Re: [OE-core] gcc12 testing results
On Fri, May 6, 2022 at 9:08 AM Bruce Ashfield wrote: > > On Fri, May 6, 2022 at 11:41 AM Khem Raj wrote: > > > > yeah meta-virt is seemingly a new addition. Adding Bruce also about > > the failures. > > The Xen guys will hopefully get around to it shortly, but we are still > going through significant work to get kirkstone stabilized and > released for meta-virt, so there's unlikely to be anything specific > done on it for a bit yet. since its now added to AB, I am hoping this does not become a holding block for fundamental changes like compiler upgrades. perhaps it should be made optional for master if thats not where CI efforts are. > > I'm sure Xen upstream has already addressed it, but our Xen upgrades > are in place for the release (Which is where the stabilization effort > is happening), so we can peek for incremental fixes as appropriate. > > Cheers, > > Bruce > > > > > > On Fri, May 6, 2022 at 8:14 AM wrote: > > > > > > I reran the gcc 12 testing. We still have an issue with linux-yocto > > > 5.10 and edgerouter: > > > > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/111/builds/3046 > > > > > > and meta-virtualization has a couple of issues: > > > > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/46 > > > > > > Build is still going. > > > > > > Cheers, > > > > > > Richard > > > > -- > - Thou shalt not follow the NULL pointer, for chaos and madness await > thee at its end > - "Use the force Harry" - Gandalf, Star Trek II -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165352): https://lists.openembedded.org/g/openembedded-core/message/165352 Mute This Topic: https://lists.openembedded.org/mt/90935511/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] gcc12 testing results
On Fri, May 6, 2022 at 8:14 AM wrote: > > I reran the gcc 12 testing. We still have an issue with linux-yocto > 5.10 and edgerouter: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/111/builds/3046 > why are we pinning edgerouter-alt to 5.10 ? > and meta-virtualization has a couple of issues: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/46 > > Build is still going. > > Cheers, > > Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165351): https://lists.openembedded.org/g/openembedded-core/message/165351 Mute This Topic: https://lists.openembedded.org/mt/90935511/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v2] gnutls: Added fips support option.
Hi, Alex > I think the unconditional DEPENDS lines can be avoided if you use: > PACKAGECONFIG[fips] = "--enable-fips140-mode > --with-libdl-prefix=${STAGING_BASELIBDIR},--disable-fips140-mode,gnutls-nativ > e" But because gnutls-native also need to enable fips, circular dependency error will occur in this way. - ERROR: 288 unbuildable tasks were found. | ETA: 0:00:00 These are usually caused by circular dependencies and any circular dependency chains found will be printed below. Increase the debug level to see a list of unbuildable tasks. Identifying dependency loops (this may take a short while)... .. - Best regards Lei > -Original Message- > From: Alexander Kanavin > Sent: Friday, May 6, 2022 2:30 PM > To: Lei, Maohui > Cc: OE-core > Subject: Re: [OE-core] [PATCH v2] gnutls: Added fips support option. > > On Fri, 6 May 2022 at 05:38, leimaohui wrote: > > +DEPENDS:append:class-target = " gnutls-native" > > +DEPENDS:append:class-nativesdk = " gnutls-native" > > +PACKAGECONFIG[fips] = "--enable-fips140-mode > --with-libdl-prefix=${STAGING_BASELIBDIR},--disable-fips140-mode" > > I think the unconditional DEPENDS lines can be avoided if you use: > PACKAGECONFIG[fips] = "--enable-fips140-mode > --with-libdl-prefix=${STAGING_BASELIBDIR},--disable-fips140-mode,gnutls-nativ > e" > > Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165350): https://lists.openembedded.org/g/openembedded-core/message/165350 Mute This Topic: https://lists.openembedded.org/mt/90926966/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] gcc12 testing results
On Fri, May 6, 2022 at 11:41 AM Khem Raj wrote: > > yeah meta-virt is seemingly a new addition. Adding Bruce also about > the failures. The Xen guys will hopefully get around to it shortly, but we are still going through significant work to get kirkstone stabilized and released for meta-virt, so there's unlikely to be anything specific done on it for a bit yet. I'm sure Xen upstream has already addressed it, but our Xen upgrades are in place for the release (Which is where the stabilization effort is happening), so we can peek for incremental fixes as appropriate. Cheers, Bruce > > On Fri, May 6, 2022 at 8:14 AM wrote: > > > > I reran the gcc 12 testing. We still have an issue with linux-yocto > > 5.10 and edgerouter: > > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/111/builds/3046 > > > > and meta-virtualization has a couple of issues: > > > > https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/46 > > > > Build is still going. > > > > Cheers, > > > > Richard -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165349): https://lists.openembedded.org/g/openembedded-core/message/165349 Mute This Topic: https://lists.openembedded.org/mt/90935511/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 5/5] Revert "bitbake.conf: mark all directories as safe for git to read"
Turns out this doesn't actually work, as git doesn't respect the environment when reading the safe.directory configuration variable. This reverts commit d4a5862ce8db97d26a3c32c4cffea3197c1defec. Signed-off-by: Ross Burton --- meta/conf/bitbake.conf | 8 1 file changed, 8 deletions(-) diff --git a/meta/conf/bitbake.conf b/meta/conf/bitbake.conf index 1deba8d910..0e939aca4f 100644 --- a/meta/conf/bitbake.conf +++ b/meta/conf/bitbake.conf @@ -776,18 +776,10 @@ export PKG_CONFIG_DISABLE_UNINSTALLED = "yes" export PKG_CONFIG_SYSTEM_LIBRARY_PATH = "${base_libdir}:${libdir}" export PKG_CONFIG_SYSTEM_INCLUDE_PATH = "${includedir}" -# Git configuration - # Don't allow git to chdir up past WORKDIR so that it doesn't detect the OE # repository when building a recipe export GIT_CEILING_DIRECTORIES = "${WORKDIR}" -# Treat all directories are safe, as during fakeroot tasks git will run as -# root so recent git releases (eg 2.30.3) will refuse to work on repositories. See -# https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 for -# further details. -export GIT_CONFIG_PARAMETERS="'safe.directory=*'" - ### ### Config file processing ### -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165348): https://lists.openembedded.org/g/openembedded-core/message/165348 Mute This Topic: https://lists.openembedded.org/mt/90936536/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 4/5] scripts/git: Ensure we don't have circular references
From: Richard Purdie This is horrible but I'm running out of better ideas. We hit circular reference issues which we were trying to avoid in the core HOSTTOOLS code. When building the eSDK, there can be two copies of the script. Therefore assume git will never be in a directory called scripts. This fixes eSDK build failures. Signed-off-by: Richard Purdie --- scripts/git | 9 - 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/scripts/git b/scripts/git index 8adf5c9ecb..644055e540 100755 --- a/scripts/git +++ b/scripts/git @@ -10,7 +10,14 @@ os.environ['PSEUDO_UNLOAD'] = '1' # calculate path to the real 'git' path = os.environ['PATH'] -path = path.replace(os.path.dirname(sys.argv[0]), '') +# we need to remove our path but also any other copy of this script which +# may be present, e.g. eSDK. +replacements = [os.path.dirname(sys.argv[0])] +for p in path.split(":"): +if p.endswith("/scripts"): +replacements.append(p) +for r in replacements: +path = path.replace(r, '/ignoreme') real_git = shutil.which('git', path=path) if len(sys.argv) == 1: -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165347): https://lists.openembedded.org/g/openembedded-core/message/165347 Mute This Topic: https://lists.openembedded.org/mt/90936535/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/5] oeqa/selftest: add test for git working correctly inside pseudo
The fix for CVE-2022-24765 in git[1] breaks any use of git inside pseudo. Add a simple test case to oe-selftest to verify that at least basic uses of git work fine under pseudo. [1] https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 Signed-off-by: Ross Burton --- .../git-submodule-test/git-submodule-test.bb | 15 +++ meta/lib/oeqa/selftest/cases/git.py | 15 +++ 2 files changed, 30 insertions(+) create mode 100644 meta/lib/oeqa/selftest/cases/git.py diff --git a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb index cc5d7eae5a..fa3041b7d8 100644 --- a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb +++ b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb @@ -7,3 +7,18 @@ INHIBIT_DEFAULT_DEPS = "1" SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test;branch=master" SRCREV = "a2885dd7d25380d23627e7544b7bbb55014b16ee" + +S = "${WORKDIR}/git" + +do_test_git_as_user() { +cd ${S} +git status +} +addtask test_git_as_user after do_unpack + +fakeroot do_test_git_as_root() { +cd ${S} +git status +} +do_test_git_as_root[depends] += "virtual/fakeroot-native:do_populate_sysroot" +addtask test_git_as_root after do_unpack diff --git a/meta/lib/oeqa/selftest/cases/git.py b/meta/lib/oeqa/selftest/cases/git.py new file mode 100644 index 00..f12874dc7d --- /dev/null +++ b/meta/lib/oeqa/selftest/cases/git.py @@ -0,0 +1,15 @@ +from oeqa.selftest.case import OESelftestTestCase +from oeqa.utils.commands import bitbake + +class GitCheck(OESelftestTestCase): +def test_git_intercept(self): +""" +Git binaries with CVE-2022-24765 fixed will refuse to operate on a +repository which is owned by a different user. This breaks our +do_install task as that runs inside pseudo, so the git repository is +owned by the build user but git is running as (fake)root. + +We have an intercept which disables pseudo, so verify that it works. +""" +bitbake("git-submodule-test -c test_git_as_user") +bitbake("git-submodule-test -c test_git_as_root") -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165344): https://lists.openembedded.org/g/openembedded-core/message/165344 Mute This Topic: https://lists.openembedded.org/mt/90936531/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/5] base: Avoid circular references to our own scripts
