse(pkg_systemd, path,
> service_base + '.service', keys, recurse)
> +    systemd_add_files_and_parse(pkg_systemd, path,
> service_base + '@.service', keys, recurse)
>  for key in keys.split():
>  # recurse all dependencies found in keys
> ('Also';'Conflicts';..) and add to files
>  cmd = "grep %s %s | sed 's,%s=,,g' | tr ',' '\\n'" %
> (key, shlex.quote(fullpath), key)
> @@ -144,7 +144,7 @@ python systemd_populate_packages() {
>  line = pipe.readline()
>  while line:
>  line = line.replace('\n', '')
> -    systemd_add_files_and_parse(pkg_systemd, path,
> line, keys)
> +    systemd_add_files_and_parse(pkg_systemd, path,
> line, keys, recurse)
>  line = pipe.readline()
>  pipe.close()
>  
> @@ -157,6 +157,7 @@ python systemd_populate_packages() {
>  keys = 'Also'

There would probably be another solution without introducing a new
SYSTEMD_PACKAGES_DONT_RECURSE variable. But that would require a fix
for the systemd.bbclass, which is a bit hard to test.

To me, it looks like the issue is that systemd.bbclass looks for
service files with "Also" in them. Depending on that, it changes the
FILES variable of packages. However, according to
https://www.freedesktop.org/software/systemd/man/systemd.unit.html#Also=
"Also" means that a package with such a service file depends on another
package. This means that systemd.bbclass should change the RDEPENDS
variable but not the FILES

[OE-core] [meta][dunfell][PATCH] sudo: Fix CVE-2023-22809

[Pawan Badganchi]

From: Omkar Patil 

Add CVE-2023-22809.patch to fix CVE-2023-22809.

Signed-off-by: Omkar Patil 
Signed-off-by: pawan 
---
 .../sudo/files/CVE-2023-22809.patch   | 113 ++
 meta/recipes-extended/sudo/sudo_1.8.32.bb |   1 +
 2 files changed, 114 insertions(+)
 create mode 100644 meta/recipes-extended/sudo/files/CVE-2023-22809.patch

