[OE-core] [PATCH v5] qemu: Split the qemu package
From: Mingli Yu Currently all files as below packaged into one package such as qemu-7.2.0-*.rpm. After the qemu package installed on the target, it will take up about 464M which includes not only the one matches the arch of the target but aslo all available built qemu targets which set by QEMU_TARGETS. # ls tmp-glibc/work/core2-64-wrs-linux/qemu/7.2.0-r0/image/usr/bin/ qemu-aarch64 qemu-img qemu-mips64el qemu-ppc64 qemu-sh4qemu-system-loongarch64 qemu-system-ppc qemu-system-x86_64 qemu-arm qemu-io qemu-mipsel qemu-ppc64le qemu-storage-daemon qemu-system-mips qemu-system-ppc64 qemu-x86_64 qemu-edid qemu-loongarch64 qemu-mips.real qemu-pr-helper qemu-system-aarch64 qemu-system-mips64 qemu-system-riscv32 qemu-ga qemu-mips qemu-nbd qemu-riscv32qemu-system-arm qemu-system-mips64el qemu-system-riscv64 qemu-i386 qemu-mips64 qemu-ppc qemu-riscv64qemu-system-i386 qemu-system-mipsel qemu-system-sh4 Split the qemu package into qemu-7.2.0-*.rpm, qemu-system-*.rpm, qemu-user-*.rpm and etc. And let user can only choose the corresponding qemu arch package they want to install should ease the concerns who cares much about the size in embedded device as it decreases the qemu rpm (qemu-7.2.0*.rpm) size from about 65M to about 13M and the size of the extracted qemu RPM decreased from about 464M to about 230M. For the users who want to install all arch packages, they can install qemu-system-all and qemu-user-all to meet their need. Signed-off-by: Mingli Yu --- meta/recipes-devtools/qemu/qemu.inc | 20 1 file changed, 20 insertions(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index a87dee5c99..367b924f9c 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -230,6 +230,26 @@ INSANE_SKIP:${PN} = "arch" FILES:${PN} += "${datadir}/icons" +# For user who want to install all arch packages +PACKAGES =+ "${PN}-system-all ${PN}-user-all" + +ALLOW_EMPTY:${PN}-system-all = "1" +ALLOW_EMPTY:${PN}-user-all = "1" + +python populate_packages:prepend() { +archdir = d.expand('${bindir}/') +syspackages = do_split_packages(d, archdir, r'^qemu-system-(.*)$', '${PN}-system-%s', 'QEMU full system emulation binaries(%s)' , prepend=True) +if syspackages: +d.setVar('RDEPENDS:' + d.getVar('PN') + '-system-all', ' '.join(syspackages)) + +userpackages = do_split_packages(d, archdir, r'^qemu-((?!system|edid|ga|img|io|nbd|pr-helper|storage-daemon).*)$', '${PN}-user-%s', 'QEMU full user emulation binaries(%s)' , prepend=True) +if userpackages: +d.setVar('RDEPENDS:' + d.getVar('PN') + '-user-all', ' '.join(userpackages)) +mipspackage = d.getVar('PN') + "-user-mips" +if mipspackage in ' '.join(userpackages): +d.appendVar('RDEPENDS:' + mipspackage, ' ' + d.getVar("MLPREFIX") + 'bash') +} + # Put the guest agent in a separate package PACKAGES =+ "${PN}-guest-agent" SUMMARY:${PN}-guest-agent = "QEMU guest agent" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182494): https://lists.openembedded.org/g/openembedded-core/message/182494 Mute This Topic: https://lists.openembedded.org/mt/99401176/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 11/11] openssh: Move sshdgenkeys.service to sshd.socket
From: Alex Kiernan sshd.socket launches the templated sshd@.service, so by moving the sshdgenkeys.service to sshd.socket, key generation can start in advance of a connection. Signed-off-by: Alex Kiernan Signed-off-by: Richard Purdie (cherry picked from commit af38a39b4bed9e43c5075008be47ca72191a489e) Signed-off-by: Jermain Horsman Signed-off-by: Steve Sakoman --- meta/recipes-connectivity/openssh/openssh/sshd.socket | 1 + meta/recipes-connectivity/openssh/openssh/sshd@.service | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/meta/recipes-connectivity/openssh/openssh/sshd.socket b/meta/recipes-connectivity/openssh/openssh/sshd.socket index 12c39b26b5..8d76d62309 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd.socket +++ b/meta/recipes-connectivity/openssh/openssh/sshd.socket @@ -1,5 +1,6 @@ [Unit] Conflicts=sshd.service +Wants=sshdgenkeys.service [Socket] ExecStartPre=@BASE_BINDIR@/mkdir -p /var/run/sshd diff --git a/meta/recipes-connectivity/openssh/openssh/sshd@.service b/meta/recipes-connectivity/openssh/openssh/sshd@.service index 9d83dfb2bb..422450c7a1 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd@.service +++ b/meta/recipes-connectivity/openssh/openssh/sshd@.service @@ -1,13 +1,11 @@ [Unit] Description=OpenSSH Per-Connection Daemon -Wants=sshdgenkeys.service After=sshdgenkeys.service [Service] Environment="SSHD_OPTS=" EnvironmentFile=-/etc/default/ssh ExecStart=-@SBINDIR@/sshd -i $SSHD_OPTS -ExecReload=@BASE_BINDIR@/kill -HUP $MAINPID StandardInput=socket StandardError=syslog KillMode=process -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182493): https://lists.openembedded.org/g/openembedded-core/message/182493 Mute This Topic: https://lists.openembedded.org/mt/99399317/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 10/11] linux-yocto/5.4: update to v5.4.243
From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: f53660ec669f Linux 5.4.243 d60f15682a5c drm/amd/display: Fix hang when skipping modeset 93ca0d7b88e8 mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock 3f231e30cdeb drm/exynos: move to use request_irq by IRQF_NO_AUTOEN flag 65a8b6d129cf drm/msm/adreno: Fix null ptr access in adreno_gpu_cleanup() 62ac943eb2a9 firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() a781ea3437a0 drm/msm: Fix double pm_runtime_disable() call e4e88f74eb2f PM: domains: Restore comment indentation for generic_pm_domain.child_links ddcca7299de3 printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h c2c3ffc79896 PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock 6a24285f64ea PCI: pciehp: Use down_read/write_nested(reset_lock) to fix lockdep errors dde34ef0bc73 drbd: correctly submit flush bio on barrier 373720b9289c serial: 8250: Fix serial8250_tx_empty() race with DMA Tx f2a1071100fe tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH ba04d6af5ac4 ext4: fix invalid free tracking in ext4_xattr_move_to_block() 185062a21976 ext4: remove a BUG_ON in ext4_mb_release_group_pa() d7ff83a71d77 ext4: bail out of ext4_xattr_ibody_get() fails for any reason 486efbbc9445 ext4: add bounds checking in get_max_inline_xattr_value_size() b4fa4768c9ac ext4: fix deadlock when converting an inline directory in nojournal mode 2dda20290671 ext4: improve error recovery code paths in __ext4_remount() 525c802de3f9 ext4: fix data races when using cached status extents 4f4fd982d972 ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum 1b90fbc75901 ext4: fix WARNING in mb_find_extent f9e27d4bdb1f HID: wacom: insert timestamp to packed Bluetooth (BT) events d8b609e66244 HID: wacom: Set a default resolution for older tablets 3decf3a750a9 drm/amdgpu: disable sdma ecc irq only when sdma RAS is enabled in suspend 625d4112ea25 drm/amdgpu/gfx: disable gfx9 cp_ecc_error_irq only when enabling legacy gfx ras b1fabc379463 drm/amdgpu: fix an amdgpu_irq_put() issue in gmc_v9_0_hw_fini() c6bb59662432 drm/panel: otm8009a: Set backlight parent to panel device 3e7703624612 f2fs: fix potential corruption when moving a directory dafc5a5c8fda ARM: dts: s5pv210: correct MIPI CSIS clock name ad751b896eae ARM: dts: exynos: fix WM8960 clock name in Itop Elite 823496470790 remoteproc: st: Call of_node_put() on iteration error a1366ecb0905 remoteproc: stm32: Call of_node_put() on iteration error f16bc5111cc6 sh: nmi_debug: fix return value of __setup handler c9871a47f4ce sh: init: use OF_EARLY_FLATTREE for early init 111b08116dac sh: math-emu: fix macro redefined warning 8fb33166aed8 inotify: Avoid reporting event with invalid wd 0ccea97abe6d platform/x86: touchscreen_dmi: Add info for the Dexp Ursus KX210i 871641c7ebe5 cifs: fix pcchunk length type in smb2_copychunk_range 3e2b4bceaaf9 btrfs: print-tree: parent bytenr must be aligned to sector size 1e05bf5e80bb btrfs: don't free qgroup space unless specified b232f5e8cf81 btrfs: fix btrfs_prev_leaf() to not return the same key twice 96f71f669bee perf symbols: Fix return incorrect build_id size in elf_read_build_id() 78190a6ebe4e perf map: Delete two variable initialisations before null pointer checks in sort__sym_from_cmp() ffec80cc6761 perf vendor events power9: Remove UTF-8 characters from JSON files 62f1ebfe9aac virtio_net: suppress cpu stall when free_unused_bufs 1dc5faf30a6c virtio_net: split free_unused_bufs() b15637e717ad net: dsa: mt7530: fix corrupt frames using trgmii on 40 MHz XTAL MT7621 544b0de2d767 ALSA: caiaq: input: Add error handling for unsupported input methods in `snd_usb_caiaq_input_init` 35f2642f4abd drm/amdgpu: add a missing lock for AMDGPU_SCHED 5cfe3f910f7c af_packet: Don't send zero-byte data in packet_sendmsg_spkt(). fbcfa00386e1 ionic: remove noise from ethtool rxnfc error msg 4a56f1f6fe92 rxrpc: Fix hard call timeout units dfa36eb38020 net/sched: act_mirred: Add carrier check cc5ccfb7c0ee writeback: fix call of incorrect macro 9c1fcb97f98f net: dsa: mv88e6xxx: add mv88e6321 rsvd2cpu e80412439030 sit: update dev->needed_headroom in ipip6_tunnel_bind_dev() cc5fe387c629 net/sched: cls_api: remove block_cb from driver_list before freeing 8acd3a28873f net/ncsi: clear Tx enable mode when handling a Config required AEN bc0905a76531 relayfs: fix out-of-bounds access in relay_file_read c038ae623a7c kernel/relay.c: fix read_pos error when multiple readers 4f4de392f492 crypto: safexcel - Cleanup ring IRQ workqueues on load failure b9878f485d70 crypto: inside-secure - irq balance 439d3a7056d5 dm verity: fix error handling for check_at_most_once on FEC
[OE-core][dunfell 09/11] linux-yocto/5.4: update to v5.4.242