From: Richard Purdie We'd like to intercept git calls but we don't want circular references and HOSTTOOLS currently sets them up. Tweak to avoid them. Signed-off-by: Richard Purdie --- meta/classes/base.bbclass | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass index 3515720bf9..16b7c69995 100644 --- a/meta/classes/base.bbclass +++ b/meta/classes/base.bbclass @@ -115,6 +115,9 @@ def setup_hosttools_dir(dest, toolsvar, d, fatal=True): tools = d.getVar(toolsvar).split() origbbenv = d.getVar("BB_ORIGENV", False) path = origbbenv.getVar("PATH") +# Need to ignore our own scripts directory to avoid circular links +ourscripts = d.expand("${COREBASE}/scripts") +path = path.replace(ourscripts, "/ignoreme") bb.utils.mkdirhier(dest) notfound = [] for tool in tools: -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165345): https://lists.openembedded.org/g/openembedded-core/message/165345 Mute This Topic: https://lists.openembedded.org/mt/90936532/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 3/5] scripts: Make git intercept global
From: Richard Purdie The previous minimially invasive git intercept simply isn't enough. For example, meson used in the igt-gpu-tools recipe hardcodes the path to git in the configure step so at install time, changing PATH has no effect. There are lots of interesting things we could do to try and avoid problems but making the git intercept and dropping fakeroot privs for git global is probably the least worst solution at this point. It will add slight overhead to git calls but we don't make many so the overall impact is likely minimal. Signed-off-by: Richard Purdie --- scripts/{git-intercept => }/git | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename scripts/{git-intercept => }/git (100%) diff --git a/scripts/git-intercept/git b/scripts/git similarity index 100% rename from scripts/git-intercept/git rename to scripts/git -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165346): https://lists.openembedded.org/g/openembedded-core/message/165346 Mute This Topic: https://lists.openembedded.org/mt/90936533/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] gcc12 testing results
yeah meta-virt is seemingly a new addition. Adding Bruce also about the failures. On Fri, May 6, 2022 at 8:14 AM wrote: > > I reran the gcc 12 testing. We still have an issue with linux-yocto > 5.10 and edgerouter: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/111/builds/3046 > > and meta-virtualization has a couple of issues: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/46 > > Build is still going. > > Cheers, > > Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165343): https://lists.openembedded.org/g/openembedded-core/message/165343 Mute This Topic: https://lists.openembedded.org/mt/90935511/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [meta][dunfell][PATCH] fribidi: Add fix for CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310
You can simplify your subject to: [OE-core][dunfell] fribidi: Add fix for CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310 Sadly the patch in the recipe does not apply. Have you done a test build? ERROR: fribidi-1.0.9-r0 do_patch: Applying patch 'CVE-2022-25308.patch' on target directory '/home/steve/builds/poky-contrib-dunfell/build/tmp/work/core2-64-poky-linux/fribidi/1.0.9-r0/fribidi-1.0.9' Command Error: 'quilt --quiltrc /home/steve/builds/poky-contrib-dunfell/build/tmp/work/core2-64-poky-linux/fribidi/1.0.9-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: Applying patch CVE-2022-25308.patch patching file bin/fribidi-main.c Hunk #1 FAILED at 390. 1 out of 1 hunk FAILED -- rejects in file bin/fribidi-main.c Patch CVE-2022-25308.patch does not apply (enforce with -f) Steve On Thu, May 5, 2022 at 10:08 PM Pawan via lists.openembedded.org wrote: > > From: Pawan Badganchi > > Add below patches to fix CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310 > > CVE-2022-25308.patch > Link: > https://github.com/fribidi/fribidi/commit/ad3a19e6372b1e667128ed1ea2f49919884587e1 > > CVE-2022-25309.patch > Link: > https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3 > > CVE-2022-25310.patch > Link:https://github.com/fribidi/fribidi/commit/175850b03e1af251d705c1d04b2b9b3c1c06e48f > > Signed-off-by: pawan badganchi > --- > .../fribidi/fribidi/CVE-2022-25308.patch | 50 +++ > .../fribidi/fribidi/CVE-2022-25309.patch | 31 > .../fribidi/fribidi/CVE-2022-25310.patch | 30 +++ > meta/recipes-support/fribidi/fribidi_1.0.9.bb | 3 ++ > 4 files changed, 114 insertions(+) > create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch > create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch > create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch > > diff --git a/meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch > b/meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch > new file mode 100644 > index 00..8f2c2ade0e > --- /dev/null > +++ b/meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch > @@ -0,0 +1,50 @@ > +From ad3a19e6372b1e667128ed1ea2f49919884587e1 Mon Sep 17 00:00:00 2001 > +From: Akira TAGOH > +Date: Thu, 17 Feb 2022 17:30:12 +0900 > +Subject: [PATCH] Fix the stack buffer overflow issue > + > +strlen() could returns 0. Without a conditional check for len, > +accessing S_ pointer with len - 1 may causes a stack buffer overflow. > + > +AddressSanitizer reports this like: > +==1219243==ERROR: AddressSanitizer: stack-buffer-overflow on address > 0x7ffdce043c1f at pc 0x00403547 bp 0x7ffdce0 > +43b30 sp 0x7ffdce043b28 > +READ of size 1 at 0x7ffdce043c1f thread T0 > +#0 0x403546 in main ../bin/fribidi-main.c:393 > +#1 0x7f226804e58f in __libc_start_call_main (/lib64/libc.so.6+0x2d58f) > +#2 0x7f226804e648 in __libc_start_main_impl (/lib64/libc.so.6+0x2d648) > +#3 0x4036f4 in _start (/tmp/fribidi/build/bin/fribidi+0x4036f4) > + > +Address 0x7ffdce043c1f is located in stack of thread T0 at offset 63 in frame > +#0 0x4022bf in main ../bin/fribidi-main.c:193 > + > + This frame has 5 object(s): > +[32, 36) 'option_index' (line 233) > +[48, 52) 'base' (line 386) > +[64, 65064) 'S_' (line 375) <== Memory access at offset 63 underflows > this variable > +[65328, 130328) 'outstring' (line 385) > +[130592, 390592) 'logical' (line 384) > + > +This fixes https://github.com/fribidi/fribidi/issues/181 > + > +CVE: CVE-2022-25308 > +Upstream-Status: Backport > [https://github.com/fribidi/fribidi/commit/ad3a19e6372b1e667128ed1ea2f49919884587e1] > +Signed-off-by: Pawan Badganchi > + > +--- > + bin/fribidi-main.c | 2 +- > + 1 file changed, 1 insertion(+), 1 deletion(-) > + > +diff --git a/bin/fribidi-main.c b/bin/fribidi-main.c > +index 3cf9fe1..3ae4fb6 100644 > +--- a/bin/fribidi-main.c > b/bin/fribidi-main.c > +@@ -390,7 +390,7 @@ FRIBIDI_END_IGNORE_DEPRECATIONS > + S_[sizeof (S_) - 1] = 0; > + len = strlen (S_); > + /* chop */ > +- if (S_[len - 1] == '\n') > ++ if (len > 0 && S_[len - 1] == '\n') > + { > + len--; > + S_[len] = '\0'; > diff --git a/meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch > b/meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch > new file mode 100644 > index 00..0efba3d05c > --- /dev/null > +++ b/meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch > @@ -0,0 +1,31 @@ > +From f22593b82b5d1668d1997dbccd10a9c31ffea3b3 Mon Sep 17 00:00:00 2001 > +From: Dov Grobgeld > +Date: Fri, 25 Mar 2022 09:09:49 +0300 > +Subject: [PATCH] Protected against garbage in the CapRTL encoder > + > +CVE: CVE-2022-25309 > +Upstream-Status: Backport > [https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3] > +Signed-off-by: Pawan Badganchi > + > +---
Re: [OE-core] [meta][dunfell][PATCH] libinput: Add fix for CVE-2022-1215
You can simplify your subject line to just: [OE-core][dunfell] libinput: Add fix for CVE-2022-1215 Unfortunately the patches in the recipe still do not apply. Have you done a test build? ERROR: libinput-1.15.2-r0 do_patch: Applying patch 'CVE-2022-1215.patch' on target directory '/home/steve/builds/poky-contrib-dunfell/build/tmp/work/core2-64-poky-linux/libinput/1.15.2-r0/libinput-1.15.2' Command Error: 'quilt --quiltrc /home/steve/builds/poky-contrib-dunfell/build/tmp/work/core2-64-poky-linux/libinput/1.15.2-r0/recipe-sysroot-native/etc/quiltrc push' exited with 0 Output: Applying patch CVE-2022-1215.patch patching file meson.build Hunk #1 FAILED at 787. 1 out of 1 hunk FAILED -- rejects in file meson.build patching file src/evdev.c Hunk #1 FAILED at 2356. Hunk #2 FAILED at 2382. Hunk #3 FAILED at 2411. Hunk #4 FAILED at 2238. 4 out of 4 hunks FAILED -- rejects in file src/evdev.c patching file src/evdev.h Hunk #1 FAILED at 169. Hunk #2 FAILED at 786. Hunk #3 FAILED at 824. 3 out of 3 hunks FAILED -- rejects in file src/evdev.h patching file src/util-strings.h Hunk #2 succeeded at 313 with fuzz 2. patching file test/litest-device-format-string.c patching file test/litest.h Hunk #1 FAILED at 303. 1 out of 1 hunk FAILED -- rejects in file test/litest.h patching file test/test-utils.c Hunk #1 succeeded at 1033 with fuzz 1 (offset -234 lines). Hunk #2 FAILED at 1163. 