diff --git a/meta/recipes-extended/sudo/files/CVE-2023-22809.patch 
b/meta/recipes-extended/sudo/files/CVE-2023-22809.patch
new file mode 100644
index 00..6c47eb3e44
--- /dev/null
+++ b/meta/recipes-extended/sudo/files/CVE-2023-22809.patch
@@ -0,0 +1,113 @@
+Backport of:
+
+# HG changeset patch
+# Parent  7275148cad1f8cd3c350026460acc4d6ad349c3a
+sudoedit: do not permit editor arguments to include "--"
+We use "--" to separate the editor and arguments from the files to edit.
+If the editor arguments include "--", sudo can be tricked into allowing
+the user to edit a file not permitted by the security policy.
+Thanks to Matthieu Barjole and Victor Cutillas of Synacktiv
+(https://synacktiv.com) for finding this bug.
+
+CVE: CVE-2023-22809
+Upstream-Staus: Backport 
[http://archive.ubuntu.com/ubuntu/pool/main/s/sudo/sudo_1.8.31-1ubuntu1.4.debian.tar.xz]
+Signed-off-by: Omkar Patil 
+
+--- a/plugins/sudoers/editor.c
 b/plugins/sudoers/editor.c
+@@ -56,7 +56,7 @@ resolve_editor(const char *ed, size_t ed
+ const char *cp, *ep, *tmp;
+ const char *edend = ed + edlen;
+ struct stat user_editor_sb;
+-int nargc;
++int nargc = 0;
+ debug_decl(resolve_editor, SUDOERS_DEBUG_UTIL)
+ 
+ /*
+@@ -102,6 +102,21 @@ resolve_editor(const char *ed, size_t ed
+   free(editor_path);
+   while (nargc--)
+   free(nargv[nargc]);
++  free(nargv);
++  debug_return_str(NULL);
++  }
++
++  /*
++   * We use "--" to separate the editor and arguments from the files
++   * to edit.  The editor arguments themselves may not contain "--".
++   */
++  if (strcmp(nargv[nargc], "--") == 0) {
++  sudo_warnx(U_("ignoring editor: %.*s"), (int)edlen, ed);
++  sudo_warnx("%s", U_("editor arguments may not contain \"--\""));
++  errno = EINVAL;
++  free(editor_path);
++  while (nargc--)
++  free(nargv[nargc]);
+   free(nargv);
+   debug_return_str(NULL);
+   }
+--- a/plugins/sudoers/sudoers.c
 b/plugins/sudoers/sudoers.c
+@@ -616,20 +616,31 @@ sudoers_policy_main(int argc, char * con
+ 
+ /* Note: must call audit before uid change. */
+ if (ISSET(sudo_mode, MODE_EDIT)) {
++  const char *env_editor = NULL;
+   int edit_argc;
+-  const char *env_editor;
+ 
+   free(safe_cmnd);
+   safe_cmnd = find_editor(NewArgc - 1, NewArgv + 1, &edit_argc,
+   &edit_argv, NULL, &env_editor, false);
+   if (safe_cmnd == NULL) {
+-  if (errno != ENOENT)
++  switch (errno) {
++  case ENOENT:
++  audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
++  env_editor ? env_editor : def_editor);
++  sudo_warnx(U_("%s: command not found"),
++  env_editor ? env_editor : def_editor);
++  goto bad;
++  case EINVAL:
++  if (def_env_editor && env_editor != NULL) {
++  /* User tried to do something funny with the editor. */
++  log_warningx(SLOG_NO_STDERR|SLOG_SEND_MAIL,
++  "invalid user-specified editor: %s", env_editor);
++  goto bad;
++  }
++  /* FALLTHROUGH */
++  default:
+   goto done;
+-  audit_failure(NewArgc, NewArgv, N_("%s: command not found"),
+-  env_editor ? env_editor : def_editor);
+-  sudo_warnx(U_("%s: command not found"),
+-  env_editor ? env_editor : def_editor);
+-  goto bad;
++  }
+   }
+   if (audit_success(edit_argc, edit_argv) != 0 && 
!def_ignore_audit_errors)
+   goto done;
+--- a/plugins/sudoers/visudo.c
 b/plugins/sudoers/visudo.c
+@@ -308,7 +308,7 @@ static char *
+ get_editor(int *editor_argc, char ***editor_argv)
+ {
+ char *editor_path = NULL, **whitelist = NULL;
+-const char *env_editor;
++const char *env_editor = NULL;
+ static char *files[] = { "+1", "sudoers" };
+ unsigned int whitelist_len = 0;
+ debug_decl(get_editor, SUDOERS_DEBUG_UTIL)
+@@ -342,7 +342,11 @@ get_editor(int *editor_argc, char ***edi
+ if (editor_path == NULL) {
+   if (def_env_editor && env_editor != NULL) {
+   /* We are honoring $EDITOR so this is a fatal error. */
+-  sudo_fatalx(U_("specified editor (%s) doesn't exist"), env_editor);
++  if (errno == ENOENT) {
++  sudo_warnx(U_("specified editor (%s) doesn't exist"),
++  env_editor);
++  }
++  exit(EXIT_FAILURE);
+   }
+   sudo_fatalx(U_("no e

Re: [OE-core][PATCH 2/3] systemd.bbclass: add non-recursive service packaging

[Peter Kjellerstedt]

> -Original Message-
> From: openembedded-core@lists.openembedded.org 
>  On Behalf Of Peter Marko
> Sent: den 8 februari 2023 08:13
> To: openembedded-core@lists.openembedded.org
> Cc: Peter Marko 
> Subject: [OE-core][PATCH 2/3] systemd.bbclass: add non-recursive service 
> packaging
> 
> When service is split to separate package, it will take
> all services it depends on. It does not matter is the dependency

Change "is" to "if".

> is strong or week or if there is rdepends/rrecommends which would

Change "week" to "weak".

> be the proper way to pull it.
> 
> New variable SYSTEMD_PACKAGES_DONT_RECURSE allows to
> skip this recursion for packages which are extracted to a package.
> It is mostly useful for catch-all main package and splitting

Change "catch-all main package" to either "a catch-all main package" 
or "catch-all main packages".