From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: ea7862c507ec Linux 5.4.242 d54a9f999ea7 ASN.1: Fix check for strdup() success 2500d7edebfb iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() 760c2e6dee32 pwm: meson: Explicitly set .polarity in .get_state() 7f2b8046da83 xfs: fix forkoff miscalculation related to XFS_LITINO(mp) c27a6bb1788f sctp: Call inet6_destroy_sock() via sk->sk_destruct(). 97ce6cde1f51 dccp: Call inet6_destroy_sock() via sk->sk_destruct(). a01b75620e1a inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). 9374db5bd1e3 tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). 2ac4697b7779 udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). 5a62248c5855 ext4: fix use-after-free in ext4_xattr_set_entry 3b0044cb28f7 ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() 3c4fdbf368ba Revert "ext4: fix use-after-free in ext4_xattr_set_entry" ef2aab86c34c x86/purgatory: Don't generate debug info for purgatory.ro c22aefaef8ae MIPS: Define RUNTIME_DISCARD_EXIT in LD script a5167e902b64 mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 1b8b54fc55a4 memstick: fix memory leak if card device is never registered 5ad61a5268de nilfs2: initialize unused bytes in segment summary blocks 988766b9d124 iio: light: tsl2772: fix reading proximity-diodes from device tree 5cb867f1ecb4 xen/netback: use same error messages for same errors 903f82b1a6b2 nvme-tcp: fix a possible UAF when failing to allocate an io queue 34b74c32ff4f s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling 64cd99da25c1 net: dsa: b53: mmap: add phy ops 89dcf0dd7aae scsi: core: Improve scsi_vpd_inquiry() checks f729b74bb489 scsi: megaraid_sas: Fix fw_crash_buffer_show() 4f4ef354f95d selftests: sigaltstack: fix -Wuninitialized a725dddf2139 Input: i8042 - add quirk for Fujitsu Lifebook A574/H 9df3f502e33d f2fs: Fix f2fs_truncate_partial_nodes ftrace event 2f3730f182fc e1000e: Disable TSO on i219-LM card to increase speed 0f0a291cc520 bpf: Fix incorrect verifier pruning due to missing register precision taints ba610df83b04 mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() d8e120057cee i40e: fix i40e_setup_misc_vector() error handling 59fba01b6c72 i40e: fix accessing vsi->active_filters without holding lock 01125379e2dc netfilter: nf_tables: fix ifdef to also consider nf_tables=m 7c1019391bd6 virtio_net: bugfix overflow inside xdp_linearize_page() 35dceaeab97c net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg d61f24a45410 regulator: fan53555: Explicitly include bits header 36f098e1e4d1 netfilter: br_netfilter: fix recent physdev match breakage 375e445b1022 arm64: dts: meson-g12-common: specify full DMC range cb1f89fe934b ARM: dts: rockchip: fix a typo error for rk3288 spdif node Signed-off-by: Bruce Ashfield Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_5.4.bb | 6 ++--- .../linux/linux-yocto-tiny_5.4.bb | 8 +++ meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index 5d77bc3ae3..8ad2207dd2 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "bf0fd4b1c757c39b99fb742f7023718fca6477de" -SRCREV_meta ?= "6f28deea807165327b46a5b2613bb220e36e3ef1" +SRCREV_machine ?= "b2e35e842864b87c1b081e27327799f9e0d2ac97" +SRCREV_meta ?= "12e1d8d16de51659eddf0411d67d4eae4b4ac767" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.4.241" +LINUX_VERSION ?= "5.4.242" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb index 245e049b60..31a1ee783b 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.4.241" +LINUX_VERSION ?= "5.4.242" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2"
[OE-core][dunfell 08/11] linux-yocto/5.4: update to v5.4.241
From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: 58f42ed1cd31 Linux 5.4.241 879593643717 xfs: force log and push AIL to clear pinned inodes when aborting mount c76dd368759a xfs: don't reuse busy extents on extent trim 4679b73a8ed4 xfs: consider shutdown in bmapbt cursor delete assert 9355fd118b4e xfs: shut down the filesystem if we screw up quota reservation 48f75df5b3bb xfs: report corruption only as a regular error 3cce34ceb2ef xfs: set inode size after creating symlink e76bd6da5123 xfs: fix up non-directory creation in SGID directories ad6613c98463 xfs: remove the di_version field from struct icdinode ca4533c951e1 xfs: simplify a check in xfs_ioctl_setattr_check_cowextsize e078b3de3e41 xfs: simplify di_flags2 inheritance in xfs_ialloc 0c553917b61a xfs: only check the superblock version for dinode size calculation 90aab52d062c xfs: add a new xfs_sb_version_has_v3inode helper edd36a57b4a6 xfs: remove the kuid/kgid conversion wrappers 3ef81874f71c xfs: remove the icdinode di_uid/di_gid members cc508a41ae48 xfs: ensure that the inode uid/gid match values match the icdinode ones 7a9dc7977140 xfs: merge the projid fields in struct xfs_icdinode 4f3252e7e132 xfs: show the proper user quota options 799cafa4f304 coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug 440bdc49f744 watchdog: sbsa_wdog: Make sure the timeout programming is within the limits 70ca826d3ddb i2c: ocores: generate stop condition after timeout in polling mode 5fb5bdcdcd5a ubi: Fix deadlock caused by recursively holding work_sem 0b27716f2d44 mtd: ubi: wl: Fix a couple of kernel-doc issues e55588c44255 ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size a652c30fa2ba asymmetric_keys: log on fatal failures in PE/pkcs7 5809dbacc431 verify_pefile: relax wrapper length check 0213f027d030 drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F b3052e5d468b efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L 02a78e653933 i2c: imx-lpi2c: clean rx/tx buffers upon new message 1ef56397449e power: supply: cros_usbpd: reclassify "default case!" as debug 7169d1638824 net: macb: fix a memory corruption in extended buffer descriptor mode c39fa0398a30 udp6: fix potential access to stale information 9c46c49ad3ff RDMA/core: Fix GID entry ref leak when create_ah fails ad831a7079c9 sctp: fix a potential overflow in sctp_ifwdtsn_skip afffe0d1e6b9 qlcnic: check pci_reset_function result a841f6a0a39d niu: Fix missing unwind goto in niu_alloc_channels() fcd084e199b9 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition 1b77cb6f5e4a mtd: rawnand: stm32_fmc2: remove unsupported EDO mode 4c1d882b53a3 mtd: rawnand: meson: fix bitmask for length in command word 266746003439 mtdblock: tolerate corrected bit-flips 50dbfd9dacda btrfs: fix fast csum implementation detection c6db5f2a31cd btrfs: print checksum type and implementation at mount time 8a99e6200c38 Bluetooth: Fix race condition in hidp_session_thread c02421992505 Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} 9025cea8e03b ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards 4d419195d6b8 ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() fe158eeccc38 ALSA: i2c/cs8427: fix iec958 mixer control deactivation aa23fa32e5ff ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard 62ccf2e0b106 ALSA: emu10k1: fix capture interrupt handler unlinking 9a3ba7b24d08 Revert "pinctrl: amd: Disable and mask interrupts on resume" 2945f948aa84 irqdomain: Fix mapping-creation race e8f3aea716d2 irqdomain: Refactor __irq_domain_alloc_irqs() 3804f265c1bf irqdomain: Look for existing mapping only once e7bba7ddb431 mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() fd644712bccd ring-buffer: Fix race while reader and writer are on the same page c208b4321e8f drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path c381527918b1 net_sched: prevent NULL dereference if default qdisc setup failed 987f599fc556 tracing: Free error logs of tracing instances d2136f05690c can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access 5a74a75fc3d3 ftrace: Mark get_lock_parent_ip() __always_inline 95bbfeb4ff0e perf/core: Fix the same task check in perf_event_set_output 666c25d35e5e ALSA: hda/realtek: Add quirk for Clevo X370SNW 83b16a60e413 nilfs2: fix sysfs interface lifetime 613bf23c070d nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() aa8e50688d44 tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty aabba4440409 tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
[OE-core][dunfell 07/11] linux-yocto/5.4: update to v5.4.240
From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: 32bea3bac5ca Linux 5.4.240 4d4cb7663613 gfs2: Always check inode size of inline inodes 928240c36891 firmware: arm_scmi: Fix device node validation for mailbox transport 0f5c0e0a4c0b net: sched: fix race condition in qdisc_graft() 22d95b544924 net_sched: add __rcu annotation to netdev->qdisc 14b6ad56df25 ext4: fix kernel BUG in 'ext4_write_inline_data_end()' 9b189af3577e btrfs: scan device in non-exclusive mode 45a9877d6cc3 s390/uaccess: add missing earlyclobber annotations to __clear_user() 0c6df5364798 drm/etnaviv: fix reference leak when mmaping imported buffer 37958ac31fe2 ALSA: usb-audio: Fix regression on detection of Roland VS-100 6dabafd82968 ALSA: hda/conexant: Partial revert of a quirk for Lenovo f3a67268784c NFSv4: Fix hangs when recovering open state after a server reboot c81e2965a9e0 pinctrl: at91-pio4: fix domain name assignment 82c25ac3a258 xen/netback: don't do grant copy across page boundary 99c8ba920fc2 Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table 657d7c215ca9 cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL 03af69bd674d cifs: prevent infinite recursion in CIFSGetDFSRefer() 51d657371106 Input: focaltech - use explicitly signed char type f0f85f5e402b Input: alps - fix compatibility with -funsigned-char 7e71d4d190df pinctrl: ocelot: Fix alt mode for ocelot 70728d639efb net: mvneta: make tx buffer array agnostic 704e06b97920 net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only fd7cff506614 bnxt_en: Fix typo in PCI id to device description string mapping 58279cea0b10 i40e: fix registers dump after run ethtool adapter self test 5195de1d5f66 s390/vfio-ap: fix memory leak in vfio_ap device driver 78bc7f0ab994 can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write 105cc2683282 net/net_failover: fix txq exceeding warning e633fd26abfd regulator: Handle deferred clk be7b622cd63f regulator: fix spelling mistake "Cant" -> "Can't" 46c4993a1514 ptp_qoriq: fix memory leak in probe() c122daa0fa4c scsi: megaraid_sas: Fix crash after a double completion 317c07d382b1 mtd: rawnand: meson: invalidate cache on polling ECC bit d65de5ee8b72 mips: bmips: BCM6358: disable RAC flush for TP1 9690e34f2247 dma-mapping: drop the dev argument to arch_sync_dma_for_* f6e2d76aa362 ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() 856fb74f601a fbdev: au1200fb: Fix potential divide by zero deef33c08104 fbdev: lxfb: Fix potential divide by zero 4f5cc5ffa8c5 fbdev: intelfb: Fix potential divide by zero 868f247e47ef fbdev: nvidia: Fix potential divide by zero f3359f5fc9b7 sched_getaffinity: don't assume 'cpumask_size()' is fully initialized 521877bf2651 fbdev: tgafb: Fix potential divide by zero 7f12f99b8017 ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() 9155a5958ed0 ALSA: asihpi: check pao in control_message() 88a3c63a9635 md: avoid signed overflow in slot_store() 9966fc59d3a0 bus: imx-weim: fix branch condition evaluates to a garbage value d121f7883a17 fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY 4c24eb49ab44 ocfs2: fix data corruption after failed write 0c0e566f0387 tun: avoid double free in tun_free_netdev d253120a580a sched/fair: Sanitize vruntime of entity being migrated c23928c70bc8 sched/fair: sanitize vruntime of entity being placed 885c28ceae7d dm crypt: add cond_resched() to dmcrypt_write() 4a32a9a818a8 dm stats: check for and propagate alloc_percpu failure f8cbad984b16 i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() 8f5cbf6a8c0e nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() 4ae966a7f6a7 wifi: mac80211: fix qos on mesh interfaces f558789a886c usb: chipidea: core: fix possible concurrent when switch role 6b3287b14739 usb: chipdea: core: fix return -EINVAL if request role is the same with current role 0b2a56fe4659 usb: cdns3: Fix issue with using incorrect PCI device function e9e93fdfcefb dm thin: fix deadlock when swapping to thin device cd1e320ac095 igb: revert rtnl_lock() that causes deadlock 123698a5c619 fsverity: Remove WQ_UNBOUND from fsverity read workqueue 0eda2004f38d usb: gadget: u_audio: don't let userspace block driver unbind 44f080d7d75a scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR 223274d5c310 cifs: empty interface list when server doesn't support query interfaces 299a309b98df sh: sanitize the flags on sigreturn f4c610f6ca13 net: usb: qmi_wwan: add Telit 0x1080 composition e6b1fa6d0626 net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 04f4a1aa9410 scsi: lpfc: Avoid usage of list iterator variable after loop 11cdced6a03d scsi: ufs: core: Add soft dependency on