1 out of 2 hunks FAILED -- rejects in file test/test-utils.c Patch CVE-2022-1215.patch does not apply (enforce with -f) Steve On Thu, May 5, 2022 at 10:07 PM Pawan via lists.openembedded.org wrote: > > From: Pawan Badganchi > > Add below patch to fix CVE-2022-1215 > > CVE-2022-1215.patch > Link: > https://gitlab.freedesktop.org/libinput/libinput/-/commit/2a8b8fde90d63d48ce09ddae44142674bbca1c28 > > Signed-off-by: Pawan Badganchi > --- > .../wayland/libinput/CVE-2022-1215.patch | 361 ++ > .../wayland/libinput_1.15.2.bb| 1 + > 2 files changed, 362 insertions(+) > create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch > > diff --git a/meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch > b/meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch > new file mode 100644 > index 00..5f8f7a9894 > --- /dev/null > +++ b/meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch > @@ -0,0 +1,361 @@ > +From 2a8b8fde90d63d48ce09ddae44142674bbca1c28 Mon Sep 17 00:00:00 2001 > +From: Peter Hutterer > +Date: Wed, 30 Mar 2022 09:25:22 +1000 > +Subject: [PATCH] evdev: strip the device name of format directives > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > + > +This fixes a format string vulnerabilty. > + > +evdev_log_message() composes a format string consisting of a fixed > +prefix (including the rendered device name) and the passed-in format > +buffer. This format string is then passed with the arguments to the > +actual log handler, which usually and eventually ends up being printf. > + > +If the device name contains a printf-style format directive, these ended > +up in the format string and thus get interpreted correctly, e.g. for a > +device "Foo%sBar" the log message vs printf invocation ends up being: > + evdev_log_message(device, "some message %s", "some argument"); > + printf("event9 - Foo%sBar: some message %s", "some argument"); > + > +This can enable an attacker to execute malicious code with the > +privileges of the process using libinput. > + > +To exploit this, an attacker needs to be able to create a kernel device > +with a malicious name, e.g. through /dev/uinput or a Bluetooth device. > + > +To fix this, convert any potential format directives in the device name > +by duplicating percentages. > + > +Pre-rendering the device to avoid the issue altogether would be nicer > +but the current log level hooks do not easily allow for this. The device > +name is the only user-controlled part of the format string. > + > +A second potential issue is the sysname of the device which is also > +sanitized. > + > +This issue was found by Albin Eldstål-Ahrens and Benjamin Svensson from > +Assured AB, and independently by Lukas Lamster. > + > +Fixes #752 > + > +Signed-off-by: Peter Hutterer > +(cherry picked from commit a423d7d3269dc32a87384f79e29bb5ac021c83d1) > + > +CVE: CVE-2022-1215 > +Upstream Status: Backport > [https://gitlab.freedesktop.org/libinput/libinput/-/commit/2a8b8fde90d63d48ce09ddae44142674bbca1c28] > +Signed-off-by: Pawan Badganchi > + > +--- > + meson.build| 1 + > + src/evdev.c| 31 +++-- > + src/evdev.h| 6 ++-- > + src/util-strings.h | 30 > + test/litest-device-format-string.c | 56 ++ > + test/litest.h | 1 + > + test/test-utils.c | 26 ++ > + 7 files changed, 139 insertions(+), 12 deletions(-) > +
[OE-core] gcc12 testing results
I reran the gcc 12 testing. We still have an issue with linux-yocto 5.10 and edgerouter: https://autobuilder.yoctoproject.org/typhoon/#/builders/111/builds/3046 and meta-virtualization has a couple of issues: https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/46 Build is still going. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165340): https://lists.openembedded.org/g/openembedded-core/message/165340 Mute This Topic: https://lists.openembedded.org/mt/90935511/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/3] python3-setuptools: upgrade 59.5.0 -> 62.1.0
On Fri, 6 May 2022 at 16:51, Luca Ceresoli wrote: > > This was held by numpy rejecting setuptools >= 60.x, > > however they added a workaround in recent point releases > > and so the upgrade can proceed. > > > This patch causes many AB failures like this: > > | error: #error "LONG_BIT definition appears wrong for platform (bad > gcc/glibc config?) > > and this: > > | checking for Python.h... no > | configure: error: python version 3 probe support requested but not > found > > Some logs: > > https://autobuilder.yoctoproject.org/typhoon/#/builders/61/builds/5159/steps/12/logs/stdio > https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/45/steps/20/logs/stdio > https://autobuilder.yoctoproject.org/typhoon/#/builders/65/builds/5204/steps/15/logs/stdio Thanks Luca, I only ran this through on basic qemux86-64. Tim, can you pick this up and get it to mergeable condition? Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165339): https://lists.openembedded.org/g/openembedded-core/message/165339 Mute This Topic: https://lists.openembedded.org/mt/90928568/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 2/3] python3-setuptools: upgrade 59.5.0 -> 62.1.0
Hi Alex, Il giorno Fri, 6 May 2022 08:41:54 +0200 "Alexander Kanavin" ha scritto: > From: Alexander Kanavin > > This was held by numpy rejecting setuptools >= 60.x, > however they added a workaround in recent point releases > and so the upgrade can proceed. > > Drop 0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch > as changed code completely removed upstream. > > Add a tomli build dependency to python3-setuptools-scm as new > setuptools exposes: > > | File > "/srv/work/alex/poky/build-64-alt/tmp/work/x86_64-linux/python3-setuptools-scm-native/6.4.2-r0/setuptools_scm-6.4.2/src/setuptools_scm/config.py", > line 59, in _lazy_tomli_load | from tomli import loads | > ModuleNotFoundError: No module named 'tomli' > > Signed-off-by: Alexander Kanavin This patch causes many AB failures like this: | error: #error "LONG_BIT definition appears wrong for platform (bad gcc/glibc config?) and this: | checking for Python.h... no | configure: error: python version 3 probe support requested but not found Some logs: https://autobuilder.yoctoproject.org/typhoon/#/builders/61/builds/5159/steps/12/logs/stdio https://autobuilder.yoctoproject.org/typhoon/#/builders/128/builds/45/steps/20/logs/stdio https://autobuilder.yoctoproject.org/typhoon/#/builders/65/builds/5204/steps/15/logs/stdio -- Luca Ceresoli, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165338): https://lists.openembedded.org/g/openembedded-core/message/165338 Mute This Topic: https://lists.openembedded.org/mt/90928568/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] e2fsprogs: update upstream status
Status updated but using the existing patch since it is functionally identical. Signed-off-by: Aryaman Gupta --- meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch index ffaecc622a..2c09bb276d 100644 --- a/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch +++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/extents.patch @@ -1,5 +1,5 @@ CVE: CVE-2022-1304 -Upstream-Status: Submitted [https://lore.kernel.org/linux-ext4/20220421173148.20193-1-lczer...@redhat.com/] +Upstream-Status: Backport [ ab51d587bb9b229b1fade1afd02e1574c1ba5c76 ] Signed-off-by: Ross Burton From 347084c9c1ad20f47dae16f5a3dcd8628d5fc7b0 Mon Sep 17 00:00:00 2001 -- 2.33.0 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165337): https://lists.openembedded.org/g/openembedded-core/message/165337 Mute This Topic: https://lists.openembedded.org/mt/90932940/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 0/1] wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions
Changes since v1: - restore previous behavior - implement support for --rootfs-dir=${IMAGE_ROOTFS}/ via fallback Best regards, Felix Moessbauer Siemens AG Felix Moessbauer (1): wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions scripts/lib/wic/plugins/source/rootfs.py | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165336): https://lists.openembedded.org/g/openembedded-core/message/165336 Mute This Topic: https://lists.openembedded.org/mt/90929570/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v2 1/1] wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions
This patches makes locating the file database containing the file and folder usernames and permissions more reliable. In addition to locating it relative to the partition directory, we also try to locate it relative to the IMAGE_ROOTFS. Prior to this patch, the database was not found when using --rootfs-dir=${IMAGE_ROOTFS}/ in the WIC script, leading to erronous file permissions and ownership. Signed-off-by: Felix Moessbauer --- scripts/lib/wic/plugins/source/rootfs.py | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/scripts/lib/wic/plugins/source/rootfs.py b/scripts/lib/wic/plugins/source/rootfs.py index 2e34e715ca..25bb41dd70 100644 --- a/scripts/lib/wic/plugins/source/rootfs.py +++ b/scripts/lib/wic/plugins/source/rootfs.py @@ -50,7 +50,7 @@ class RootfsPlugin(SourcePlugin): @staticmethod def __get_rootfs_dir(rootfs_dir): -if os.path.isdir(rootfs_dir): +if rootfs_dir and os.path.isdir(rootfs_dir): return os.path.realpath(rootfs_dir) image_rootfs_dir = get_bitbake_var("IMAGE_ROOTFS", rootfs_dir) @@ -96,6 +96,9 @@ class RootfsPlugin(SourcePlugin): part.rootfs_dir = cls.__get_rootfs_dir(rootfs_dir) part.has_fstab = os.path.exists(os.path.join(part.rootfs_dir, "etc/fstab")) pseudo_dir = os.path.join(part.rootfs_dir, "../pseudo") +if not os.path.lexists(pseudo_dir): +pseudo_dir = os.path.join(cls.__get_rootfs_dir(None), '../pseudo') + if not os.path.lexists(pseudo_dir): logger.warn("%s folder does not exist. " "Usernames and permissions will be invalid " % pseudo_dir) -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165335): https://lists.openembedded.org/g/openembedded-core/message/165335 Mute This Topic: https://lists.openembedded.org/mt/90929569/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [meta][dunfell][PATCH] fribidi: Add fix for CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310