> additional packages with PACKAGE_BEFORE_PN.
> 
> Signed-off-by: Peter Marko 
> ---
>  documentation/ref-manual/variables.rst | 10 ++
>  meta/classes-recipe/systemd.bbclass| 15 ---
>  2 files changed, 18 insertions(+), 7 deletions(-)
> 
> diff --git a/documentation/ref-manual/variables.rst 
> b/documentation/ref-manual/variables.rst
> index 725f5c54cc..910b99aed2 100644
> --- a/documentation/ref-manual/variables.rst
> +++ b/documentation/ref-manual/variables.rst
> @@ -8271,6 +8271,16 @@ system and gives an overview of their function and 
> contents.
>:term:`SYSTEMD_PACKAGES`. Overrides not included in 
> :term:`SYSTEMD_PACKAGES`
>will be silently ignored.
> 
> +   :term:`SYSTEMD_PACKAGES_DONT_RECURSE`

Negative variable names should be avoided when possible. I suggest 
changing this to "SYSTEMD_PACKAGES_RECURSE". See below for how the 
implementation should be changed.

> +  By default service files declared in :term:`SYSTEMD_SERVICE` are 
> scanned
> +  and all related service files are added to parsed package recursively.

Change "parsed" to "the parsed".

> +
> +  It allows more readable and future-proof recipes, however it does not 
> work well
> +  when services are split to separate packages. This variable prevents 
> this behavior.

Change "prevents" to "can be used to prevent".

> +  Here is an example from systemd recipe::
> +
> + SYSTEMD_PACKAGES_DONT_RECURSE:${PN}-networkd = "1"
> +
> :term:`SYSVINIT_ENABLED_GETTYS`
>When using
>:ref:`SysVinit `,
> diff --git a/meta/classes-recipe/systemd.bbclass 
> b/meta/classes-recipe/systemd.bbclass
> index f9c92e6c2a..c8cee482fe 100644
> --- a/meta/classes-recipe/systemd.bbclass
> +++ b/meta/classes-recipe/systemd.bbclass
> @@ -124,19 +124,19 @@ python systemd_populate_packages() {
>  return appended
> 
>  # Add systemd files to FILES:*-systemd, parse for Also= and follow 
> recursive
> -def systemd_add_files_and_parse(pkg_systemd, path, service, keys):
> +def systemd_add_files_and_parse(pkg_systemd, path, service, keys, 
> recurse):
>  # avoid infinite recursion
> -if systemd_append_file(pkg_systemd, oe.path.join(path, service)):
> +if systemd_append_file(pkg_systemd, oe.path.join(path, service)) and 
> recurse:
>  fullpath = oe.path.join(d.getVar("D"), path, service)
>  if service.find('.service') != -1:
>  # for *.service add *@.service
>  service_base = service.replace('.service', '')
> -systemd_add_files_and_parse(pkg_systemd, path, service_base 
> + '@.service', keys)
> +systemd_add_files_and_parse(pkg_systemd, path, service_base 
> + '@.service', keys, recurse)
>  if service.find('.socket') != -1:
>  # for *.socket add *.service and *@.service
>  service_base = service.replace('.socket', '')
> -systemd_add_files_and_parse(pkg_systemd, path, service_base 
> + '.service', keys)
> -systemd_add_files_and_parse(pkg_systemd, path, service_base 
> + '@.service', keys)
> +systemd_add_files_and_parse(pkg_systemd, path, service_base 
> + '.service', keys, recurse)
> +systemd_add_files_and_parse(pkg_systemd, path, service_base 
> + '@.service', keys, recurse)
>  for key in keys.split():
>  # recurse all dependencies found in keys 
> ('Also';'Conflicts';..) and add to files
>  cmd = "grep %s %s | sed 's,%s=,,g' | tr ',' '\\n'" % (key, 
> shlex.quote(fullpath), key)
> @@ -144,7 +144,7 @@ python systemd_populate_packages() {
>  line = pipe.readline()
>  while line:
>  line = line.replace('\n', '')
> -systemd_add_files_and_parse(pkg_systemd, path, line, 
> keys)
> +systemd_add_files_and_parse(pkg_systemd, path, line, 
> keys, recurse)
>  line = pipe.readline()
>  pipe.close()
> 
> @@ -157,6 +157,7 @@ python systemd_populate_p

Re: [OE-core] [kirkstone][PATCH 1/2] bitbake: bitbake-diffsigs: Make PEP8 compliant

[Mikko Rapeli]