[OE-core][dunfell 06/11] linux-yocto/5.4: update to v5.4.238
From: Bruce Ashfield Updating to the latest korg -stable release that comprises the following commits: 6849d8c4a61a Linux 5.4.238 eb7716a054a6 HID: uhid: Over-ride the default maximum data buffer value with our own b687ac70e66a HID: core: Provide new max_buffer_size attribute to over-ride the default 144019e81396 PCI: Unify delay handling for reset and resume d2130f37a4a0 s390/ipl: add missing intersection check to ipl_report handling 3f5a833dca66 serial: 8250_em: Fix UART port type c5afb97d1b51 drm/i915: Don't use stolen memory for ring buffers with LLC 8d26a4fecce5 x86/mm: Fix use of uninitialized buffer in sme_enable() a976ff743eb1 fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks ac58b88ccbbb ftrace: Fix invalid address access in lookup_rec() when index is 0 65e4c9a6d0c9 KVM: nVMX: add missing consistency checks for CR0 and CR4 6fe55dce9dd6 tracing: Make tracepoint lockdep check actually test something 780f69a2685b tracing: Check field value in hist_field_name() f1e3a20c6019 interconnect: fix mem leak when freeing nodes 325608ab60fa tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted c16cbd8233d6 ext4: fix possible double unlock when moving a directory 6a1bd14d5e34 sh: intc: Avoid spurious sizeof-pointer-div warning bbf5eada4334 drm/amdkfd: Fix an illegal memory access 2c96c52aeaa6 ext4: fix task hung in ext4_xattr_delete_inode 20ba6f8a8073 ext4: fail ext4_iget if special inode unallocated ab519e29891d jffs2: correct logic when creating a hole in jffs2_write_begin 00bfc67c65a1 mmc: atmel-mci: fix race between stop command and start of next command 75f6faae2de6 media: m5mols: fix off-by-one loop termination error 9eb394919c97 hwmon: (ina3221) return prober error code 26c176ce9028 hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition 13efd488d398 hwmon: (adt7475) Fix masking of hysteresis registers 0d3095e958f0 hwmon: (adt7475) Display smoothing attributes in correct order 674fce59d61d ethernet: sun: add check for the mdesc_grab() 71da5991b643 net/iucv: Fix size of interrupt data e0d07a3203c3 net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull 5c06bd3de134 ipv4: Fix incorrect table ID in IOCTL path c4fcfbf80c3c block: sunvdc: add check for mdesc_grab() returning NULL 04c394208831 nvmet: avoid potential UAF in nvmet_req_complete() 9fabdd79051a net: usb: smsc75xx: Limit packet length to skb->len b0c202a8dc63 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition 668de67d4110 net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails 5aaab217c8f5 net: tunnels: annotate lockless accesses to dev->needed_headroom cba20ade78ef qed/qed_dev: guard against a possible division by zero 6e18f66b704b i40e: Fix kernel crash during reboot when adapter is in recovery mode f0216046aeb8 ipvlan: Make skb->skb_iif track skb->dev for l3s mode 0f9c1f26d434 nfc: pn533: initialize struct pn533_out_arg properly 442aa78ed701 tcp: tcp_make_synack() can be called from process context 88c3d3bb6469 scsi: core: Fix a procfs host directory removal regression 4b4f5e34f08b scsi: core: Fix a comment in function scsi_host_dev_release() 0d59732f2a5b netfilter: nft_redir: correct value of inet type `.maxattrs` 90279211e96b ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU() 0b7057c52377 ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid 5bb9fcaadb8c ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid 9efbdc743ded ALSA: hda - controller is in GPU on the DG1 fc52e51c2c30 ALSA: hda - add Intel DG1 PCI and HDMI ids 090305c36185 scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() b8849e31a056 docs: Correct missing "d_" prefix for dentry_operations member d_weak_revalidate 9e45e4571576 clk: HI655X: select REGMAP instead of depending on it dac08e46f0ad drm/meson: fix 1px pink line on GXM when scaling video overlay d7e48aa17a81 cifs: Move the in_send statistic to __smb_send_rqst() 06c208002d0d drm/panfrost: Don't sync rpm suspension after mmu flushing c9900d1d86f0 xfrm: Allow transport-mode states with AF_UNSPEC selector 4008fb9ad474 ext4: fix cgroup writeback accounting with fs-layer encryption Signed-off-by: Bruce Ashfield Signed-off-by: Steve Sakoman --- .../linux/linux-yocto-rt_5.4.bb | 6 ++--- .../linux/linux-yocto-tiny_5.4.bb | 8 +++ meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-- 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index e0967223b9..46a1d8 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++
[OE-core][dunfell 05/11] go: Security fix CVE-2023-24540
From: Vijay Anusuri Upstream-Status: Backport [https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2023-24540.patch | 90 +++ 2 files changed, 91 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index d0fbde9cae..2c500e8331 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -62,6 +62,7 @@ SRC_URI += "\ file://CVE-2023-24538-2.patch \ file://CVE-2023-24538-3.patch \ file://CVE-2023-24539.patch \ +file://CVE-2023-24540.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch new file mode 100644 index 00..799a0dfcda --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch @@ -0,0 +1,90 @@ +From ce7bd33345416e6d8cac901792060591cafc2797 Mon Sep 17 00:00:00 2001 +From: Roland Shoemaker +Date: Tue, 11 Apr 2023 16:27:43 +0100 +Subject: [PATCH] [release-branch.go1.19] html/template: handle all JS + whitespace characters + +Rather than just a small set. Character class as defined by \s [0]. + +Thanks to Juho Nurminen of Mattermost for reporting this. + +For #59721 +Fixes #59813 +Fixes CVE-2023-24540 + +[0] https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions/Character_Classes + +Change-Id: I56d4fa1ef08125b417106ee7dbfb5b0923b901ba +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1821459 +Reviewed-by: Julie Qiu +Run-TryBot: Roland Shoemaker +Reviewed-by: Damien Neil +Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1851497 +Run-TryBot: Damien Neil +Reviewed-by: Roland Shoemaker +Reviewed-on: https://go-review.googlesource.com/c/go/+/491355 +Reviewed-by: Dmitri Shuralyov +Reviewed-by: Carlos Amedee +TryBot-Bypass: Carlos Amedee +Run-TryBot: Carlos Amedee + +Upstream-Status: Backport [https://github.com/golang/go/commit/ce7bd33345416e6d8cac901792060591cafc2797] +CVE: CVE-2023-24540 +Signed-off-by: Vijay Anusuri +--- + src/html/template/js.go | 8 +++- + src/html/template/js_test.go | 11 +++ + 2 files changed, 14 insertions(+), 5 deletions(-) + +diff --git a/src/html/template/js.go b/src/html/template/js.go +index fe7054efe5cd8..4e05c1455723f 100644 +--- a/src/html/template/js.go b/src/html/template/js.go +@@ -13,6 +13,11 @@ import ( + "unicode/utf8" + ) + ++// jsWhitespace contains all of the JS whitespace characters, as defined ++// by the \s character class. ++// See https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_expressions/Character_classes. ++const jsWhitespace = "\f\n\r\t\v\u0020\u00a0\u1680\u2000\u2001\u2002\u2003\u2004\u2005\u2006\u2007\u2008\u2009\u200a\u2028\u2029\u202f\u205f\u3000\ufeff" ++ + // nextJSCtx returns the context that determines whether a slash after the + // given run of tokens starts a regular expression instead of a division + // operator: / or /=. +@@ -26,7 +31,8 @@ import ( + // JavaScript 2.0 lexical grammar and requires one token of lookbehind: + // https://www.mozilla.org/js/language/js20-2000-07/rationale/syntax.html + func nextJSCtx(s []byte, preceding jsCtx) jsCtx { +- s = bytes.TrimRight(s, "\t\n\f\r \u2028\u2029") ++ // Trim all JS whitespace characters ++ s = bytes.TrimRight(s, jsWhitespace) + if len(s) == 0 { + return preceding + } +diff --git a/src/html/template/js_test.go b/src/html/template/js_test.go +index e07c695f7a77d..e52180cc113b5 100644 +--- a/src/html/template/js_test.go b/src/html/template/js_test.go +@@ -81,14 +81,17 @@ func TestNextJsCtx(t *testing.T) { + {jsCtxDivOp, "0"}, + // Dots that are part of a number are div preceders. + {jsCtxDivOp, "0."}, ++ // Some JS interpreters treat NBSP as a normal space, so ++ // we must too in order to properly escape things. ++ {jsCtxRegexp, "=\u00A0"}, + } + + for _, test := range tests { +- if nextJSCtx([]byte(test.s), jsCtxRegexp) != test.jsCtx { +- t.Errorf("want %s got %q", test.jsCtx, test.s) ++ if ctx := nextJSCtx([]byte(test.s), jsCtxRegexp); ctx != test.jsCtx { ++ t.Errorf("%q: want %s got %s", test.s, test.jsCtx, ctx) + } +- if nextJSCtx([]byte(test.s), jsCtxDivOp) != test.jsCtx { +- t.Errorf("want %s got %q", test.jsCtx, test.s) ++ if ctx := nextJSCtx([]byte(test.s), jsCtxDivOp); ctx != test.jsCtx { ++
[OE-core][dunfell 04/11] golang: Fix CVE-2023-24539
From: Ashish Sharma Improper sanitization of CSS values in html/template Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- meta/recipes-devtools/go/go-1.14.inc | 1 + .../go/go-1.14/CVE-2023-24539.patch | 60 +++ 2 files changed, 61 insertions(+) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch diff --git a/meta/recipes-devtools/go/go-1.14.inc b/meta/recipes-devtools/go/go-1.14.inc index f734fe1ac8..d0fbde9cae 100644 --- a/meta/recipes-devtools/go/go-1.14.inc +++ b/meta/recipes-devtools/go/go-1.14.inc @@ -61,6 +61,7 @@ SRC_URI += "\ file://CVE-2023-24538-1.patch \ file://CVE-2023-24538-2.patch \ file://CVE-2023-24538-3.patch \ +file://CVE-2023-24539.patch \ " SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch" diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch b/meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch new file mode 100644 index 00..281b6486a8 --- /dev/null +++ b/meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch @@ -0,0 +1,60 @@ +From 8673ca81e5340b87709db2d9749c92a3bf925df1 Mon Sep 17 00:00:00 2001 +From: Roland Shoemaker +Date: Thu, 13 Apr 2023 15:40:44 -0700 +Subject: [PATCH] html/template: disallow angle brackets in CSS values + +Angle brackets should not appear in CSS contexts, as they may affect +token boundaries (such as closing a
[OE-core][dunfell 03/11] xserver-xorg: Security fix CVE-2023-0494 and CVE-2023-1393