From: Pawan Badganchi Add below patches to fix CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310 CVE-2022-25308.patch Link: https://github.com/fribidi/fribidi/commit/ad3a19e6372b1e667128ed1ea2f49919884587e1 CVE-2022-25309.patch Link: https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3 CVE-2022-25310.patch Link:https://github.com/fribidi/fribidi/commit/175850b03e1af251d705c1d04b2b9b3c1c06e48f Signed-off-by: pawan badganchi --- .../fribidi/fribidi/CVE-2022-25308.patch | 50 +++ .../fribidi/fribidi/CVE-2022-25309.patch | 31 .../fribidi/fribidi/CVE-2022-25310.patch | 30 +++ meta/recipes-support/fribidi/fribidi_1.0.9.bb | 3 ++ 4 files changed, 114 insertions(+) create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch create mode 100644 meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch diff --git a/meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch b/meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch new file mode 100644 index 00..8f2c2ade0e --- /dev/null +++ b/meta/recipes-support/fribidi/fribidi/CVE-2022-25308.patch @@ -0,0 +1,50 @@ +From ad3a19e6372b1e667128ed1ea2f49919884587e1 Mon Sep 17 00:00:00 2001 +From: Akira TAGOH +Date: Thu, 17 Feb 2022 17:30:12 +0900 +Subject: [PATCH] Fix the stack buffer overflow issue + +strlen() could returns 0. Without a conditional check for len, +accessing S_ pointer with len - 1 may causes a stack buffer overflow. + +AddressSanitizer reports this like: +==1219243==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdce043c1f at pc 0x00403547 bp 0x7ffdce0 +43b30 sp 0x7ffdce043b28 +READ of size 1 at 0x7ffdce043c1f thread T0 +#0 0x403546 in main ../bin/fribidi-main.c:393 +#1 0x7f226804e58f in __libc_start_call_main (/lib64/libc.so.6+0x2d58f) +#2 0x7f226804e648 in __libc_start_main_impl (/lib64/libc.so.6+0x2d648) +#3 0x4036f4 in _start (/tmp/fribidi/build/bin/fribidi+0x4036f4) + +Address 0x7ffdce043c1f is located in stack of thread T0 at offset 63 in frame +#0 0x4022bf in main ../bin/fribidi-main.c:193 + + This frame has 5 object(s): +[32, 36) 'option_index' (line 233) +[48, 52) 'base' (line 386) +[64, 65064) 'S_' (line 375) <== Memory access at offset 63 underflows this variable +[65328, 130328) 'outstring' (line 385) +[130592, 390592) 'logical' (line 384) + +This fixes https://github.com/fribidi/fribidi/issues/181 + +CVE: CVE-2022-25308 +Upstream-Status: Backport [https://github.com/fribidi/fribidi/commit/ad3a19e6372b1e667128ed1ea2f49919884587e1] +Signed-off-by: Pawan Badganchi + +--- + bin/fribidi-main.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bin/fribidi-main.c b/bin/fribidi-main.c +index 3cf9fe1..3ae4fb6 100644 +--- a/bin/fribidi-main.c b/bin/fribidi-main.c +@@ -390,7 +390,7 @@ FRIBIDI_END_IGNORE_DEPRECATIONS + S_[sizeof (S_) - 1] = 0; + len = strlen (S_); + /* chop */ +- if (S_[len - 1] == '\n') ++ if (len > 0 && S_[len - 1] == '\n') + { + len--; + S_[len] = '\0'; diff --git a/meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch b/meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch new file mode 100644 index 00..0efba3d05c --- /dev/null +++ b/meta/recipes-support/fribidi/fribidi/CVE-2022-25309.patch @@ -0,0 +1,31 @@ +From f22593b82b5d1668d1997dbccd10a9c31ffea3b3 Mon Sep 17 00:00:00 2001 +From: Dov Grobgeld +Date: Fri, 25 Mar 2022 09:09:49 +0300 +Subject: [PATCH] Protected against garbage in the CapRTL encoder + +CVE: CVE-2022-25309 +Upstream-Status: Backport [https://github.com/fribidi/fribidi/commit/f22593b82b5d1668d1997dbccd10a9c31ffea3b3] +Signed-off-by: Pawan Badganchi + +--- + lib/fribidi-char-sets-cap-rtl.c | 7 ++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/lib/fribidi-char-sets-cap-rtl.c b/lib/fribidi-char-sets-cap-rtl.c +index b0c0e4a..f74e010 100644 +--- a/lib/fribidi-char-sets-cap-rtl.c b/lib/fribidi-char-sets-cap-rtl.c +@@ -232,7 +232,12 @@ fribidi_cap_rtl_to_unicode ( + } + } + else +- us[j++] = caprtl_to_unicode[(int) s[i]]; ++ { ++if ((int)s[i] < 0) ++ us[j++] = '?'; ++else ++ us[j++] = caprtl_to_unicode[(int) s[i]]; ++ } + } + + return j; diff --git a/meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch b/meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch new file mode 100644 index 00..d79a82d648 --- /dev/null +++ b/meta/recipes-support/fribidi/fribidi/CVE-2022-25310.patch @@ -0,0 +1,30 @@ +From 175850b03e1af251d705c1d04b2b9b3c1c06e48f Mon Sep 17 00:00:00 2001 +From: Akira TAGOH +Date: Thu, 17 Feb 2022 19:06:10 +0900 +Subject: [PATCH] Fix SEGV issue in fribidi_remove_bidi_marks + +Escape from
[OE-core] [meta][dunfell][PATCH] libinput: Add fix for CVE-2022-1215
From: Pawan Badganchi Add below patch to fix CVE-2022-1215 CVE-2022-1215.patch Link: https://gitlab.freedesktop.org/libinput/libinput/-/commit/2a8b8fde90d63d48ce09ddae44142674bbca1c28 Signed-off-by: Pawan Badganchi --- .../wayland/libinput/CVE-2022-1215.patch | 361 ++ .../wayland/libinput_1.15.2.bb| 1 + 2 files changed, 362 insertions(+) create mode 100644 meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch diff --git a/meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch b/meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch new file mode 100644 index 00..5f8f7a9894 --- /dev/null +++ b/meta/recipes-graphics/wayland/libinput/CVE-2022-1215.patch @@ -0,0 +1,361 @@ +From 2a8b8fde90d63d48ce09ddae44142674bbca1c28 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Wed, 30 Mar 2022 09:25:22 +1000 +Subject: [PATCH] evdev: strip the device name of format directives +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This fixes a format string vulnerabilty. + +evdev_log_message() composes a format string consisting of a fixed +prefix (including the rendered device name) and the passed-in format +buffer. This format string is then passed with the arguments to the +actual log handler, which usually and eventually ends up being printf. + +If the device name contains a printf-style format directive, these ended +up in the format string and thus get interpreted correctly, e.g. for a +device "Foo%sBar" the log message vs printf invocation ends up being: + evdev_log_message(device, "some message %s", "some argument"); + printf("event9 - Foo%sBar: some message %s", "some argument"); + +This can enable an attacker to execute malicious code with the +privileges of the process using libinput. + +To exploit this, an attacker needs to be able to create a kernel device +with a malicious name, e.g. through /dev/uinput or a Bluetooth device. + +To fix this, convert any potential format directives in the device name +by duplicating percentages. + +Pre-rendering the device to avoid the issue altogether would be nicer +but the current log level hooks do not easily allow for this. The device +name is the only user-controlled part of the format string. + +A second potential issue is the sysname of the device which is also +sanitized. + +This issue was found by Albin Eldstål-Ahrens and Benjamin Svensson from +Assured AB, and independently by Lukas Lamster. + +Fixes #752 + +Signed-off-by: Peter Hutterer +(cherry picked from commit a423d7d3269dc32a87384f79e29bb5ac021c83d1) + +CVE: CVE-2022-1215 +Upstream Status: Backport [https://gitlab.freedesktop.org/libinput/libinput/-/commit/2a8b8fde90d63d48ce09ddae44142674bbca1c28] +Signed-off-by: Pawan Badganchi + +--- + meson.build| 1 + + src/evdev.c| 31 +++-- + src/evdev.h| 6 ++-- + src/util-strings.h | 30 + test/litest-device-format-string.c | 56 ++ + test/litest.h | 1 + + test/test-utils.c | 26 ++ + 7 files changed, 139 insertions(+), 12 deletions(-) + create mode 100644 test/litest-device-format-string.c + +diff --git a/meson.build b/meson.build +index 90f528e6..1f6159e7 100644 +--- a/meson.build b/meson.build +@@ -787,6 +787,7 @@ + 'test/litest-device-dell-canvas-totem-touch.c', + 'test/litest-device-elantech-touchpad.c', + 'test/litest-device-elan-tablet.c', ++ 'test/litest-device-format-string.c', + 'test/litest-device-generic-singletouch.c', + 'test/litest-device-gpio-keys.c', + 'test/litest-device-huion-pentablet.c', +diff --git a/src/evdev.c b/src/evdev.c +index 6d81f58f..d1c35c07 100644 +--- a/src/evdev.c b/src/evdev.c +@@ -2356,19 +2356,19 @@ evdev_device_create(struct libinput_seat *seat, + struct libinput *libinput = seat->libinput; + struct evdev_device *device = NULL; + int rc; +- int fd; ++ int fd = -1; + int unhandled_device = 0; + const char *devnode = udev_device_get_devnode(udev_device); +- const char *sysname = udev_device_get_sysname(udev_device); ++ char *sysname = str_sanitize(udev_device_get_sysname(udev_device)); + + if (!devnode) { + log_info(libinput, "%s: no device node associated\n", sysname); +- return NULL; ++ goto err; + } + + if (udev_device_should_be_ignored(udev_device)) { + log_debug(libinput, "%s: device is ignored\n", sysname); +- return NULL; ++ goto err; + } + + /* Use non-blocking mode so that we can loop on read on +@@ -2382,13 +2382,15 @@ evdev_device_create(struct libinput_seat *seat, +sysname, +devnode, +
Re: [OE-core] [PATCH 5/5] oe-selftest: add go recipe create selftest
Also here an explanation of what the test does would be useful. Please keep in mind: writing code is only half the job. You need to explain it to non-specialists too, we're already struggling with items which are understood by few people, or in some cases only one person. Alex On Fri, 6 May 2022 at 09:00, Stefan Herbrechtsmeier wrote: > > From: Lukas Funke > > Signed-off-by: Lukas Funke > > Signed-off-by: Stefan Herbrechtsmeier > --- > > meta/lib/oeqa/selftest/cases/recipetool.py | 88 ++ > 1 file changed, 88 insertions(+) > > diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py > b/meta/lib/oeqa/selftest/cases/recipetool.py > index 510dae6bad..bb36e7b6d5 100644 > --- a/meta/lib/oeqa/selftest/cases/recipetool.py > +++ b/meta/lib/oeqa/selftest/cases/recipetool.py > @@ -530,6 +530,94 @@ class RecipetoolTests(RecipetoolBase): > libpath = os.path.join(get_bb_var('COREBASE'), 'scripts', 'lib', > 'recipetool') > sys.path.insert(0, libpath) > > +def test_recipetool_create_go(self): > +# Basic test to check go recipe generation > +def urifiy(url, version, path = None, subdir = None): > +path = ",path='%s'" % path if path else '' > +subdir = ",subdir='%s'" % subdir if subdir else '' > +return "${@go_src_uri('%s','%s'%s%s)}" % (url, path, subdir) > + > +temprecipe = os.path.join(self.tempdir, 'recipe') > +os.makedirs(temprecipe) > +recipefile = os.path.join(temprecipe, 'edgex-go_git.bb') > +srcuri = 'https://github.com/edgexfoundry/edgex-go.git' > +srcrev = "v2.2.0-dev.54" > +result = runCmd('recipetool create -o %s %s -S %s' % (temprecipe, > srcuri, srcrev)) > +self.assertTrue(os.path.isfile(recipefile)) > +checkvars = {} > +src_uri = ['git://${GO_IMPORT};nobranch=1;name=${BPN}'] > +checkvars['LIC_FILES_CHKSUM'] = > set(['file://src/${GO_IMPORT}/LICENSE;md5=71a6955f3cd81a809549da266346dc59']) > +checkvars['GO_IMPORT'] = "github.com/edgexfoundry/edgex-go" > +inherits = ['go-vendor'] > +dependencies = \ > +[ > +('bitbucket.org/bertimus9/systemstat'), > + > ('github.com/edgexfoundry/go-mod-bootstrap','github.com/edgexfoundry/go-mod-bootstrap/v2'), > + > ('github.com/edgexfoundry/go-mod-core-contracts''github.com/edgexfoundry/go-mod-core-contracts/v2'), > + > ('github.com/edgexfoundry/go-mod-messaging','github.com/edgexfoundry/go-mod-messaging/v2'), > + > ('github.com/edgexfoundry/go-mod-registry','github.com/edgexfoundry/go-mod-registry/v2'), > + > ('github.com/edgexfoundry/go-mod-secrets','github.com/edgexfoundry/go-mod-secrets/v2'), > +('github.com/fxamacker/cbor','github.com/fxamacker/cbor/v2'), > +('github.com/golang-jwt/jwt','github.com/golang-jwt/jwt/v4'), > +('github.com/gomodule/redigo'), > +('github.com/google/uuid'), > +('github.com/gorilla/mux'), > +('github.com/lib/pq'), > +('github.com/pelletier/go-toml'), > + > ('github.com/spiffe/go-spiffe','github.com/spiffe/go-spiffe/v2'), > +('github.com/stretchr/testify'), > +('go.googlesource.com/crypto','golang.org/x/crypto'), > +('gopkg.in/eapache/queue.v1'), > +('gopkg.in/yaml.v3'), > +('github.com/armon/go-metrics'), > +('github.com/cenkalti/backoff'), > +('github.com/davecgh/go-spew'), > +('github.com/eclipse/paho.mqtt.golang'), > + > ('github.com/edgexfoundry/go-mod-configuration','github.com/edgexfoundry/go-mod-configuration/v2'), > +('github.com/fatih/color'), > +('github.com/go-kit/log'), > +('github.com/go-logfmt/logfmt'), > +('github.com/go-playground/locales'), > +('github.com/go-playground/universal-translator'), > + > ('github.com/go-playground/validator','github.com/go-playground/validator/v10'), > +('github.com/go-redis/redis','github.com/go-redis/redis/v7'), > +('github.com/golang/protobuf'), > +('github.com/gorilla/websocket'), > +('github.com/hashicorp/consul','api'), > +('github.com/hashicorp/errwrap'), > +('github.com/hashicorp/go-cleanhttp'), > +('github.com/hashicorp/go-hclog'), > +('github.com/hashicorp/go-immutable-radix'), > +('github.com/hashicorp/go-multierror'), > +('github.com/hashicorp/go-rootcerts'), > +('github.com/hashicorp/golang-lru'), > +('github.com/hashicorp/serf'), > +('github.com/leodido/go-urn'), > +
Re: [OE-core] [PATCH 4/5] recipetool: add go recipe generator
This is a lot of code. Can you add some documentation for it, what it does and how it works? If someone would want to understand it, how would they go about it? Alex On Fri, 6 May 2022 at 09:00, Stefan Herbrechtsmeier wrote: > > From: Lukas Funke > > Signed-off-by: Lukas Funke > Signed-off-by: Stefan Herbrechtsmeier > --- > > scripts/lib/recipetool/create_go.py | 394 > 1 file changed, 394 insertions(+) > create mode 100644 scripts/lib/recipetool/create_go.py > > diff --git a/scripts/lib/recipetool/create_go.py > b/scripts/lib/recipetool/create_go.py > new file mode 100644 > index 00..4552e9b470 > --- /dev/null > +++ b/scripts/lib/recipetool/create_go.py > @@ -0,0 +1,394 @@ > +# Recipe creation tool - go support plugin > +# > +# Copyright (C) 2022 Weidmueller GmbH & Co KG > +# Author: Lukas Funke > +# > +# Copyright (c) 2009 The Go Authors. All rights reserved. > +# > +# SPDX-License-Identifier: BSD-3-Clause AND GPL-2.0-only > +# > +import bb.utils > +from collections import namedtuple > +from enum import Enum > +from html.parser import HTMLParser > +import json > +import logging > +import os > +import re > +import subprocess > +import sys > +import tempfile > +import shutil > +from urllib.error import URLError, HTTPError > +import urllib.parse > +import urllib.request > + > +from recipetool.create import RecipeHandler, handle_license_vars, > ensure_native_cmd > + > +GoImport = namedtuple('GoImport', 'reporoot vcs repourl suffix') > +logger = logging.getLogger('recipetool') > + > +tinfoil = None > + > +re_pseudo_semver = > re.compile(r"v([0-9]+)\.([0-9]+).([0-9]+|\([0-9]+\+1\))-(pre\.[0-9]+\.)?([0-9]+\.)?(?P[0-9]+)-(?P[0-9Aa-zA-Z]+)") > +re_semver = > re.compile(r"^v(?P0|[1-9]\d*)\.(?P0|[1-9]\d*)\.(?P0|[1-9]\d*)(?:-(?P(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+(?P[0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$") > + > +def tinfoil_init(instance): > +global tinfoil > +tinfoil = instance > + > +class GoRecipeHandler(RecipeHandler): > + > +def _resolve_repository_static(self, modulepath): > +_rootpath = None > +_vcs = None > +_repourl = None > +_suffix = None > + > +host, _, path = modulepath.partition('/') > + > +class vcs(Enum): > +pathprefix = "pathprefix" > +regexp = "regexp" > +vcs = "vcs" > +repo = "repo" > +check = "check" > +schemelessRepo = "schemelessRepo" > + > +# GitHub > +vcsGitHub = {} > +vcsGitHub[vcs.pathprefix] = "github.com" > +vcsGitHub[vcs.regexp] = > re.compile(r'^(?Pgithub\.com/[A-Za-z0-9_.\-]+/[A-Za-z0-9_.\-]+)(/(?P[A-Za-z0-9_.\-]+))*$') > +vcsGitHub[vcs.vcs] = "git" > +vcsGitHub[vcs.repo] = "https://\g" > + > +# Bitbucket > +vcsBitbucket = {} > +vcsBitbucket[vcs.pathprefix] = "bitbucket.org" > +vcsBitbucket[vcs.regexp] = > re.compile(r'^(?Pbitbucket\.org/(?P[A-Za-z0-9_.\-]+/[A-Za-z0-9_.\-]+))(/(?P[A-Za-z0-9_.\-]+))*$') > +vcsBitbucket[vcs.vcs] = "git" > +vcsBitbucket[vcs.repo] = "https://\g" > + > +# IBM DevOps Services (JazzHub) > +vcsIBMDevOps = {} > +vcsIBMDevOps[vcs.pathprefix] = "hub.jazz.net/git" > +vcsIBMDevOps[vcs.regexp] = > re.compile(r'^(?Phub\.jazz\.net/git/[a-z0-9]+/[A-Za-z0-9_.\-]+)(/(?P[A-Za-z0-9_.\-]+))*$') > +vcsIBMDevOps[vcs.vcs] = "git" > +vcsIBMDevOps[vcs.repo] = "https://\g" > + > +# Git at Apache > +vcsApacheGit = {} > +vcsApacheGit[vcs.pathprefix] = "git.apache.org" > +vcsApacheGit[vcs.regexp] = > re.compile(r'^(?Pgit\.apache\.org/[a-z0-9_.\-]+\.git)(/(?P[A-Za-z0-9_.\-]+))*$') > +vcsApacheGit[vcs.vcs] = "git" > +vcsApacheGit[vcs.repo] = "https://\g" > + > +# Git at OpenStack > +vcsOpenStackGit = {} > +vcsOpenStackGit[vcs.pathprefix] = "git.openstack.org" > +vcsOpenStackGit[vcs.regexp] = > re.compile(r'^(?Pgit\.openstack\.org/[A-Za-z0-9_.\-]+/[A-Za-z0-9_.\-]+)(\.git)?(/(?P[A-Za-z0-9_.\-]+))*$') > +vcsOpenStackGit[vcs.vcs] = "git" > +vcsOpenStackGit[vcs.repo] = "https://\g" > + > +# chiselapp.com for fossil > +vcsChiselapp = {} > +vcsChiselapp[vcs.pathprefix] = "chiselapp.com" > +vcsChiselapp[vcs.regexp] = > re.compile(r'^(?Pchiselapp\.com/user/[A-Za-z0-9]+/repository/[A-Za-z0-9_.\-]+)$') > +vcsChiselapp[vcs.vcs] = "fossil" > +vcsChiselapp[vcs.repo] = "https://\g" > + > +# General syntax for any server. > +# Must be last. > +vcsGeneralServer = {} > +vcsGeneralServer[vcs.regexp] = > re.compile("(?P(?P([a-z0-9.\-]+\.)+[a-z0-9.\-]+(:[0-9]+)?(/~?[A-Za-z0-9_.\-]+)+?)\.(?Pbzr|fossil|git|hg|svn))(/~?(?P[A-Za-z0-9_.\-]+))*$") > +vcsGeneralServer[vcs.schemelessRepo] = True > + > +vcsPaths = [vcsGitHub, vcsBitbucket,
Re: [OE-core] [PATCH 1/5] recipetool-create: add ensure_native_cmd function
I think the terminology is a bit confused here, instead of 'command' it should say 'recipe'. Also: """Check if the command is available in the recipes""" is not everything it does, it also builds the recipe. And please write a commit message that explains what and why. Alex On Fri, 6 May 2022 at 09:00, Stefan Herbrechtsmeier wrote: > > From: Lukas Funke > > Signed-off-by: Lukas Funke > Signed-off-by: Stefan Herbrechtsmeier > --- > > scripts/lib/recipetool/create.py | 23 +++ > 1 file changed, 23 insertions(+) > > diff --git a/scripts/lib/recipetool/create.py > b/scripts/lib/recipetool/create.py > index 824ac6350d..efcb82173e 100644 > --- a/scripts/lib/recipetool/create.py > +++ b/scripts/lib/recipetool/create.py > @@ -1375,6 +1375,29 @@ def convert_rpm_xml(xmlfile): > values[varname] = child[0].text > return values > > +def ensure_native_cmd(tinfoil, cmd): > +"""Check if the command is available in the recipes""" > +if not tinfoil.recipes_parsed: > +tinfoil.parse_recipes() > + > +try: > +d = tinfoil.parse_recipe("%s-native" % cmd) > +except bb.providers.NoProvider: > +bb.error("Nothing provides '%s-native' which is required for the > build" % cmd) > +bb.note("You will likely need to add a layer that provides %s" % cmd) > +sys.exit(14) > + > +bindir = d.getVar("STAGING_BINDIR_NATIVE") > +cmdpath = os.path.join(bindir, cmd) > + > +if not os.path.exists(cmdpath): > +tinfoil.build_targets("%s-native" % cmd, "addto_recipe_sysroot") > + > +if not os.path.exists(cmdpath): > +bb.error("Failed to add '%s' to sysroot" % cmd) > +sys.exit(14) > + > +return bindir > > def register_commands(subparsers): > parser_create = subparsers.add_parser('create', > -- > 2.30.2 > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165330): https://lists.openembedded.org/g/openembedded-core/message/165330 Mute This Topic: https://lists.openembedded.org/mt/90928682/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] GIT_CONFIG_PARAMETERS does not work
On Fri, 2022-05-06 at 03:44 +, Chen Qi wrote: > Hi Ross & Richard, > > I’m building hardknott on host with git 2.36.0. And gnulib do_install fails > with git unsafe repo error. > The same error could be reproduced by reverting Khem’s fix for gnulib > do_install and building gnulib against master. > > | fatal: unsafe repository ('/ala-lpggp72/qichen/Yocto/builds/build- > master/tmp/work/core2-64-poky-linux/gnulib/2018-03-07.03-r0/git' is owned by > someone else) > | To add an exception for this directory, call: > | > | git config --global --add safe.directory /ala- > lpggp72/qichen/Yocto/builds/build-master/tmp/work/core2-64-poky- > linux/gnulib/2018-03-07.03-r0/git > > > I can see that we have already been trying to use the GIT_CONFIG_PARAMETERS to > solve this issue. Related changes are: > “”” > +# Treat all directories are safe, as during fakeroot tasks git will run as > +# root so recent git releases (eg 2.30.3) will refuse to work on > repositories. See > +# https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 > for > +# further details. > +export GIT_CONFIG_PARAMETERS="'safe.directory=*'" > “”” > > However, following the link above and I can see that the commit message says: > “”” > The `safe.directory` config setting is only respected in the system and > global configs, not from repository configs or via the command-line, and > can have multiple values to allow for multiple shared repositories. > “”” > > If I understand it correctly, this means that the command line environment > variables have no effect. > Also, I figure if some user could set his/her own environment variable to > bypass this security check, then this security check does not make much sense. > > So I think we should use the intercept script approach and add back the > following line. > PATH:prepend:task-install = "${COREBASE}/scripts/git-intercept:" > > What do you think? That patch isn't enough, we'll need the global intercept approach I had in later patches. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165329): https://lists.openembedded.org/g/openembedded-core/message/165329 Mute This Topic: https://lists.openembedded.org/mt/90927042/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] GIT_CONFIG_PARAMETERS does not work