Hi,

On Wed, Feb 08, 2023 at 11:00:22AM +, Peter Kjellerstedt wrote:
> > -Original Message-
> > From: openembedded-core@lists.openembedded.org 
> >  On Behalf Of Mikko Rapeli
> > Sent: den 7 februari 2023 10:50
> > To: openembedded-core@lists.openembedded.org
> > Cc: Marius Kriegerowski ; Alexandre Belloni 
> > ; Richard Purdie 
> > ; Mikko Rapeli 
> > Subject: [OE-core] [kirkstone][PATCH 1/2] bitbake: bitbake-diffsigs: Make 
> > PEP8 compliant
> 
> This should be sent to the bitbake list. Also, when cherry-picking 
> Bitbake changes in the poky repository, you should remove the "bitbake:" 
> prefix from the subject line as it is added by combo-layer when it 
> imports the commits from the bitbake repository to the poky repository.

Thanks, forgot all about this... I guess the version/branches is
different too.

Cheers,

-Mikko


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176900): 
https://lists.openembedded.org/g/openembedded-core/message/176900
Mute This Topic: https://lists.openembedded.org/mt/96804163/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH 1/2] bitbake: bitbake-diffsigs: Make PEP8 compliant

[Peter Kjellerstedt]

> -Original Message-
> From: openembedded-core@lists.openembedded.org 
>  On Behalf Of Mikko Rapeli
> Sent: den 7 februari 2023 10:50
> To: openembedded-core@lists.openembedded.org
> Cc: Marius Kriegerowski ; Alexandre Belloni 
> ; Richard Purdie 
> ; Mikko Rapeli 
> Subject: [OE-core] [kirkstone][PATCH 1/2] bitbake: bitbake-diffsigs: Make 
> PEP8 compliant

This should be sent to the bitbake list. Also, when cherry-picking 
Bitbake changes in the poky repository, you should remove the "bitbake:" 
prefix from the subject line as it is added by combo-layer when it 
imports the commits from the bitbake repository to the poky repository.

//Peter


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176899): 
https://lists.openembedded.org/g/openembedded-core/message/176899
Mute This Topic: https://lists.openembedded.org/mt/96804163/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 01/52] ifupdown: update 0.8.43 -> 0.8.41

[Luca Ceresoli via lists.openembedded.org]

Hi Chen, Alex,

On Wed, 8 Feb 2023 15:48:40 +0800
"Chen Qi"  wrote:

> Typo. It should be 0.8.39 -> 0.8.41

Thanks for noticing! I have fixed the message while applying to my
testing branch.

Alex, I also skipped "python3-sphinx: upgrade 6.0.0 -> 6.1.3" as I
already have a patch by Tim doing the same upgrade in my branch.

Best regards,
-- 
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176898): 
https://lists.openembedded.org/g/openembedded-core/message/176898
Mute This Topic: https://lists.openembedded.org/mt/96825753/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH] ffmpeg: fix configure failure on noexec /tmp host

[Chen Qi]

The configure scripts uses /tmp to execute some generated files.
If /tmp is noexec, then we meet the following error.

  | Unable to create and execute files in /tmp.  Set the TMPDIR environment
  | variable to another directory and make sure that it is not mounted noexec.
  | Sanity test failed.

Signed-off-by: Chen Qi 
---
 meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb 
b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb
index 0f67c9e949..63abc5d437 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_5.1.2.bb
@@ -141,6 +141,8 @@ LDFLAGS:append:x86 = 
"${@bb.utils.contains('DISTRO_FEATURES', 'ld-is-gold', ' -f
 EXTRA_OEMAKE = "V=1"
 
 do_configure() {
+export TMPDIR="${B}/tmp"
+mkdir -p ${B}/tmp
 ${S}/configure ${EXTRA_OECONF}
 sed -i -e "s,^X86ASMFLAGS=.*,& 
--debug-prefix-map=${S}=/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR} 
--debug-prefix-map=${B}=/usr/src/debug/${PN}/${EXTENDPE}${PV}-${PR},g" 
${B}/ffbuild/config.mak
 }
-- 
2.39.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176897): 
https://lists.openembedded.org/g/openembedded-core/message/176897
Mute This Topic: https://lists.openembedded.org/mt/96827045/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] wic/plugins/source/bootimg-efi: Skip installing kernel-image into boot.