From: Vijay Anusuri Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec & https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../xserver-xorg/CVE-2023-0494.patch | 38 +++ .../xserver-xorg/CVE-2023-1393.patch | 46 +++ .../xorg-xserver/xserver-xorg_1.20.14.bb | 2 + 3 files changed, 86 insertions(+) create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch new file mode 100644 index 00..ef2ee5d55e --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch @@ -0,0 +1,38 @@ +From 0ba6d8c37071131a49790243cdac55392ecf71ec Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Wed, 25 Jan 2023 11:41:40 +1000 +Subject: [PATCH] Xi: fix potential use-after-free in DeepCopyPointerClasses + +CVE-2023-0494, ZDI-CAN-19596 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Peter Hutterer + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec] +CVE: CVE-2023-0494 +Signed-off-by: Vijay Anusuri +--- + Xi/exevents.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/Xi/exevents.c b/Xi/exevents.c +index 217baa9561..dcd4efb3bc 100644 +--- a/Xi/exevents.c b/Xi/exevents.c +@@ -619,8 +619,10 @@ DeepCopyPointerClasses(DeviceIntPtr from, DeviceIntPtr to) + memcpy(to->button->xkb_acts, from->button->xkb_acts, +sizeof(XkbAction)); + } +-else ++else { + free(to->button->xkb_acts); ++to->button->xkb_acts = NULL; ++} + + memcpy(to->button->labels, from->button->labels, +from->button->numButtons * sizeof(Atom)); +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch new file mode 100644 index 00..51d0e0cab6 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch @@ -0,0 +1,46 @@ +From 26ef545b3502f61ca722a7a3373507e88ef64110 Mon Sep 17 00:00:00 2001 +From: Olivier Fourdan +Date: Mon, 13 Mar 2023 11:08:47 +0100 +Subject: [PATCH] composite: Fix use-after-free of the COW + +ZDI-CAN-19866/CVE-2023-1393 + +If a client explicitly destroys the compositor overlay window (aka COW), +we would leave a dangling pointer to that window in the CompScreen +structure, which will trigger a use-after-free later. + +Make sure to clear the CompScreen pointer to the COW when the latter gets +destroyed explicitly by the client. + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Olivier Fourdan +Reviewed-by: Adam Jackson + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110] +CVE: CVE-2023-1393 +Signed-off-by: Vijay Anusuri +--- + composite/compwindow.c | 5 + + 1 file changed, 5 insertions(+) + +diff --git a/composite/compwindow.c b/composite/compwindow.c +index 4e2494b86b..b30da589e9 100644 +--- a/composite/compwindow.c b/composite/compwindow.c +@@ -620,6 +620,11 @@ compDestroyWindow(WindowPtr pWin) + ret = (*pScreen->DestroyWindow) (pWin); + cs->DestroyWindow = pScreen->DestroyWindow; + pScreen->DestroyWindow = compDestroyWindow; ++ ++/* Did we just destroy the overlay window? */ ++if (pWin == cs->pOverlayWin) ++cs->pOverlayWin = NULL; ++ + /*compCheckTree (pWin->drawable.pScreen); can't check -- tree isn't good*/ + return ret; + } +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb index ab18a87a3d..5c604fa86e 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.14.bb @@ -14,6 +14,8 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat file://CVE-2022-46342.patch \ file://CVE-2022-46343.patch \ file://CVE-2022-46344.patch \ + file://CVE-2023-0494.patch \ + file://CVE-2023-1393.patch \ " SRC_URI[md5sum] = "453fc86aac8c629b3a5b77e8dcca30bf" SRC_URI[sha256sum] = "54b199c9280ff8bf0f73a54a759645bd0eeeda7255d1c99310d5b7595f3ac066" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182485):
[OE-core][dunfell 02/11] ghostscript: Fix CVE-2023-28879
From: Vijay Anusuri Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;h=37ed5022cecd584de868933b5b60da2e995b3179] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../ghostscript/CVE-2023-28879.patch | 54 +++ .../ghostscript/ghostscript_9.52.bb | 1 + 2 files changed, 55 insertions(+) create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch new file mode 100644 index 00..852f2459f7 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch @@ -0,0 +1,54 @@ +From 37ed5022cecd584de868933b5b60da2e995b3179 Mon Sep 17 00:00:00 2001 +From: Ken Sharp +Date: Fri, 24 Mar 2023 13:19:57 + +Subject: [PATCH] Graphics library - prevent buffer overrun in (T)BCP encoding + +Bug #706494 "Buffer Overflow in s_xBCPE_process" + +As described in detail in the bug report, if the write buffer is filled +to one byte less than full, and we then try to write an escaped +character, we overrun the buffer because we don't check before +writing two bytes to it. + +This just checks if we have two bytes before starting to write an +escaped character and exits if we don't (replacing the consumed byte +of the input). + +Up for further discussion; why do we even permit a BCP encoding filter +anyway ? I think we should remove this, at least when SAFER is true. + +Upstream-Status: Backport [https://git.ghostscript.com/?p=ghostpdl.git;h=37ed5022cecd584de868933b5b60da2e995b3179] +CVE: CVE-2023-28879 +Signed-off-by: Vijay Anusuri +--- + base/sbcp.c | 10 +- + 1 file changed, 9 insertions(+), 1 deletion(-) + +diff --git a/base/sbcp.c b/base/sbcp.c +index 6b0383c..90784b5 100644 +--- a/base/sbcp.c b/base/sbcp.c +@@ -1,4 +1,4 @@ +-/* Copyright (C) 2001-2019 Artifex Software, Inc. ++/* Copyright (C) 2001-2023 Artifex Software, Inc. +All Rights Reserved. + +This software is provided AS-IS with no warranty, either express or +@@ -50,6 +50,14 @@ s_xBCPE_process(stream_state * st, stream_cursor_read * pr, + byte ch = *++p; + + if (ch <= 31 && escaped[ch]) { ++/* Make sure we have space to store two characters in the write buffer, ++ * if we don't then exit without consuming the input character, we'll process ++ * that on the next time round. ++ */ ++if (pw->limit - q < 2) { ++p--; ++break; ++} + if (p == rlimit) { + p--; + break; +-- +2.25.1 + diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb index a829d4b4ae..57f0b51ad3 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.52.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.52.bb @@ -39,6 +39,7 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d file://CVE-2021-3781_1.patch \ file://CVE-2021-3781_2.patch \ file://CVE-2021-3781_3.patch \ +file://CVE-2023-28879.patch \ " SRC_URI = "${SRC_URI_BASE} \ -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182484): https://lists.openembedded.org/g/openembedded-core/message/182484 Mute This Topic: https://lists.openembedded.org/mt/99399305/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][dunfell 01/11] ffmpeg: Fix CVE-2022-48434
From: Nikhil R Add a patch to fix CVE-2022-48434 which allows attackers to trigger a use-after-free and execute arbitrary code in some circumstances Link: https://ubuntu.com/security/CVE-2022-48434 Link: https://nvd.nist.gov/vuln/detail/CVE-2022-48434 Signed-off-by: Nikhil R Signed-off-by: Ranjitsinh Rathod ranjitsinh.rat...@kpit.com Signed-off-by: Nikhil R Signed-off-by: Nikhil R Signed-off-by: Steve Sakoman --- .../ffmpeg/ffmpeg/CVE-2022-48434.patch| 136 ++ .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 1 + 2 files changed, 137 insertions(+) create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch new file mode 100644 index 00..707073709a --- /dev/null +++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch @@ -0,0 +1,136 @@ +From d4b7b3c03ee2baf0166ce49dff17ec9beff684db Mon Sep 17 00:00:00 2001 +From: Anton Khirnov +Date: Fri, 2 Sep 2022 22:21:27 +0200 +Subject: [PATCH] lavc/pthread_frame: avoid leaving stale hwaccel state in + worker threads + +This state is not refcounted, so make sure it always has a well-defined +owner. + +Remove the block added in 091341f2ab5bd35ca1a2aae90503adc74f8d3523, as +this commit also solves that issue in a more general way. + +(cherry picked from commit cc867f2c09d2b69cee8a0eccd62aff002cbbfe11) +Signed-off-by: Anton Khirnov +(cherry picked from commit 35aa7e70e7ec350319e7634a30d8d8aa1e6ecdda) +Signed-off-by: Anton Khirnov +(cherry picked from commit 3bc28e9d1ab33627cea3c632dd6b0c33e22e93ba) +Signed-off-by: Anton Khirnov + +CVE: CVE-2022-48434 +Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/d4b7b3c03ee2baf0166ce49dff17ec9beff684db] +Signed-off-by: Ranjitsinh Rathod ranjitsinh.rat...@kpit.com +Comment: Hunk#6 refreshed to backport changes and other to remove patch-fuzz warnings +--- + libavcodec/pthread_frame.c | 46 +- + 1 file changed, 35 insertions(+), 11 deletions(-) + +diff --git a/libavcodec/pthread_frame.c b/libavcodec/pthread_frame.c +index 36ac0ac..bbc5ba6 100644 +--- a/libavcodec/pthread_frame.c b/libavcodec/pthread_frame.c +@@ -135,6 +135,12 @@ typedef struct FrameThreadContext { + * Set for the first N packets, where N is the number of threads. + * While it is set, ff_thread_en/decode_frame won't return any results. + */ ++ ++/* hwaccel state is temporarily stored here in order to transfer its ownership ++ * to the next decoding thread without the need for extra synchronization */ ++const AVHWAccel *stash_hwaccel; ++void*stash_hwaccel_context; ++void*stash_hwaccel_priv; + } FrameThreadContext; + + #define THREAD_SAFE_CALLBACKS(avctx) \ +@@ -211,9 +217,17 @@ static attribute_align_arg void *frame_worker_thread(void *arg) + ff_thread_finish_setup(avctx); + + if (p->hwaccel_serializing) { ++/* wipe hwaccel state to avoid stale pointers lying around; ++ * the state was transferred to FrameThreadContext in ++ * ff_thread_finish_setup(), so nothing is leaked */ ++avctx->hwaccel = NULL; ++avctx->hwaccel_context = NULL; ++avctx->internal->hwaccel_priv_data = NULL; ++ + p->hwaccel_serializing = 0; + pthread_mutex_unlock(>parent->hwaccel_mutex); + } ++av_assert0(!avctx->hwaccel); + + if (p->async_serializing) { + p->async_serializing = 0; +@@ -275,14 +289,10 @@ static int update_context_from_thread(AVCodecContext *dst, AVCodecContext *src, + dst->color_range = src->color_range; + dst->chroma_sample_location = src->chroma_sample_location; + +-dst->hwaccel = src->hwaccel; +-dst->hwaccel_context = src->hwaccel_context; +- + dst->channels = src->channels; + dst->sample_rate= src->sample_rate; + dst->sample_fmt = src->sample_fmt; + dst->channel_layout = src->channel_layout; +-dst->internal->hwaccel_priv_data = src->internal->hwaccel_priv_data; + + if (!!dst->hw_frames_ctx != !!src->hw_frames_ctx || + (dst->hw_frames_ctx && dst->hw_frames_ctx->data != src->hw_frames_ctx->data)) { +@@ -415,6 +425,12 @@ static int submit_packet(PerThreadContext *p, AVCodecContext *user_avctx, + pthread_mutex_unlock(>mutex); + return err; + } ++ ++/* transfer hwaccel state stashed from previous thread, if any */ ++av_assert0(!p->avctx->hwaccel); ++FFSWAP(const AVHWAccel*, p->avctx->hwaccel, fctx->stash_hwaccel); ++FFSWAP(void*,p->avctx->hwaccel_context,
[OE-core][dunfell 00/11] Patch review