Yes, I was actually going to send the patch for this today. :) Ross From: Chen, Qi Sent: Friday, May 6, 2022 4:44:32 AM To: openembedded-core@lists.openembedded.org Cc: Ross Burton ; richard.pur...@linuxfoundation.org ; raj.k...@gmail.com Subject: GIT_CONFIG_PARAMETERS does not work Hi Ross & Richard, I’m building hardknott on host with git 2.36.0. And gnulib do_install fails with git unsafe repo error. The same error could be reproduced by reverting Khem’s fix for gnulib do_install and building gnulib against master. | fatal: unsafe repository ('/ala-lpggp72/qichen/Yocto/builds/build-master/tmp/work/core2-64-poky-linux/gnulib/2018-03-07.03-r0/git' is owned by someone else) | To add an exception for this directory, call: | | git config --global --add safe.directory /ala-lpggp72/qichen/Yocto/builds/build-master/tmp/work/core2-64-poky-linux/gnulib/2018-03-07.03-r0/git I can see that we have already been trying to use the GIT_CONFIG_PARAMETERS to solve this issue. Related changes are: “”” +# Treat all directories are safe, as during fakeroot tasks git will run as +# root so recent git releases (eg 2.30.3) will refuse to work on repositories. See +# https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 for +# further details. +export GIT_CONFIG_PARAMETERS="'safe.directory=*'" “”” However, following the link above and I can see that the commit message says: “”” The `safe.directory` config setting is only respected in the system and global configs, not from repository configs or via the command-line, and can have multiple values to allow for multiple shared repositories. “”” If I understand it correctly, this means that the command line environment variables have no effect. Also, I figure if some user could set his/her own environment variable to bypass this security check, then this security check does not make much sense. So I think we should use the intercept script approach and add back the following line. PATH:prepend:task-install = "${COREBASE}/scripts/git-intercept:" What do you think? Regards, Qi IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165328): https://lists.openembedded.org/g/openembedded-core/message/165328 Mute This Topic: https://lists.openembedded.org/mt/90927042/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 5/5] oe-selftest: add go recipe create selftest
From: Lukas Funke Signed-off-by: Lukas Funke Signed-off-by: Stefan Herbrechtsmeier --- meta/lib/oeqa/selftest/cases/recipetool.py | 88 ++ 1 file changed, 88 insertions(+) diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py index 510dae6bad..bb36e7b6d5 100644 --- a/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/meta/lib/oeqa/selftest/cases/recipetool.py @@ -530,6 +530,94 @@ class RecipetoolTests(RecipetoolBase): libpath = os.path.join(get_bb_var('COREBASE'), 'scripts', 'lib', 'recipetool') sys.path.insert(0, libpath) +def test_recipetool_create_go(self): +# Basic test to check go recipe generation +def urifiy(url, version, path = None, subdir = None): +path = ",path='%s'" % path if path else '' +subdir = ",subdir='%s'" % subdir if subdir else '' +return "${@go_src_uri('%s','%s'%s%s)}" % (url, path, subdir) + +temprecipe = os.path.join(self.tempdir, 'recipe') +os.makedirs(temprecipe) +recipefile = os.path.join(temprecipe, 'edgex-go_git.bb') +srcuri = 'https://github.com/edgexfoundry/edgex-go.git' +srcrev = "v2.2.0-dev.54" +result = runCmd('recipetool create -o %s %s -S %s' % (temprecipe, srcuri, srcrev)) +self.assertTrue(os.path.isfile(recipefile)) +checkvars = {} +src_uri = ['git://${GO_IMPORT};nobranch=1;name=${BPN}'] +checkvars['LIC_FILES_CHKSUM'] = set(['file://src/${GO_IMPORT}/LICENSE;md5=71a6955f3cd81a809549da266346dc59']) +checkvars['GO_IMPORT'] = "github.com/edgexfoundry/edgex-go" +inherits = ['go-vendor'] +dependencies = \ +[ +('bitbucket.org/bertimus9/systemstat'), + ('github.com/edgexfoundry/go-mod-bootstrap','github.com/edgexfoundry/go-mod-bootstrap/v2'), + ('github.com/edgexfoundry/go-mod-core-contracts''github.com/edgexfoundry/go-mod-core-contracts/v2'), + ('github.com/edgexfoundry/go-mod-messaging','github.com/edgexfoundry/go-mod-messaging/v2'), + ('github.com/edgexfoundry/go-mod-registry','github.com/edgexfoundry/go-mod-registry/v2'), + ('github.com/edgexfoundry/go-mod-secrets','github.com/edgexfoundry/go-mod-secrets/v2'), +('github.com/fxamacker/cbor','github.com/fxamacker/cbor/v2'), +('github.com/golang-jwt/jwt','github.com/golang-jwt/jwt/v4'), +('github.com/gomodule/redigo'), +('github.com/google/uuid'), +('github.com/gorilla/mux'), +('github.com/lib/pq'), +('github.com/pelletier/go-toml'), + ('github.com/spiffe/go-spiffe','github.com/spiffe/go-spiffe/v2'), +('github.com/stretchr/testify'), +('go.googlesource.com/crypto','golang.org/x/crypto'), +('gopkg.in/eapache/queue.v1'), +('gopkg.in/yaml.v3'), +('github.com/armon/go-metrics'), +('github.com/cenkalti/backoff'), +('github.com/davecgh/go-spew'), +('github.com/eclipse/paho.mqtt.golang'), + ('github.com/edgexfoundry/go-mod-configuration','github.com/edgexfoundry/go-mod-configuration/v2'), +('github.com/fatih/color'), +('github.com/go-kit/log'), +('github.com/go-logfmt/logfmt'), +('github.com/go-playground/locales'), +('github.com/go-playground/universal-translator'), + ('github.com/go-playground/validator','github.com/go-playground/validator/v10'), +('github.com/go-redis/redis','github.com/go-redis/redis/v7'), +('github.com/golang/protobuf'), +('github.com/gorilla/websocket'), +('github.com/hashicorp/consul','api'), +('github.com/hashicorp/errwrap'), +('github.com/hashicorp/go-cleanhttp'), +('github.com/hashicorp/go-hclog'), +('github.com/hashicorp/go-immutable-radix'), +('github.com/hashicorp/go-multierror'), +('github.com/hashicorp/go-rootcerts'), +('github.com/hashicorp/golang-lru'), +('github.com/hashicorp/serf'), +('github.com/leodido/go-urn'), +('github.com/mattn/go-colorable'), +('github.com/mattn/go-isatty'), +('github.com/mitchellh/consulstructure'), +('github.com/mitchellh/copystructure'), +('github.com/mitchellh/go-homedir'), +('github.com/mitchellh/mapstructure'), +('github.com/mitchellh/reflectwalk'), +('github.com/pebbe/zmq4'), +('github.com/pmezard/go-difflib'), +('github.com/stretchr/objx'), +('github.com/x448/float16'),
[OE-core] [PATCH 4/5] recipetool: add go recipe generator
From: Lukas Funke Signed-off-by: Lukas Funke Signed-off-by: Stefan Herbrechtsmeier --- scripts/lib/recipetool/create_go.py | 394 1 file changed, 394 insertions(+) create mode 100644 scripts/lib/recipetool/create_go.py diff --git a/scripts/lib/recipetool/create_go.py b/scripts/lib/recipetool/create_go.py new file mode 100644 index 00..4552e9b470 --- /dev/null +++ b/scripts/lib/recipetool/create_go.py @@ -0,0 +1,394 @@ +# Recipe creation tool - go support plugin +# +# Copyright (C) 2022 Weidmueller GmbH & Co KG +# Author: Lukas Funke +# +# Copyright (c) 2009 The Go Authors. All rights reserved. +# +# SPDX-License-Identifier: BSD-3-Clause AND GPL-2.0-only +# +import bb.utils +from collections import namedtuple +from enum import Enum +from html.parser import HTMLParser +import json +import logging +import os +import re +import subprocess +import sys +import tempfile +import shutil +from urllib.error import URLError, HTTPError +import urllib.parse +import urllib.request + +from recipetool.create import RecipeHandler, handle_license_vars, ensure_native_cmd + +GoImport = namedtuple('GoImport', 'reporoot vcs repourl suffix') +logger = logging.getLogger('recipetool') + +tinfoil = None + +re_pseudo_semver = re.compile(r"v([0-9]+)\.([0-9]+).([0-9]+|\([0-9]+\+1\))-(pre\.[0-9]+\.)?([0-9]+\.)?(?P[0-9]+)-(?P[0-9Aa-zA-Z]+)") +re_semver = re.compile(r"^v(?P0|[1-9]\d*)\.(?P0|[1-9]\d*)\.(?P0|[1-9]\d*)(?:-(?P(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\.(?:0|[1-9]\d*|\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\+(?P[0-9a-zA-Z-]+(?:\.[0-9a-zA-Z-]+)*))?$") + +def tinfoil_init(instance): +global tinfoil +tinfoil = instance + +class GoRecipeHandler(RecipeHandler): + +def _resolve_repository_static(self, modulepath): +_rootpath = None +_vcs = None +_repourl = None +_suffix = None + +host, _, path = modulepath.partition('/') + +class vcs(Enum): +pathprefix = "pathprefix" +regexp = "regexp" +vcs = "vcs" +repo = "repo" +check = "check" +schemelessRepo = "schemelessRepo" + +# GitHub +vcsGitHub = {} +vcsGitHub[vcs.pathprefix] = "github.com" +vcsGitHub[vcs.regexp] = re.compile(r'^(?Pgithub\.com/[A-Za-z0-9_.\-]+/[A-Za-z0-9_.\-]+)(/(?P[A-Za-z0-9_.\-]+))*$') +vcsGitHub[vcs.vcs] = "git" +vcsGitHub[vcs.repo] = "https://\g" + +# Bitbucket +vcsBitbucket = {} +vcsBitbucket[vcs.pathprefix] = "bitbucket.org" +vcsBitbucket[vcs.regexp] = re.compile(r'^(?Pbitbucket\.org/(?P[A-Za-z0-9_.\-]+/[A-Za-z0-9_.\-]+))(/(?P[A-Za-z0-9_.\-]+))*$') +vcsBitbucket[vcs.vcs] = "git" +vcsBitbucket[vcs.repo] = "https://\g" + +# IBM DevOps Services (JazzHub) +vcsIBMDevOps = {} +vcsIBMDevOps[vcs.pathprefix] = "hub.jazz.net/git" +vcsIBMDevOps[vcs.regexp] = re.compile(r'^(?Phub\.jazz\.net/git/[a-z0-9]+/[A-Za-z0-9_.\-]+)(/(?P[A-Za-z0-9_.