[Luca Ceresoli via lists.openembedded.org]

Hello Richard, Kareem,

On Tue, 07 Feb 2023 12:32:31 +
"Richard Purdie"  wrote:

> On Tue, 2023-02-07 at 11:49 +0100, Luca Ceresoli via
> lists.openembedded.org wrote:
> > Hello Kareem,
> > 
> > thanks for your patch.
> > 
> > I have a few suggestions to improve it, see below.
> > 
> > On Mon,  6 Feb 2023 20:16:14 +0100
> > "Kareem Zarka"  wrote:
> >   
> > > The issue with installing the kernel-image to both rootfs
> > > and boot partition is that some systems rely on the kernel-image in
> > > rootfs and not in the boot partition.
> > > This leads to duplication of the kernel-image, which can cause
> > > unnecessary storage usage and potential compatibility issues.  
> > 
> > Except for the use of unnecessary storage, I don't understand exactly
> > what problems can be created by duplication.
> >   
> > > This patch provides a solution to this problem by adding a new
> > > parameter "skip-kernel-install" to the wic kickstart file, which can
> > > be passed to the plugin.
> > > If the parameter is provided, the plugin will skip installing the
> > > kernel-image to the boot partition, avoiding duplication and potential
> > > issues.
> > > 
> > > By adding this new parameter, we give the users the option to install
> > > the kernel-image only in rootfs, or to install it in both rootfs and
> > > boot partition, depending on their needs and preferences.
> > > This will help to improve the system's storage usage and compatibility.
> > > 
> > > Tests for this functionality will be added in the next patch.
> > > 
> > > Signed-off-by: Kareem Zarka 
> > > ---
> > >  scripts/lib/wic/plugins/source/bootimg-efi.py | 10 +++---
> > >  1 file changed, 7 insertions(+), 3 deletions(-)
> > > 
> > > diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py 
> > > b/scripts/lib/wic/plugins/source/bootimg-efi.py
> > > index 4b00913a70..363b9f5242 100644
> > > --- a/scripts/lib/wic/plugins/source/bootimg-efi.py
> > > +++ b/scripts/lib/wic/plugins/source/bootimg-efi.py
> > > @@ -363,9 +363,13 @@ class BootimgEFIPlugin(SourcePlugin):
> > >  objcopy_cmd += " %s %s/EFI/Linux/linux.efi" % (efi_stub, 
> > > hdddir)
> > >  exec_native_cmd(objcopy_cmd, native_sysroot)
> > >  else:
> > > -install_cmd = "install -m 0644 %s/%s %s/%s" % \
> > > -(staging_kernel_dir, kernel, hdddir, kernel)
> > > -exec_cmd(install_cmd)
> > > +# skip-kernal-install was added to source_params to 
> > > conifgure installing the kernel-image.
> > > +# set skip_kernal_install in the kickstart file to skip 
> > > installing it into hdddir.
> > > +# if not set then the kernel-image will be installed.  
> > 
> > s/conifgure/configure/
> > Also check underscores vs dashes.
> > 
> > A comment in the code is welcome, but it should not include the history
> > of why this got added. When someone will read this three years from now
> > they don't care. So just remove the first line.
> >   
> > > +if not  source_params.get('skip-kernal-install'):  
> > 
> > s/kernal/kernel/, also on other lines.
> > Also remove the unneeded double space.
> > 
> > Out of personal taste, I would prefer a positive logic rather than a
> > negative one, e.g.:
> > 
> > if source_params.get('install-kernel-into-boot-dir') != "false":  
> 
> Whilst I know what you mean, that isn't valid python and the original
> code is probably more pythonic in that "XXX != False" is a bit
> different to "not XXX" in python.

Aa, sure, consider the above line just quickyl written pseudocode! :-)

Regardless of the implementation, my idea is this:
 * install-kernel-into-boot-dir is True  -> kernel is installed
 * install-kernel-into-boot-dir is False -> kernel is not installed
 * install-kernel-into-boot-dir not set -> kernel is installed (for backward 
compatibility)

But as I said, this is out of personal taste and I have a limited
perception of the whole problem.

-- 
Luca Ceresoli, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#176896): 
https://lists.openembedded.org/g/openembedded-core/message/176896
Mute This Topic: https://lists.openembedded.org/mt/96791012/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-