Please review this set of changes for dunfell and have comments back by end of day Friday. Passed a-full on autobuilder: https://autobuilder.yoctoproject.org/typhoon/#/builders/83/builds/5422 The following changes since commit e4b98a42970574296e0da06842691b9fc1ffc9a1: selftest: skip virgl test on ubuntu 22.10, fedora 37, and all rocky (2023-05-20 06:02:24 -1000) are available in the Git repository at: https://git.openembedded.org/openembedded-core-contrib stable/dunfell-nut http://cgit.openembedded.org/openembedded-core-contrib/log/?h=stable/dunfell-nut Alex Kiernan (1): openssh: Move sshdgenkeys.service to sshd.socket Ashish Sharma (1): golang: Fix CVE-2023-24539 Bruce Ashfield (5): linux-yocto/5.4: update to v5.4.238 linux-yocto/5.4: update to v5.4.240 linux-yocto/5.4: update to v5.4.241 linux-yocto/5.4: update to v5.4.242 linux-yocto/5.4: update to v5.4.243 Nikhil R (1): ffmpeg: Fix CVE-2022-48434 Vijay Anusuri (3): ghostscript: Fix CVE-2023-28879 xserver-xorg: Security fix CVE-2023-0494 and CVE-2023-1393 go: Security fix CVE-2023-24540 .../openssh/openssh/sshd.socket | 1 + .../openssh/openssh/sshd@.service | 2 - meta/recipes-devtools/go/go-1.14.inc | 2 + .../go/go-1.14/CVE-2023-24539.patch | 60 .../go/go-1.14/CVE-2023-24540.patch | 90 .../ghostscript/CVE-2023-28879.patch | 54 +++ .../ghostscript/ghostscript_9.52.bb | 1 + .../xserver-xorg/CVE-2023-0494.patch | 38 + .../xserver-xorg/CVE-2023-1393.patch | 46 ++ .../xorg-xserver/xserver-xorg_1.20.14.bb | 2 + .../linux/linux-yocto-rt_5.4.bb | 6 +- .../linux/linux-yocto-tiny_5.4.bb | 8 +- meta/recipes-kernel/linux/linux-yocto_5.4.bb | 22 +-- .../ffmpeg/ffmpeg/CVE-2022-48434.patch| 136 ++ .../recipes-multimedia/ffmpeg/ffmpeg_4.2.2.bb | 1 + 15 files changed, 449 insertions(+), 20 deletions(-) create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24539.patch create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2023-24540.patch create mode 100644 meta/recipes-extended/ghostscript/ghostscript/CVE-2023-28879.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-0494.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-1393.patch create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2022-48434.patch -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182482): https://lists.openembedded.org/g/openembedded-core/message/182482 Mute This Topic: https://lists.openembedded.org/mt/99399303/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [meta-oe][PATCH V3] xz: add ptest support
From: duep Add a ptest for xz - It is taking around 1s to execute with kvm, so added it to PTESTS_FAST - It contains 11 test files: test_bcj_exact_size test_block_header test_check test_filter_flags test_hardware test_index test_index_hash test_lzip_decoder test_memlimit test_stream_flags test_vli - Below is part of the run log: START: ptest-runner 2023-06-01T01:57 BEGIN: /usr/lib/xz/ptest === test_bcj_exact_size.c === PASS: test_exact_size PASS: test_empty_block --- # TOTAL: 2 # PASS: 2 # SKIP: 0 # FAIL: 0 # ERROR: 0 === END === ... === test_vli.c === PASS: test_lzma_vli_size PASS: test_lzma_vli_encode PASS: test_lzma_vli_decode --- # TOTAL: 3 # PASS: 3 # SKIP: 0 # FAIL: 0 # ERROR: 0 === END === DURATION: 0 END: /usr/lib/xz/ptest 2023-06-01T01:57 STOP: ptest-runner TOTAL: 1 FAIL: 0 - The tests under xz requires /bin/bash Signed-off-by: duep --- .../distro/include/ptest-packagelists.inc | 1 + meta/recipes-extended/xz/xz/run-ptest | 5 meta/recipes-extended/xz/xz_5.4.1.bb | 23 +-- 3 files changed, 27 insertions(+), 2 deletions(-) create mode 100644 meta/recipes-extended/xz/xz/run-ptest diff --git a/meta/conf/distro/include/ptest-packagelists.inc b/meta/conf/distro/include/ptest-packagelists.inc index d60ebb38fc..9aa68c75ea 100644 --- a/meta/conf/distro/include/ptest-packagelists.inc +++ b/meta/conf/distro/include/ptest-packagelists.inc @@ -70,6 +70,7 @@ PTESTS_FAST = "\ sed \ slang \ wayland \ +xz \ zlib \ " PTESTS_FAST:append:libc-glibc = " glibc-tests" diff --git a/meta/recipes-extended/xz/xz/run-ptest b/meta/recipes-extended/xz/xz/run-ptest new file mode 100644 index 00..ebde965d5c --- /dev/null +++ b/meta/recipes-extended/xz/xz/run-ptest @@ -0,0 +1,5 @@ +#!/bin/sh +cd ./tests +for i in `ls test*`; do + ./$i +done diff --git a/meta/recipes-extended/xz/xz_5.4.1.bb b/meta/recipes-extended/xz/xz_5.4.1.bb index 71bf4b540a..81fb3dc4c7 100644 --- a/meta/recipes-extended/xz/xz_5.4.1.bb +++ b/meta/recipes-extended/xz/xz_5.4.1.bb @@ -24,13 +24,14 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=97d554a32881fee0aa283d96e47cb24a \ file://lib/getopt.c;endline=23;md5=2069b0ee710572c03bb3114e4532cd84 \ " -SRC_URI = "https://tukaani.org/xz/xz-${PV}.tar.gz; +SRC_URI = "https://tukaani.org/xz/xz-${PV}.tar.gz \ + file://run-ptest" SRC_URI[sha256sum] = "e4b0f81582efa155ccf27bb88275254a429d44968e488fc94b806f2a61cd3e22" UPSTREAM_CHECK_REGEX = "xz-(?P\d+(\.\d+)+)\.tar" CACHED_CONFIGUREVARS += "gl_cv_posix_shell=/bin/sh" -inherit autotools gettext +inherit autotools gettext ptest PACKAGES =+ "liblzma" @@ -42,3 +43,21 @@ ALTERNATIVE:${PN} = "xz xzcat unxz \ lzma lzcat unlzma" BBCLASSEXTEND = "native nativesdk" + +do_compile_ptest(){ + oe_runmake -C ${B}/tests/ check TESTS= +} + +do_install_ptest(){ + install -d ${D}${PTEST_PATH}/tests/ + find ${B}/tests/ -type f -not -name "*.o" -not -name "Makefile" \ + -exec install --mode=755 {} ${D}${PTEST_PATH}/tests/ \; + + install -d ${D}${PTEST_PATH}/tests/.libs/ + install --mode=755 ${B}/tests/.libs/* ${D}${PTEST_PATH}/tests/.libs/ + + install -d ${D}${PTEST_PATH}/tests/files/ + install --mode=755 ${S}/tests/files/* ${D}${PTEST_PATH}/tests/files/ +} + +RDEPENDS:${PN}-ptest += "bash" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182481): https://lists.openembedded.org/g/openembedded-core/message/182481 Mute This Topic: https://lists.openembedded.org/mt/99398881/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] go: Upgrade 1.20.4 -> 1.20.5
Upgrade to latest 1.20.x release: go.git$ git log --oneline go1.20.4..go1.20.5 e827d41c0a (tag: go1.20.5) [release-branch.go1.20] go1.20.5 c0ed873cd8 [release-branch.go1.20] cmd/go: disallow package directories containing newlines 356a419e2f [release-branch.go1.20] cmd/go: enforce flags with non-optional arguments fa60c381ed [release-branch.go1.20] cmd/go,cmd/cgo: in _cgo_flags use one line per flag 36144ba429 [release-branch.go1.20] runtime: implement SUID/SGID protections 5036ba77eb [release-branch.go1.20] net: skip TestFileFdBlocks if the "unix" network is not supported b249ec5655 [release-branch.go1.20] cmd/go/internal: update documentation of go test and go generate 4b95fc1e6c [release-branch.go1.20] cmd/go: save checksums for go.mod files needed for go version lines 31a1e19a59 [release-branch.go1.20] net, os: net.Conn.File.Fd should return a blocking descriptor 450c8021a5 [release-branch.go1.20] runtime: change fcntl to return two values 22741120ee [release-branch.go1.20] runtime: consistently define fcntl 9270e3be8f [release-branch.go1.20] os: if descriptor is non-blocking, retain that in Fd method 600636e931 [release-branch.go1.20] crypto/rsa: use BoringCrypto for 4096 bit keys afbe101950 [release-branch.go1.20] cmd/compile: fix bswap/load rewrite rules Signed-off-by: Sakib Sajal --- meta/recipes-devtools/go/{go-1.20.4.inc => go-1.20.5.inc} | 2 +- ...o-binary-native_1.20.4.bb => go-binary-native_1.20.5.bb} | 6 +++--- ...cross-canadian_1.20.4.bb => go-cross-canadian_1.20.5.bb} | 0 .../go/{go-cross_1.20.4.bb => go-cross_1.20.5.bb} | 0 .../go/{go-crosssdk_1.20.4.bb => go-crosssdk_1.20.5.bb} | 0 .../go/{go-native_1.20.4.bb => go-native_1.20.5.bb} | 0 .../go/{go-runtime_1.20.4.bb => go-runtime_1.20.5.bb} | 0 meta/recipes-devtools/go/{go_1.20.4.bb => go_1.20.5.bb} | 0 8 files changed, 4 insertions(+), 4 deletions(-) rename meta/recipes-devtools/go/{go-1.20.4.inc => go-1.20.5.inc} (89%) rename meta/recipes-devtools/go/{go-binary-native_1.20.4.bb => go-binary-native_1.20.5.bb} (78%) rename meta/recipes-devtools/go/{go-cross-canadian_1.20.4.bb => go-cross-canadian_1.20.5.bb} (100%) rename meta/recipes-devtools/go/{go-cross_1.20.4.bb => go-cross_1.20.5.bb} (100%) rename meta/recipes-devtools/go/{go-crosssdk_1.20.4.bb => go-crosssdk_1.20.5.bb} (100%) rename meta/recipes-devtools/go/{go-native_1.20.4.bb => go-native_1.20.5.bb} (100%) rename meta/recipes-devtools/go/{go-runtime_1.20.4.bb => go-runtime_1.20.5.bb} (100%) rename meta/recipes-devtools/go/{go_1.20.4.bb => go_1.20.5.bb} (100%) diff --git a/meta/recipes-devtools/go/go-1.20.4.inc b/meta/recipes-devtools/go/go-1.20.5.inc similarity index 89% rename from meta/recipes-devtools/go/go-1.20.4.inc rename to meta/recipes-devtools/go/go-1.20.5.inc index 05bc168e0c..4e4e57d5cb 100644 --- a/meta/recipes-devtools/go/go-1.20.4.inc +++ b/meta/recipes-devtools/go/go-1.20.5.inc @@ -15,4 +15,4 @@ SRC_URI += "\ file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \ file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \ " -SRC_URI[main.sha256sum] = "9f34ace128764b7a3a4b238b805856cc1b2184304df9e5690825b0710f4202d6" +SRC_URI[main.sha256sum] = "9a15c133ba2cfafe79652f4815b62e7cfc267f68df1b9454c6ab2a3ca8b96a88" diff --git a/meta/recipes-devtools/go/go-binary-native_1.20.4.bb b/meta/recipes-devtools/go/go-binary-native_1.20.5.bb similarity index 78% rename from meta/recipes-devtools/go/go-binary-native_1.20.4.bb rename to meta/recipes-devtools/go/go-binary-native_1.20.5.bb index 87ce8a558f..a98be4af1b 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.20.4.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.20.5.bb @@ -9,9 +9,9 @@ PROVIDES = "go-native" # Checksums available at https://go.dev/dl/ SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}; -SRC_URI[go_linux_amd64.sha256sum] = "698ef3243972a51ddb4028e4a1ac63dc6d60821bf18e59a807e051fee0a385bd" -SRC_URI[go_linux_arm64.sha256sum] = "105889992ee4b1d40c7c108555222ca70ae43fccb42e20fbf1eebb822f5e72c6" -SRC_URI[go_linux_ppc64le.sha256sum] = "8c6f44b96c2719c90eebabe2dd866f9c39538648f7897a212cac448587e9a408" +SRC_URI[go_linux_amd64.sha256sum] = "d7ec48cde0d3d2be2c69203bc3e0a44de8660b9c09a6e85c4732a3f7dc442612" +SRC_URI[go_linux_arm64.sha256sum] = "aa2fab0a7da20213ff975fa7876a66d47b48351558d98851b87d1cfef4360d09" +SRC_URI[go_linux_ppc64le.sha256sum] = "049b8ab07d34077b90c0642138e10207f6db14bdd1743ea994a21e228f8ca53d" UPSTREAM_CHECK_URI = "https://golang.org/dl/; UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb b/meta/recipes-devtools/go/go-cross-canadian_1.20.5.bb similarity index 100% rename from meta/recipes-devtools/go/go-cross-canadian_1.20.4.bb rename to meta/recipes-devtools/go/go-cross-canadian_1.20.5.bb diff --git a/meta/recipes-devtools/go/go-cross_1.20.4.bb
Re: [OE-core] [PATCH v4] qemu: Split the qemu package