\-]+))*$') +vcsIBMDevOps[vcs.vcs] = "git" +vcsIBMDevOps[vcs.repo] = "https://\g" + +# Git at Apache +vcsApacheGit = {} +vcsApacheGit[vcs.pathprefix] = "git.apache.org" +vcsApacheGit[vcs.regexp] = re.compile(r'^(?Pgit\.apache\.org/[a-z0-9_.\-]+\.git)(/(?P[A-Za-z0-9_.\-]+))*$') +vcsApacheGit[vcs.vcs] = "git" +vcsApacheGit[vcs.repo] = "https://\g" + +# Git at OpenStack +vcsOpenStackGit = {} +vcsOpenStackGit[vcs.pathprefix] = "git.openstack.org" +vcsOpenStackGit[vcs.regexp] = re.compile(r'^(?Pgit\.openstack\.org/[A-Za-z0-9_.\-]+/[A-Za-z0-9_.\-]+)(\.git)?(/(?P[A-Za-z0-9_.\-]+))*$') +vcsOpenStackGit[vcs.vcs] = "git" +vcsOpenStackGit[vcs.repo] = "https://\g" + +# chiselapp.com for fossil +vcsChiselapp = {} +vcsChiselapp[vcs.pathprefix] = "chiselapp.com" +vcsChiselapp[vcs.regexp] = re.compile(r'^(?Pchiselapp\.com/user/[A-Za-z0-9]+/repository/[A-Za-z0-9_.\-]+)$') +vcsChiselapp[vcs.vcs] = "fossil" +vcsChiselapp[vcs.repo] = "https://\g" + +# General syntax for any server. +# Must be last. +vcsGeneralServer = {} +vcsGeneralServer[vcs.regexp] = re.compile("(?P(?P([a-z0-9.\-]+\.)+[a-z0-9.\-]+(:[0-9]+)?(/~?[A-Za-z0-9_.\-]+)+?)\.(?Pbzr|fossil|git|hg|svn))(/~?(?P[A-Za-z0-9_.\-]+))*$") +vcsGeneralServer[vcs.schemelessRepo] = True + +vcsPaths = [vcsGitHub, vcsBitbucket, vcsIBMDevOps, vcsApacheGit, vcsOpenStackGit, vcsChiselapp, vcsGeneralServer] + +if modulepath.startswith("example.net") or modulepath == "rsc.io": +logger.warning("Suspicious module path %s" % modulepath) +return None +if modulepath.startswith("http:") or modulepath.startswith("https:"): +logger.warning("Import path should not start with %s %s" % ("http", "https")) +return None + +for srv in vcsPaths: +
[OE-core] [PATCH 2/5] create_npm: reuse ensure_native_cmd from create.py
From: Lukas Funke Signed-off-by: Lukas Funke Signed-off-by: Stefan Herbrechtsmeier --- scripts/lib/recipetool/create_npm.py | 28 ++-- 1 file changed, 2 insertions(+), 26 deletions(-) diff --git a/scripts/lib/recipetool/create_npm.py b/scripts/lib/recipetool/create_npm.py index 3394a89970..3aed59252c 100644 --- a/scripts/lib/recipetool/create_npm.py +++ b/scripts/lib/recipetool/create_npm.py @@ -18,6 +18,7 @@ from recipetool.create import RecipeHandler from recipetool.create import get_license_md5sums from recipetool.create import guess_license from recipetool.create import split_pkg_licenses +from recipetool.create import ensure_native_cmd logger = logging.getLogger('recipetool') TINFOIL = None @@ -54,31 +55,6 @@ class NpmRecipeHandler(RecipeHandler): return registry -@staticmethod -def _ensure_npm(): -"""Check if the 'npm' command is available in the recipes""" -if not TINFOIL.recipes_parsed: -TINFOIL.parse_recipes() - -try: -d = TINFOIL.parse_recipe("nodejs-native") -except bb.providers.NoProvider: -bb.error("Nothing provides 'nodejs-native' which is required for the build") -bb.note("You will likely need to add a layer that provides nodejs") -sys.exit(14) - -bindir = d.getVar("STAGING_BINDIR_NATIVE") -npmpath = os.path.join(bindir, "npm") - -if not os.path.exists(npmpath): -TINFOIL.build_targets("nodejs-native", "addto_recipe_sysroot") - -if not os.path.exists(npmpath): -bb.error("Failed to add 'npm' to sysroot") -sys.exit(14) - -return bindir - @staticmethod def _npm_global_configs(dev): """Get the npm global configuration""" @@ -190,7 +166,7 @@ class NpmRecipeHandler(RecipeHandler): # npm version is high enough to ensure an efficient dependency tree # resolution and avoid issue with the shrinkwrap file format. # Moreover the native npm is mandatory for the build. -bindir = self._ensure_npm() +bindir = ensure_native_cmd(TINFOIL, "npm") d = bb.data.createCopy(TINFOIL.config_data) d.prependVar("PATH", bindir + ":") -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165325): https://lists.openembedded.org/g/openembedded-core/message/165325 Mute This Topic: https://lists.openembedded.org/mt/90928684/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 3/5] poky-meta: add go vendor class for offline builds
From: Lukas Funke Signed-off-by: Lukas Funke Signed-off-by: Stefan Herbrechtsmeier --- meta/classes/go-vendor.bbclass | 68 ++ 1 file changed, 68 insertions(+) create mode 100644 meta/classes/go-vendor.bbclass diff --git a/meta/classes/go-vendor.bbclass b/meta/classes/go-vendor.bbclass new file mode 100644 index 00..a1a740a1fc --- /dev/null +++ b/meta/classes/go-vendor.bbclass @@ -0,0 +1,68 @@ +# Copyright 2022 (C) Weidmueller GmbH & Co KG +# Author: Lukas Funke +# +# Handle Go vendor support for offline builds +# +# When importing Go modules, Go downloads the imported module using +# a network (proxy) connection ahead of the compile stage. This contradicts +# the yocto build concept of fetching every source ahead of build-time +# and supporting offline builds. +# +# To support offline builds, we use Go 'vendoring': module dependencies are +# downloaded during the fetch-phase and unpacked into the modules 'vendor' +# folder. Additinally a manifest file is generated for the 'vendor' folder +# + +inherit go-mod + +def go_src_uri(repo, path=None, subdir=None, vcs='git', destsuffix_prefix = 'git/src/import/vendor.fetch'): +module_path = repo if not path else path +src_uri = "{}://{};name={};destsuffix={}/{}".format(vcs, repo, \ +module_path.replace('/', '.'), \ +destsuffix_prefix, module_path) + +src_uri += ";subdir={}".format(subdir) if subdir else "" +src_uri += ";nobranch=1;protocol=https" if vcs == "git" else "" + +return src_uri + +def go_generate_vendor_manifest(d): + +vendor_dir = os.path.join(os.path.basename(d.getVar('S')), +'src', d.getVar('GO_IMPORT'), "vendor") +dst = os.path.join(vendor_dir, "modules.txt") + +go_modules = d.getVarFlags("GO_MODULE_PATH") +with open(dst, "w") as manifest: +for go_module in go_modules: +module_path = d.getVarFlag("GO_MODULE_PATH", go_module) +module_version = d.getVarFlag("GO_MODULE_VERSION", go_module) +if module_path and module_version: +manifest.write("# %s %s\n" % (module_path, module_version)) +manifest.write("## explicit\n") +exclude = set(['vendor']) +for subdir, dirs, files in os.walk(os.path.join(vendor_dir, module_path), topdown=True): +dirs[:] = [d for d in dirs if d not in exclude] +for file in files: +if file.endswith(".go"): +manifest.write(subdir[len(vendor_dir)+1:] + "\n") +break + +python go_do_unpack:append() { +src_uri = (d.getVar('SRC_URI') or "").split() +if len(src_uri) == 0: +return + +try: +fetcher = bb.fetch2.Fetch(src_uri, d) +src_folder = os.path.join(os.path.basename(d.getVar('S')), +'src', d.getVar('GO_IMPORT')) +vendor_src = os.path.join(src_folder, "vendor") +vendor_dst = os.path.join(d.getVar('S'), "src", "import", "vendor.fetch") + +os.symlink(os.path.relpath(vendor_dst, src_folder), vendor_src) +go_generate_vendor_manifest(d) + +except bb.fetch2.BBFetchException as e: +raise bb.build.FuncFailed(e) +} -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165324): https://lists.openembedded.org/g/openembedded-core/message/165324 Mute This Topic: https://lists.openembedded.org/mt/90928683/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 1/5] recipetool-create: add ensure_native_cmd function
From: Lukas Funke Signed-off-by: Lukas Funke Signed-off-by: Stefan Herbrechtsmeier --- scripts/lib/recipetool/create.py | 23 +++ 1 file changed, 23 insertions(+) diff --git a/scripts/lib/recipetool/create.py b/scripts/lib/recipetool/create.py index 824ac6350d..efcb82173e 100644 --- a/scripts/lib/recipetool/create.py +++ b/scripts/lib/recipetool/create.py @@ -1375,6 +1375,29 @@ def convert_rpm_xml(xmlfile): values[varname] = child[0].text return values +def ensure_native_cmd(tinfoil, cmd): +"""Check if the command is available in the recipes""" +if not tinfoil.recipes_parsed: +tinfoil.parse_recipes() + +try: +d = tinfoil.parse_recipe("%s-native" % cmd) +except bb.providers.NoProvider: +bb.error("Nothing provides '%s-native' which is required for the build" % cmd) +bb.note("You will likely need to add a layer that provides %s" % cmd) +sys.exit(14) + +bindir = d.getVar("STAGING_BINDIR_NATIVE") +cmdpath = os.path.join(bindir, cmd) + +if not os.path.exists(cmdpath): +tinfoil.build_targets("%s-native" % cmd, "addto_recipe_sysroot") + +if not os.path.exists(cmdpath): +bb.error("Failed to add '%s' to sysroot" % cmd) +sys.exit(14) + +return bindir def register_commands(subparsers): parser_create = subparsers.add_parser('create', -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165323): https://lists.openembedded.org/g/openembedded-core/message/165323 Mute This Topic: https://lists.openembedded.org/mt/90928682/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 50/61] coreutils: update 9.0 -> 9.1
On Thu, 5 May 2022 at 20:54, Khem Raj wrote: > https://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=v8.24-7-g6d67649 > has marked uname -p and -i as non-portable options. So dropping this > patch is fine.Perhaps > using that as an argument in the commit message will be better than > saying it is difficult to rebase. I resent with a corrected commit message. Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165322): https://lists.openembedded.org/g/openembedded-core/message/165322 Mute This Topic: https://lists.openembedded.org/mt/90905508/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 3/3] stress-ng: disable apparmor from the correct spot
do_configure uses the base.bbclass version, which can call 'make clean', negating the disabling. Signed-off-by: Alexander Kanavin --- meta/recipes-extended/stress-ng/stress-ng_0.14.00.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-extended/stress-ng/stress-ng_0.14.00.bb b/meta/recipes-extended/stress-ng/stress-ng_0.14.00.bb index ada35dbc4c..e7cc1d1846 100644 --- a/meta/recipes-extended/stress-ng/stress-ng_0.14.00.bb +++ b/meta/recipes-extended/stress-ng/stress-ng_0.14.00.bb @@ -20,7 +20,7 @@ RCONFLICTS:${PN} = "stress" inherit bash-completion -do_configure:prepend() { +do_compile:prepend() { mkdir -p configs touch configs/HAVE_APPARMOR } -- 2.30.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165321): https://lists.openembedded.org/g/openembedded-core/message/165321 Mute This Topic: https://lists.openembedded.org/mt/90928569/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH 2/3] python3-setuptools: upgrade 59.5.0 -> 62.1.0
From: Alexander Kanavin This was held by numpy rejecting setuptools >= 60.x, however they added a workaround in recent point releases and so the upgrade can proceed. Drop 0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch as changed code completely removed upstream. Add a tomli build dependency to python3-setuptools-scm as new setuptools exposes: | File "/srv/work/alex/poky/build-64-alt/tmp/work/x86_64-linux/python3-setuptools-scm-native/6.4.2-r0/setuptools_scm-6.4.2/src/setuptools_scm/config.py", line 59, in _lazy_tomli_load | from tomli import loads | ModuleNotFoundError: No module named 'tomli' Signed-off-by: Alexander Kanavin --- ...ly-do-not-fetch-code-by-easy_install.patch | 6 ++-- .../python/python3-setuptools-scm_6.4.2.bb| 2 ++ ...nfig-append-STAGING_LIBDIR-python-sy.patch | 35 --- ...59.5.0.bb => python3-setuptools_62.1.0.bb} | 7 ++-- 4 files changed, 7 insertions(+), 43 deletions(-) delete mode 100644 meta/recipes-devtools/python/python3-setuptools/0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch rename meta/recipes-devtools/python/{python3-setuptools_59.5.0.bb => python3-setuptools_62.1.0.bb} (87%) diff --git a/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch b/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch index 5e2ee454da..5bbf14fd38 100644 --- a/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch +++ b/meta/recipes-devtools/python/files/0001-conditionally-do-not-fetch-code-by-easy_install.patch @@ -1,4 +1,4 @@ -From da88c57fe03e4474ba20325edacf519e80c1d7a8 Mon Sep 17 00:00:00 2001 +From d26d10b6142ac08fe1b878ebc8c2c93c9b6803ed Mon Sep 17 00:00:00 2001 From: Hongxu Jia Date: Tue, 17 Jul 2018 10:13:38 +0800 Subject: [PATCH] conditionally do not fetch code by easy_install @@ -15,10 +15,10 @@ Signed-off-by: Hongxu Jia 1 file changed, 5 insertions(+) diff --git a/setuptools/command/easy_install.py b/setuptools/command/easy_install.py -index fc848d0..c04a5de 100644 +index 444d3b3..61e445a 100644 --- a/setuptools/command/easy_install.py +++ b/setuptools/command/easy_install.py -@@ -642,6 +642,11 @@ class easy_install(Command): +@@ -648,6 +648,11 @@ class easy_install(Command): os.path.exists(tmpdir) and rmtree(tmpdir) def easy_install(self, spec, deps=False): diff --git a/meta/recipes-devtools/python/python3-setuptools-scm_6.4.2.bb b/meta/recipes-devtools/python/python3-setuptools-scm_6.4.2.bb index e09c598bf5..9aaae071d3 100644 --- a/meta/recipes-devtools/python/python3-setuptools-scm_6.4.2.bb +++ b/meta/recipes-devtools/python/python3-setuptools-scm_6.4.2.bb @@ -11,6 +11,8 @@ inherit pypi python_setuptools_build_meta UPSTREAM_CHECK_REGEX = "setuptools_scm-(?P.*)\.tar" +DEPENDS += "python3-tomli-native" + RDEPENDS:${PN} = "\ ${PYTHON_PN}-packaging \ ${PYTHON_PN}-pyparsing \ diff --git a/meta/recipes-devtools/python/python3-setuptools/0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch b/meta/recipes-devtools/python/python3-setuptools/0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch deleted file mode 100644 index 3150187951..00 --- a/meta/recipes-devtools/python/python3-setuptools/0001-_distutils-sysconfig-append-STAGING_LIBDIR-python-sy.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 1ff575308248b183639c8cb14afee7c8572bd2b8 Mon Sep 17 00:00:00 2001 -From: Tim Orling -Date: Wed, 20 Oct 2021 17:38:10 + -Subject: [PATCH] _distutils/sysconfig: append - STAGING_LIBDIR/python-sysconfigdata to sys.path - -When python modules set SETUPTOOLS_USE_DISTULS='local', this uses the -vendored _distutils in setuptools rather than distutils in the Standard -Library. This is needed so that target configuration can be used with -python3-setuptools-native. - -Based on python3/0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch -from Alex Kanavin - -Upstream-Status: Inappropriate [oe-specific] - -Signed-off-by: Tim Orling - - setuptools/_distutils/sysconfig.py | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/setuptools/_distutils/sysconfig.py b/setuptools/_distutils/sysconfig.py -index d36d94f..616eb91 100644 a/setuptools/_distutils/sysconfig.py -+++ b/setuptools/_distutils/sysconfig.py -@@ -484,6 +484,8 @@ def _init_posix(): - multiarch=getattr(sys.implementation, '_multiarch', ''), - ), - ) -+if 'STAGING_LIBDIR' in os.environ: -+sys.path.append(os.environ['STAGING_LIBDIR']+'/python-sysconfigdata') - try: - _temp = __import__(name, globals(), locals(), ['build_time_vars'], 0) - except ImportError: diff --git a/meta/recipes-devtools/python/python3-setuptools_59.5.0.bb b/meta/recipes-devtools/python/python3-setuptools_62.1.0.bb similarity index 87% rename from meta/recipes-devtools/python/python3-setuptools_59.5.0.bb rename to
[OE-core] [PATCH 1/3] coreutils: update 9.0 -> 9.1
Drop patches: fix-selinux-flask.patch (upstream fixed the issue) e8b56ebd536e82b15542a00c888109471936bfda.patch (backport) 0001-uname-report-processor-and-hardware-correctly.patch (upstream explicitly marks the options as non-portable and unreliable[1]; the patch is difficult to rebase, use case for oe unclear) [1] https://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=v8.24-7-g6d67649 License-Update: copyright years Signed-off-by: Alexander Kanavin --- ...ort-processor-and-hardware-correctly.patch | 64 - ...6ebd536e82b15542a00c888109471936bfda.patch | 93 --- .../coreutils/fix-selinux-flask.patch | 37 .../{coreutils_9.0.bb => coreutils_9.1.bb}| 7 +- 4 files changed, 2 insertions(+), 199 deletions(-) delete mode 100644 meta/recipes-core/coreutils/coreutils/0001-uname-report-processor-and-hardware-correctly.patch delete mode 100644 meta/recipes-core/coreutils/coreutils/e8b56ebd536e82b15542a00c888109471936bfda.patch delete mode 100644 meta/recipes-core/coreutils/coreutils/fix-selinux-flask.patch rename meta/recipes-core/coreutils/{coreutils_9.0.bb => coreutils_9.1.bb} (96%) diff --git a/meta/recipes-core/coreutils/coreutils/0001-uname-report-processor-and-hardware-correctly.patch b/meta/recipes-core/coreutils/coreutils/0001-uname-report-processor-and-hardware-correctly.patch deleted file mode 100644 index 3c43e1d5da..00 --- a/meta/recipes-core/coreutils/coreutils/0001-uname-report-processor-and-hardware-correctly.patch +++ /dev/null @@ -1,64 +0,0 @@ -Upstream-Status: Denied - -Subject: uname: report processor and hardware correctly - -This patch is rejected by coreutils upstream, but distros like debian and fedora -uses this patch to make `uname -i' and `uname -p' to not report 'unknown'. - -Signed-off-by: Chen Qi - src/uname.c | 18 -- - 1 file changed, 16 insertions(+), 2 deletions(-) - -diff --git a/src/uname.c b/src/uname.c -index 39bd28c..c84582d 100644 a/src/uname.c -+++ b/src/uname.c -@@ -299,13 +299,19 @@ main (int argc, char **argv) - - if (toprint & PRINT_PROCESSOR) - { -- char const *element = unknown; -+ char *element = unknown; - #if HAVE_SYSINFO && defined SI_ARCHITECTURE - { - static char processor[257]; - if (0 <= sysinfo (SI_ARCHITECTURE, processor, sizeof processor)) - element = processor; - } -+#else -+ { -+ static struct utsname u; -+ uname(); -+ element = u.machine; -+ } - #endif - #ifdef UNAME_PROCESSOR - if (element == unknown) -@@ -343,7 +349,7 @@ main (int argc, char **argv) - - if (toprint & PRINT_HARDWARE_PLATFORM) - { -- char const *element = unknown; -+ char *element = unknown; - #if HAVE_SYSINFO && defined SI_PLATFORM - { - static char hardware_platform[257]; -@@ -361,6 +367,14 @@ main (int argc, char **argv) - if (sysctl (mib, 2, hardware_platform, , 0, 0) >= 0) - element = hardware_platform; - } -+#else -+ { -+ static struct utsname u; -+ uname(); -+ element = u.machine; -+ if(strlen(element)==4 && element[0]=='i' && element[2]=='8' && element[3]=='6') -+element[1]='3'; -+ } - #endif - if (! (toprint == UINT_MAX && element == unknown)) - print_element (element); --- -1.9.1 - diff --git a/meta/recipes-core/coreutils/coreutils/e8b56ebd536e82b15542a00c888109471936bfda.patch b/meta/recipes-core/coreutils/coreutils/e8b56ebd536e82b15542a00c888109471936bfda.patch deleted file mode 100644 index d69ee95e4a..00 --- a/meta/recipes-core/coreutils/coreutils/e8b56ebd536e82b15542a00c888109471936bfda.patch +++ /dev/null @@ -1,93 +0,0 @@ -From e8b56ebd536e82b15542a00c888109471936bfda Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?P=C3=A1draig=20Brady?= -Date: Fri, 24 Sep 2021 20:57:41 +0100 -Subject: [PATCH] chmod: fix exit status when ignoring symlinks - -* src/chmod.c: Reorder enum so CH_NOT_APPLIED -can be treated as a non error. -* tests/chmod/ignore-symlink.sh: A new test. -* tests/local.mk: Reference the new test. -* NEWS: Mention the bug fix. -Fixes https://bugs.gnu.org/50784 - -Upstream-Status: Backport -Signed-off-by: Alexander Kanavin - src/chmod.c | 4 ++-- - tests/chmod/ignore-symlink.sh | 31 +++ - tests/local.mk| 1 + - 4 files changed, 40 insertions(+), 2 deletions(-) - create mode 100755 tests/chmod/ignore-symlink.sh - -diff --git a/src/chmod.c b/src/chmod.c -index 37b04f500..57ac47f33 100644 a/src/chmod.c -+++ b/src/chmod.c -@@ -44,8 +44,8 @@ struct change_status - enum - { - CH_NO_STAT, -- CH_NOT_APPLIED, - CH_FAILED, -+ CH_NOT_APPLIED, - CH_NO_CHANGE_REQUESTED, - CH_SUCCEEDED - } -@@ -322,7 +322,7 @@ process_file (FTS *fts, FTSENT *ent) - if ( ! recurse) - fts_set (fts, ent, FTS_SKIP); - -- return CH_NO_CHANGE_REQUESTED <=
Re: [OE-core] [PATCH v2] gnutls: Added fips support option.
On Fri, 6 May 2022 at 05:38, leimaohui wrote: > +DEPENDS:append:class-target = " gnutls-native" > +DEPENDS:append:class-nativesdk = " gnutls-native" > +PACKAGECONFIG[fips] = "--enable-fips140-mode > --with-libdl-prefix=${STAGING_BASELIBDIR},--disable-fips140-mode" I think the unconditional DEPENDS lines can be avoided if you use: PACKAGECONFIG[fips] = "--enable-fips140-mode --with-libdl-prefix=${STAGING_BASELIBDIR},--disable-fips140-mode,gnutls-native" Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#165318): https://lists.openembedded.org/g/openembedded-core/message/165318 Mute This Topic: https://lists.openembedded.org/mt/90926966/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-