Hello, I believe this causes: https://autobuilder.yoctoproject.org/typhoon/#/builders/52/builds/7143/steps/12/logs/stdio ERROR: lib32-qemu-8.0.0-r0 do_package_qa: QA Issue: /usr/bin/qemu-mips contained in package lib32-qemu-user-mips requires /bin/bash, but no providers found in RDEPENDS:lib32-qemu-user-mips? [file-rdeps] ERROR: lib32-qemu-8.0.0-r0 do_package_qa: Fatal QA errors were found, failing task. ERROR: Logfile of failure stored in: /home/pokybuild/yocto-worker/qemux86-world/build/build/tmp/work/x86-pokymllib32-linux/lib32-qemu/8.0.0-r0/temp/log.do_package_qa.38833 NOTE: recipe lib32-qemu-8.0.0-r0: task do_package_qa: Failed ERROR: Task (virtual:multilib:lib32:/home/pokybuild/yocto-worker/qemux86-world/build/meta/recipes-devtools/qemu/qemu_8.0.0.bb:do_package_qa) failed with exit code '1' N On 07/06/2023 17:08:13+0800, Yu, Mingli wrote: > From: Mingli Yu > > Currently all files as below packaged into one package such as > qemu-7.2.0-*.rpm. After the qemu package installed on the target, > it will take up about 464M which includes not only the one matches > the arch of the target but aslo all available built qemu targets > which set by QEMU_TARGETS. > > # ls tmp-glibc/work/core2-64-wrs-linux/qemu/7.2.0-r0/image/usr/bin/ > qemu-aarch64 qemu-img qemu-mips64el qemu-ppc64 > qemu-sh4qemu-system-loongarch64 qemu-system-ppc qemu-system-x86_64 > qemu-arm qemu-io qemu-mipsel qemu-ppc64le > qemu-storage-daemon qemu-system-mips qemu-system-ppc64 > qemu-x86_64 qemu-edid qemu-loongarch64 qemu-mips.real > qemu-pr-helper qemu-system-aarch64 qemu-system-mips64 > qemu-system-riscv32 qemu-ga qemu-mips qemu-nbd > qemu-riscv32qemu-system-arm qemu-system-mips64el > qemu-system-riscv64 qemu-i386 qemu-mips64 qemu-ppc > qemu-riscv64qemu-system-i386 qemu-system-mipsel qemu-system-sh4 > > Split the qemu package into qemu-7.2.0-*.rpm, qemu-system-*.rpm, > qemu-user-*.rpm and etc. And let user can only choose the corresponding > qemu arch package they want to install should ease the concerns who > cares much about the size in embedded device as it decreases the qemu rpm > (qemu-7.2.0*.rpm) size from about 65M to about 19M and the size of the > extracted qemu RPM decreased from about 464M to about 248M. > > For the users who want to install all arch packages, they can install > qemu-system-all and qemu-user-all to meet their need. > > Signed-off-by: Mingli Yu > --- > meta/recipes-devtools/qemu/qemu.inc | 19 +++ > 1 file changed, 19 insertions(+) > > diff --git a/meta/recipes-devtools/qemu/qemu.inc > b/meta/recipes-devtools/qemu/qemu.inc > index a87dee5c99..108dd0947a 100644 > --- a/meta/recipes-devtools/qemu/qemu.inc > +++ b/meta/recipes-devtools/qemu/qemu.inc > @@ -230,6 +230,25 @@ INSANE_SKIP:${PN} = "arch" > > FILES:${PN} += "${datadir}/icons" > > +# For user who want to install all arch packages > +PACKAGES =+ "${PN}-system-all ${PN}-user-all" > + > +ALLOW_EMPTY:${PN}-system-all = "1" > +ALLOW_EMPTY:${PN}-user-all = "1" > + > +python populate_packages:prepend() { > +archdir = d.expand('${bindir}/') > +syspackages = do_split_packages(d, archdir, r'^qemu-system-(.*)$', > '${PN}-system-%s', 'QEMU full system emulation binaries(%s)' , prepend=True) > +if syspackages: > +d.setVar('RDEPENDS:' + d.getVar('PN') + '-system-all', ' > '.join(syspackages)) > + > +userpackages = do_split_packages(d, archdir, > r'^qemu-((?!system|edid|ga|img|io|nbd|pr-helper|storage-daemon).*)$', > '${PN}-user-%s', 'QEMU full user emulation binaries(%s)' , prepend=True) > +if "qemu-user-mips" in ' '.join(userpackages): > +d.appendVar('RDEPENDS:qemu-user-mips', ' '+ 'bash') > +if userpackages: > +d.setVar('RDEPENDS:' + d.getVar('PN') + '-user-all', ' > '.join(userpackages)) > +} > + > # Put the guest agent in a separate package > PACKAGES =+ "${PN}-guest-agent" > SUMMARY:${PN}-guest-agent = "QEMU guest agent" > -- > 2.25.1 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182479): https://lists.openembedded.org/g/openembedded-core/message/182479 Mute This Topic: https://lists.openembedded.org/mt/99380658/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH] selftest/reproducible: Allow native/cross reuse in test
We don't compare reproducibility of the native/cross components, only the target ones. With the long build times of rust-native, the test now takes crazy lengths of time so this tweak should allow us to reuse native/cross artefacts from sstate whilst still testing the target output is reproducible. Signed-off-by: Richard Purdie --- meta/lib/oeqa/selftest/cases/reproducible.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py index cd7aa8aafa7..1f0ed32fa09 100644 --- a/meta/lib/oeqa/selftest/cases/reproducible.py +++ b/meta/lib/oeqa/selftest/cases/reproducible.py @@ -151,7 +151,7 @@ class ReproducibleTests(OESelftestTestCase): def setUpLocal(self): super().setUpLocal() -needed_vars = ['TOPDIR', 'TARGET_PREFIX', 'BB_NUMBER_THREADS'] +needed_vars = ['TOPDIR', 'TARGET_PREFIX', 'BB_NUMBER_THREADS', 'BB_HASHSERVE'] bb_vars = get_bb_vars(needed_vars) for v in needed_vars: setattr(self, v.lower(), bb_vars[v]) @@ -225,7 +225,7 @@ class ReproducibleTests(OESelftestTestCase): # mirror, forcing a complete build from scratch config += textwrap.dedent('''\ SSTATE_DIR = "${TMPDIR}/sstate" -SSTATE_MIRRORS = "" +SSTATE_MIRRORS = "file://.*/.*-native.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH file://.*/.*-cross.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH; ''') self.logger.info("Building %s (sstate%s allowed)..." % (name, '' if use_sstate else ' NOT')) -- 2.39.2 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182478): https://lists.openembedded.org/g/openembedded-core/message/182478 Mute This Topic: https://lists.openembedded.org/mt/99388385/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [RFC] incorrect parsing of sysusers.d in rootfs generation
Hello again, a python solution could be one below. Also, I found that most of users/groups defined there are redundant as they already exist (such as root). I guess they are defined from base-passwd. I am not sure which recipe (base-passwd or systemd) should have the precedence on this. If it's base-passwd, perhaps this postcommand should check first if the user does already exist. Regards, Louis --- meta/classes/rootfs-postcommands.bbclass | 69 1 file changed, 46 insertions(+), 23 deletions(-) diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index 5c0b3ec37c..1741919918 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass @@ -61,29 +61,52 @@ python () { d.appendVar('ROOTFS_POSTPROCESS_COMMAND', 'rootfs_reproducible;') } -systemd_create_users () { - for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/*.conf; do - [ -e $conffile ] || continue - grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do - if [ "$type" = "u" ]; then - useradd_params="--shell /sbin/nologin" - [ "$id" != "-" ] && useradd_params="$useradd_params --uid $id" - [ "$comment" != "-" ] && useradd_params="$useradd_params --comment $comment" - useradd_params="$useradd_params --system $name" - eval useradd --root ${IMAGE_ROOTFS} $useradd_params || true - elif [ "$type" = "g" ]; then - groupadd_params="" - [ "$id" != "-" ] && groupadd_params="$groupadd_params --gid $id" - groupadd_params="$groupadd_params --system $name" - eval groupadd --root ${IMAGE_ROOTFS} $groupadd_params || true - elif [ "$type" = "m" ]; then - group=$id - eval groupadd --root ${IMAGE_ROOTFS} --system $group || true - eval useradd --root ${IMAGE_ROOTFS} --shell /sbin/nologin --system $name --no-user-group || true - eval usermod --root ${IMAGE_ROOTFS} -a -G $group $name - fi - done - done +python systemd_create_users() { +import glob +import re +import subprocess + +pattern_comment = r'(-|\"[^:\"]+\")' +pattern_word= r'[^\s]+' +pattern_line = r'(' + pattern_word + r')\s+(' + pattern_word + r')\s+(' + pattern_word + r')(\s+' \ ++ pattern_comment + r')?' + r'(\s+(' + pattern_word + r'))?' + r'(\s+(' + pattern_word + r'))?' + +IMAGE_ROOTFS = d.getVar('IMAGE_ROOTFS') + +for conffile in glob.glob(os.path.join(IMAGE_ROOTFS, 'usr/lib/sysusers.d/*.conf')): +with open(conffile, 'r') as f: +for line in f: +line = line.strip() +if not len(line) or line[0] == '#': continue +ret = re.fullmatch(pattern_line, line.strip()) +if not ret: continue +(stype, sname, sid, _, scomment, _, shomedir, _, sshell) = ret.groups() +if stype == 'u': +useradd_command = ['useradd'] +if sid != '-': +useradd_command.extend(['--uid', sid]) +if scomment and scomment != '-': +useradd_command.extend(['--comment', scomment]) +if shomedir and shomedir != '-': +useradd_command.extend(['--root', IMAGE_ROOTFS + shomedir]) +else: +useradd_command.extend(['--root', IMAGE_ROOTFS]) +if sshell and sshell != '-': +useradd_command.extend(['--shell', sshell]) +else: +useradd_command.extend(['--shell', '/sbin/nologin']) +useradd_command.extend(['--system', sname]) +subprocess.run(useradd_command) +elif stype == 'g': +groupadd_command = ['groupadd'] +if sid != '-': +groupadd_command.extend(['--gid', sid]) +groupadd_command.extend(['--system', sname]) +subprocess.run(groupadd_command) +elif stype == 'm': +subprocess.run(['groupadd', '--root', IMAGE_ROOTFS, '--system', sid]) +subprocess.run(['useradd', '--root', IMAGE_ROOTFS, '--shell', '/sbin/nologin', '--system', name, 'no-user-group']) +subprocess.run(['usermod', '-a', '-G', sid, sname]) } # On 05/06/2023 17:55, Louis Rannou wrote:> Hello, > > I have found an issue in the rootfs routine. The > rootfs-postcommands.bbclass has a funtion systemd_create_users that > reads /etc/sysusers.d/*.conf files and parses lines as 'type name id > comment'. > > However, the sysusers.d
Re: [OE-core] [PATCH] libssh2: Upgrade to v1.11.0
Hello, this doesn't build: https://autobuilder.yoctoproject.org/typhoon/#/builders/107/builds/4674/steps/12/logs/stdio | /usr/src/debug/libssh2/1.11.0-r0/tests/test_auth_keyboard_info_request.c:270: undefined reference to `userauth_keyboard_interactive_decode_info_request' | collect2: error: ld returned 1 exit status | make[3]: *** [Makefile:973: test_auth_keyboard_info_request] Error 1 https://autobuilder.yoctoproject.org/typhoon/#/builders/106/builds/6210/steps/12/logs/stdio | /home/pokybuild/yocto-worker/beaglebone-alt/build/build/tmp/work/cortexa8hf-neon-poky-linux-gnueabi/libssh2/1.11.0-r0/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi/../../libexec/arm-poky-linux-gnueabi/gcc/arm-poky-linux-gnueabi/13.1.1/ld: test_hostkey.o: in function `test': | /usr/src/debug/libssh2/1.11.0-r0/tests/test_hostkey.c:43: undefined reference to `_libssh2_base64_decode' | collect2: error: ld returned 1 exit status | make[3]: Leaving directory '/home/pokybuild/yocto-worker/beaglebone-alt/build/build/tmp/work/cortexa8hf-neon-poky-linux-gnueabi/libssh2/1.11.0-r0/build/tests' | make[3]: *** [Makefile:1037: test_hostkey] Error 1 On 02/06/2023 22:34:52+0100, Sudip Mukherjee wrote: > Changes: > Update license checksum: change in copyright year. > Remove patch fixed by upstream. > Disable rpath, hardcoded rpath failed curl-native build. > Adjust ptests. > > Signed-off-by: Sudip Mukherjee > --- > .../libssh2/libssh2/fix-ssh2-test.patch | 23 --- > .../recipes-support/libssh2/libssh2/run-ptest | 2 +- > .../{libssh2_1.10.0.bb => libssh2_1.11.0.bb} | 16 - > 3 files changed, 11 insertions(+), 30 deletions(-) > delete mode 100644 meta/recipes-support/libssh2/libssh2/fix-ssh2-test.patch > rename meta/recipes-support/libssh2/{libssh2_1.10.0.bb => libssh2_1.11.0.bb} > (67%) > > diff --git a/meta/recipes-support/libssh2/libssh2/fix-ssh2-test.patch > b/meta/recipes-support/libssh2/libssh2/fix-ssh2-test.patch > deleted file mode 100644 > index ee916c42d4..00 > --- a/meta/recipes-support/libssh2/libssh2/fix-ssh2-test.patch > +++ /dev/null > @@ -1,23 +0,0 @@ > -In 8.8 OpenSSH disabled sha1 rsa-sha keys out of the box, > -so we need to re-enable them as a workaround for the test > -suite until upstream updates the tests. > - > -See: https://github.com/libssh2/libssh2/issues/630 > - > -Upstream-Status: Backport [alternative fixes merged upstream] > - > -Patch taken from > https://github.com/mirror-rpm/libssh2/commit/47f7114f7d0780f3075bad51a71881f45cc933c5 > - > a/tests/ssh2.sh > -+++ b/tests/ssh2.sh > -@@ -25,7 +25,8 @@ $SSHD -f /dev/null -h "$srcdir"/etc/host > - -o 'Port 4711' \ > - -o 'Protocol 2' \ > - -o "AuthorizedKeysFile $srcdir/etc/user.pub" \ > ---o 'UsePrivilegeSeparation no' \ > -+-o 'HostKeyAlgorithms +ssh-rsa' \ > -+-o 'PubkeyAcceptedAlgorithms +ssh-rsa' \ > - -o 'StrictModes no' \ > - -D \ > - $libssh2_sshd_params & > - > diff --git a/meta/recipes-support/libssh2/libssh2/run-ptest > b/meta/recipes-support/libssh2/libssh2/run-ptest > index 5e7426f79d..ed87074fcd 100644 > --- a/meta/recipes-support/libssh2/libssh2/run-ptest > +++ b/meta/recipes-support/libssh2/libssh2/run-ptest > @@ -2,7 +2,7 @@ > > ptestdir=$(dirname "$(readlink -f "$0")") > cd tests > -for test in simple mansyntax.sh ssh2.sh > +for test in test_simple mansyntax.sh test_sshd.test > do > ./../test-driver --test-name $test --log-file ../$test.log --trs-file > ../$test.trs --color-tests no --enable-hard-errors yes --expect-failure no -- > ./$test > done > diff --git a/meta/recipes-support/libssh2/libssh2_1.10.0.bb > b/meta/recipes-support/libssh2/libssh2_1.11.0.bb > similarity index 67% > rename from meta/recipes-support/libssh2/libssh2_1.10.0.bb > rename to meta/recipes-support/libssh2/libssh2_1.11.0.bb > index d5513373b0..31a3c0c90b 100644 > --- a/meta/recipes-support/libssh2/libssh2_1.10.0.bb > +++ b/meta/recipes-support/libssh2/libssh2_1.11.0.bb > @@ -5,20 +5,20 @@ SECTION = "libs" > DEPENDS = "zlib" > > LICENSE = "BSD-3-Clause" > -LIC_FILES_CHKSUM = "file://COPYING;md5=3e089ad0cf27edf1e7f261dfcd06acc7" > +LIC_FILES_CHKSUM = "file://COPYING;md5=24a33237426720395ebb1dd1349ca225" > > SRC_URI = "http://www.libssh2.org/download/${BP}.tar.gz \ > - file://fix-ssh2-test.patch \ > file://run-ptest \ > " > > -SRC_URI[sha256sum] = > "2d64e90f3ded394b91d3a2e774ca203a4179f69aebee03003e5a6fa621e41d51" > +SRC_URI[sha256sum] = > "3736161e41e2693324deb38c26cfdc3efe6209d634ba4258db1cecff6a5ad461" > > inherit autotools pkgconfig ptest > > EXTRA_OECONF += "\ > --with-libz \ > --with-libz-prefix=${STAGING_LIBDIR} \ > + --disable-rpath \ > " > > # only one of openssl and gcrypt could be set > @@ -41,9 +41,13 @@ do_install_ptest() { > install -d ${D}${PTEST_PATH}/tests > install -m 0755 ${S}/test-driver ${D}${PTEST_PATH}/
Re: [OE-Core][PATCH v2 2/2] testimage: implement test artifacts retriever for failing tests
On Wed, 2023-06-07 at 14:29 +0200, Alexander Kanavin wrote: > On Wed, 7 Jun 2023 at 14:23, Alexis Lothoré > wrote: > > > Then core-image-ptest.bb should append "${libdir}/{MCNAME}/ptest" to > > > that. As that same image recipe installs only a single ptest via > > > IMAGE_INSTALL:append, and the artifacts are retrieved only if that > > > ptest would fail, this would achieve the same outcome. Other images > > > (which can potentially include many ptests) can then set what > > > artifacts to retrieve themselves as they please. > > > > I am not familiar with multiconfig, so I'll have to document myself before > > trying what you suggest, especially to make sure it will not make the > > retriever > > too dependant on a proper multiconfig definition. > > core-image-ptest.bb is already set for this, so it just adds another > usage of MCNAME variable into it to get the name of the ptest from the > mcextend variant and substitute that into the path that gets added to > TESTIMAGE_FAILED_QA_ARTIFACTS. The retriever won't know anything about > it as it happens at the recipe parsing step. It does seem like a neat way to handle things to me FWIW. Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182475): https://lists.openembedded.org/g/openembedded-core/message/182475 Mute This Topic: https://lists.openembedded.org/mt/99380468/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 1/3] image_types: use IMAGE_FILE_MAXSIZE variable for ext2/3/4 image types
This fails on the autobuilders: https://autobuilder.yoctoproject.org/typhoon/#/builders/69/builds/7219/steps/11/logs/stdio https://autobuilder.yoctoproject.org/typhoon/#/builders/120/builds/2859/steps/14/logs/stdio ERROR: core-image-minimal-1.0-r0 do_image_ext4: ExecutionError('/home/pokybuild/yocto-worker/qa-extras/build/build/tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0-r0/temp/run.do_image_ext4.266360', 2, None, None) NOTE: recipe core-image-minimal-1.0-r0: task do_image_tar: Succeeded ERROR: Logfile of failure stored in: /home/pokybuild/yocto-worker/qa-extras/build/build/tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0-r0/temp/log.do_image_ext4.266360 Log data follows: | DEBUG: Executing python function extend_recipe_sysroot | NOTE: Direct dependencies are ['/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-core/glibc/cross-localedef-native_2.37.bb:do_populate_sysroot', '/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-core/glibc/ldconfig-native_2.12.1.bb:do_populate_sysroot', '/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/qemu/qemuwrapper-cross_1.0.bb:do_populate_sysroot', '/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-kernel/kmod/depmodwrapper-cross_1.0.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/createrepo-c/createrepo-c_0.21.1.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/dnf/dnf_4.14.0.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.47.0.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/makedevs/makedevs_1.0.1.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/opkg-utils/opkg-utils_0.5.0.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/opkg/opkg_0.6.1.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/pseudo/pseudo_git.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-devtools/rpm/rpm_4.18.1.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-extended/pbzip2/pbzip2_1.1.13.bb:do_populate_sysroot', 'virtual:native:/home/pokybuild/yocto-worker/qa-extras/build/meta/recipes-extended/pigz/pigz_2.7.bb:do_populate_sysroot'] | NOTE: Installed into sysroot: ['e2fsprogs-native'] | NOTE: Skipping as already exists in sysroot: ['cross-localedef-native', 'ldconfig-native', 'qemuwrapper-cross', 'depmodwrapper-cross', 'update-rc.d-native', 'createrepo-c-native', 'dnf-native', 'makedevs-native', 'opkg-utils-native', 'opkg-native', 'pseudo-native', 'rpm-native', 'pbzip2-native', 'pigz-native', 'librepo-native', 'libcomps-native', 'gettext-minimal-native', 'python3-native', 'python3-iniparse-native', 'libdnf-native', 'cmake-native', 'kmod-native', 'openssl-native', 'debianutils-native', 'libtool-native', 'attr-native', 'util-linux-native', 'texinfo-dummy-native', 'bzip2-native', 'sqlite3-native', 'file-native', 'xz-native', 'zstd-native', 'popt-native', 'lua-native', 'elfutils-native', 'libgcrypt-native', 'qemu-native', 'zlib-native', 'libxml2-native', 'expat-native', 'curl-native', 'glib-2.0-native', 'perl-native', 'shadow-native', 'libarchive-native', 'libsolv-native', 'gpgme-native', 'libffi-native', 'libtirpc-native', 'libedit-native', 'ncurses-native', 'util-linux-libuuid-native', 'libnsl2-native', 'gdbm-native', 'python3-wheel-native', 'python3-six-native', 'python3-build-native', 'python3-installer-native', 'python3-setuptools-native', 'libcheck-native', 'gobject-introspection-native', 'json-c-native', 'swig-native', 'libmodulemd-native', 'libpcre2-native', 'libcap-ng-native', 'readline-native', 'libmicrohttpd-native', 'libgpg-error-native', 'libcap-native', 'gettext-native', 'make-native', 'libassuan-native', 'python3-flit-core-native', 'python3-pyproject-hooks-native', 'python3-packaging-native', 'flex-native', 'libyaml-native', 'gnutls-native', 'unzip-native', 'm4-native', 'libtasn1-native', 'gmp-native', 'libidn2-native', 'libunistring-native', 'nettle-native', 'gnu-config-native'] | DEBUG: sed -e 's:^[^/]*/:/home/pokybuild/yocto-worker/qa-extras/build/build/tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0-r0/recipe-sysroot-native/:g' /home/pokybuild/yocto-worker/qa-extras/build/build/tmp/sysroots-components/x86_64/e2fsprogs-native/fixmepath | xargs sed -i -e 's:FIXMESTAGINGDIRTARGET:/home/pokybuild/yocto-worker/qa-extras/build/build/tmp/work/qemux86_64-poky-linux/core-image-minimal/1.0-r0/recipe-sysroot:g;
Re: [OE-Core][PATCH v2 2/2] testimage: implement test artifacts retriever for failing tests
On Wed, 7 Jun 2023 at 14:23, Alexis Lothoré wrote: > > Then core-image-ptest.bb should append "${libdir}/{MCNAME}/ptest" to > > that. As that same image recipe installs only a single ptest via > > IMAGE_INSTALL:append, and the artifacts are retrieved only if that > > ptest would fail, this would achieve the same outcome. Other images > > (which can potentially include many ptests) can then set what > > artifacts to retrieve themselves as they please. > > I am not familiar with multiconfig, so I'll have to document myself before > trying what you suggest, especially to make sure it will not make the > retriever > too dependant on a proper multiconfig definition. core-image-ptest.bb is already set for this, so it just adds another usage of MCNAME variable into it to get the name of the ptest from the mcextend variant and substitute that into the path that gets added to TESTIMAGE_FAILED_QA_ARTIFACTS. The retriever won't know anything about it as it happens at the recipe parsing step. Alex -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182473): https://lists.openembedded.org/g/openembedded-core/message/182473 Mute This Topic: https://lists.openembedded.org/mt/99380468/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-Core][PATCH v2 2/2] testimage: implement test artifacts retriever for failing tests
Hello Alexander, Richard, Thanks for the feedback. Indeed my testing setup is quite minimal, so it may not reflect how many files may be pulled in real cases. On 6/7/23 11:20, Alexander Kanavin wrote: > What might work better without code complications is testimage.bbclass > setting only the minimum set (no ptests): > > +TESTIMAGE_FAILED_QA_ARTIFACTS ??= "\ > +${localstatedir}/log \ > +${sysconfdir}/version \ > +${sysconfdir}/os-release \ > " > > > Then core-image-ptest.bb should append "${libdir}/{MCNAME}/ptest" to > that. As that same image recipe installs only a single ptest via > IMAGE_INSTALL:append, and the artifacts are retrieved only if that > ptest would fail, this would achieve the same outcome. Other images > (which can potentially include many ptests) can then set what > artifacts to retrieve themselves as they please. I am not familiar with multiconfig, so I'll have to document myself before trying what you suggest, especially to make sure it will not make the retriever too dependant on a proper multiconfig definition. Thanks, Alexis > > Alex > > On Wed, 7 Jun 2023 at 10:49, Richard Purdie > wrote: >> >> On Wed, 2023-06-07 at 10:30 +0200, Alexis Lothoré via >> lists.openembedded.org wrote: >>> Add a basic artifacts retrievers in testimage class which: >>> - triggers when at least one runtime test fails but tests execution >>> encountered no major issue >>> - reads a list of paths to retrieve from TESTIMAGE_FAILED_QA_ARTIFACTS >>> - checks for artifacts presence on target >>> - retrieve those files over scp thanks to existing ssh class >>> - store those files in an "artifacts" directory in "tmp/log/oeqa/" >>> >>> This implementation assumes that the SSH or Qemu target has run and >>> finished gracefully. If tests do not finish because of an exception, >>> artifacts will not be retrieved >>> >>> Bring partial solution to [YOCTO #14901] >>> >>> Signed-off-by: Alexis Lothoré >>> --- >>> Changes since v1: >>> - only gather artifacts in nominal case (ie qemu runs without any raised >>> exception) >>> - list artifacts directly in variable instead of using external file >>> - use standard variables in artifacts paths >>> - allow glob patterns usage in artifacts paths >>> - expand/filter artifacts list on target before retrieving them >>> - tune default artifacts list >>> --- >>> meta/classes-recipe/testimage.bbclass | 49 +++ >>> 1 file changed, 49 insertions(+) >>> >>> diff --git a/meta/classes-recipe/testimage.bbclass >>> b/meta/classes-recipe/testimage.bbclass >>> index b48cd96575d2..c6ce74a9e7a8 100644 >>> --- a/meta/classes-recipe/testimage.bbclass >>> +++ b/meta/classes-recipe/testimage.bbclass >>> @@ -18,6 +18,16 @@ inherit image-artifact-names >>> >>> TESTIMAGE_AUTO ??= "0" >>> >>> +# When any test fails, TESTIMAGE_FAILED_QA ARTIFACTS will be parsed and for >>> +# each entry in it, if artifact pointed by path description exists on >>> target, >>> +# it will be retrieved onto host >>> + >>> +TESTIMAGE_FAILED_QA_ARTIFACTS ??= "\ >>> +${localstatedir}/log \ >>> +${sysconfdir}/version \ >>> +${sysconfdir}/os-release \ >>> +${libdir}/*/ptest" >> >> I know Alex Kanavin asked for this but I'm really not sure >> ${libdir}/*/ptest is a great idea. This will effectively copy the >> entire ptest package files for every ptest on the image. Now we split >> ptests to different images it is less of an issue but it is still >> potentially rather large. Could we at least limit it to failing ptests? >> >> Cheers, >> >> Richard >> >> >> >> >> -- Alexis Lothoré, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182472): https://lists.openembedded.org/g/openembedded-core/message/182472 Mute This Topic: https://lists.openembedded.org/mt/99380468/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][kirkstone][PATCH] curl: Correction for CVE-2023-27536
From: Omkar Patil Correction of backport link inside the patch with correct commit link as below Link: https://github.com/curl/curl/commit/cb49e67303dbafbab1cebf4086e3ec15b7d56ee5 Signed-off-by: Sourav Kumar Pramanik --- meta/recipes-support/curl/curl/CVE-2023-27536.patch | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta/recipes-support/curl/curl/CVE-2023-27536.patch b/meta/recipes-support/curl/curl/CVE-2023-27536.patch index fb3ee6a14d..d3d1d2dc2e 100644 --- a/meta/recipes-support/curl/curl/CVE-2023-27536.patch +++ b/meta/recipes-support/curl/curl/CVE-2023-27536.patch @@ -3,10 +3,11 @@ From: Daniel Stenberg Date: Fri, 10 Mar 2023 09:22:43 +0100 Subject: [PATCH] url: only reuse connections with same GSS delegation -Upstream-Status: Backport from [https://github.com/curl/curl/commit/af369db4d3833272b8ed443f7fcc2e757a0872eb] +Upstream-Status: Backport from [https://github.com/curl/curl/commit/cb49e67303dbafbab1cebf4086e3ec15b7d56ee5] CVE: CVE-2023-27536 Signed-off-by: Signed-off-by: Mingli Yu Signed-off-by: Siddharth Doshi +Signed-off-by: Sourav Kumar Pramanik --- lib/url.c | 6 ++ lib/urldata.h | 1 + -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182471): https://lists.openembedded.org/g/openembedded-core/message/182471 Mute This Topic: https://lists.openembedded.org/mt/99382576/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] Drafting a fetcher for kernelcves
> On 6 Jun 2023, at 06:57, Marta Rybczynska wrote: > > Hello all, > I'm drafting a fetcher for kernelcves > (https://github.com/nluedtke/linux_kernel_cves/) and the data conflicts in a > certain way with cve-extra-exclusions.inc. With multiple fetchers we'll need > to have a way to say which data set has priority. > > For now I can see examples of two cases (in all cases we go for a specific > kernel version): > > Case one: > NVD says unfixed > linux_kernel_cves says unknown > cve-extra-exclusions.inc says IGNORE > > Case two: > NVD says unfixed > linux_kernel_cves says fixed > cve-extra-exclusions says IGNORE > > In the first case, the solutions is IGNORE (some old CVEs), in the second one > it's PATCHED. > > The questions I have: Should cve-extra-exclusions always have priority? > Should we allow the user to set priority of fetchers? > > What I'm going to test is use the kernel_cves fetcher for all kernel CVEs and > NVD for all the rest. Should it be an option? > > I'd like to avoid adding too many options that make cause mistakes… I’d suggest that the order of priority goes NVD, linux_kernel_cves, then metadata (typically cve-extra-exclusions). With data from kernelcves being pulled in we should be able to purge most of the data in cve-extra-exclusions and only use it when we’ve backported/resolved a CVE that hasn’t been merged upstream. Very pleased you’re working on fetching from kernelcves too, as manually maintaining the exclusions is tiresome. Ross -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182470): https://lists.openembedded.org/g/openembedded-core/message/182470 Mute This Topic: https://lists.openembedded.org/mt/99358001/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH 0/3] image_types: use IMAGE_FILE_MAXSIZE variable to create fixed partition size
Hello, On 04/06/2023 14:37:52+0200, Charles-Antoine Couret via lists.openembedded.org wrote: > In case of fixed partitionning where the rootfs partition can't exceed an > amount of bytes, there is currently no automatic and no generic way to have > this requirement met in any case. > > Until now, ROOTFS_SIZE value got from directory_size() does not takes into > account > the size of required metadata for the filesystem itself (and does not work > well > for other block size than 4k BTW). > Obviously it's a difficult task which depends on rootfs size and filesystem > type. > > The workaround was to set IMAGE_OVERHEAD_FACTOR and IMAGE_ROOTFS_EXTRA_SPACE > to add the required extra margins. But when the final rootfs is closed to the > maximum size, it's difficult to adjust them correctly And if you remove > or add new recipes in your image, you've to recompute these margins to have > enough > space for these metadata when the rootfs is small, and to not have too big > final > file when the rootfs is big. > > It's cumbersome and error prone to just have a build failure when the final > output > can't be flashed into the partition. > > The solution is to follow how it's implemented in buildroot by having a > specific variable, here IMAGE_FILE_MAXSIZE, to create the final sparse file > and trying to fill it with the content of rootfs. If there is enough space, > margins are well compressed and does not consume space in the filesystem. > If there is no enough space, an error is triggered to warm the developer > before > trying to use it in the device. > > If IMAGE_FILE_MAXSIZE is not set, the idea is to keep the previous behaviour > for compatibility reason and to met other requirements. It would be great if you could add test cases that ensure that the generated images are indeed fitting the size. > > Charles-Antoine Couret (3): > image_types: use IMAGE_FILE_MAXSIZE variable for ext2/3/4 image types > image_types: use IMAGE_FILE_MAXSIZE variable for btrfs image types > image_types: use IMAGE_FILE_MAXSIZE variable for f2fs image types > > meta/classes-recipe/image_types.bbclass | 34 +++-- > 1 file changed, 26 insertions(+), 8 deletions(-) > > -- > 2.40.1 > > > > -- Alexandre Belloni, co-owner and COO, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182469): https://lists.openembedded.org/g/openembedded-core/message/182469 Mute This Topic: https://lists.openembedded.org/mt/99320002/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][mickledore][PATCH 2/2] linux-yocto: move build / debug dependencies to .inc
From: Bruce Ashfield When the architecture and debug specific build and runtime dependencies were introduced, they were only applicable to "newer" kernel versions and were enabled in the version specific recipes. These are now common dependencies, so we can avoid the duplication and move them to a common location. We also change the adhoc nature of the existing elfutils definition, as it is now detected by the kernel build and we no longer need the work around to the native sysroot. Finally, we change the undocumented KERNEL_DEBUG_OPTIONS to KERNEL_DEBUG and use it to conditionally enable features that need extended support (and support sometimes out of oe-core). Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit 7ddeb149e7a78bedeb945898fec5e8f13b7c5711) Signed-off-by: Xiangyu Chen --- meta/recipes-kernel/linux/linux-yocto.inc| 10 -- meta/recipes-kernel/linux/linux-yocto_6.1.bb | 4 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/meta/recipes-kernel/linux/linux-yocto.inc b/meta/recipes-kernel/linux/linux-yocto.inc index 934591ff1c..04a8105e17 100644 --- a/meta/recipes-kernel/linux/linux-yocto.inc +++ b/meta/recipes-kernel/linux/linux-yocto.inc @@ -59,8 +59,14 @@ do_install:append(){ # enable kernel-sample for oeqa/runtime/cases's ksample.py test KERNEL_FEATURES:append:qemuall=" features/kernel-sample/kernel-sample.scc" -KERNEL_DEBUG_OPTIONS ?= "stack" -KERNEL_EXTRA_ARGS:append:x86-64 = " ${@bb.utils.contains('KERNEL_DEBUG_OPTIONS', 'stack', 'HOST_LIBELF_LIBS="-L${RECIPE_SYSROOT_NATIVE}/usr/lib/pkgconfig/../../../usr/lib/ -lelf"', '', d)}" +KERNEL_DEBUG ?= "" +# These used to be version specific, but are now common dependencies. New +# tools / dependencies will continue to be added in version specific recipes. +DEPENDS += '${@bb.utils.contains_any("ARCH", [ "x86", "arm64" ], "elfutils-native", "", d)}' +DEPENDS += "openssl-native util-linux-native" +DEPENDS += "gmp-native libmpc-native" +DEPENDS += '${@bb.utils.contains("KERNEL_DEBUG", "True", "pahole-native", "", d)}' +EXTRA_OEMAKE += '${@bb.utils.contains("KERNEL_DEBUG", "True", "", "PAHOLE=false", d)}' do_devshell:prepend() { # setup native pkg-config variables (kconfig scripts call pkg-config directly, cannot generically be overriden to pkg-config-native) diff --git a/meta/recipes-kernel/linux/linux-yocto_6.1.bb b/meta/recipes-kernel/linux/linux-yocto_6.1.bb index 36f7ed8791..664d83 100644 --- a/meta/recipes-kernel/linux/linux-yocto_6.1.bb +++ b/meta/recipes-kernel/linux/linux-yocto_6.1.bb @@ -45,10 +45,6 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" LINUX_VERSION ?= "6.1.25" -DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" -DEPENDS += "openssl-native util-linux-native" -DEPENDS += "gmp-native libmpc-native" - PV = "${LINUX_VERSION}+git${SRCPV}" KMETA = "kernel-meta" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182468): https://lists.openembedded.org/g/openembedded-core/message/182468 Mute This Topic: https://lists.openembedded.org/mt/99380944/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core][mickledore][PATCH 1/2] kernel: don't force PAHOLE=false
From: Bruce Ashfield If a specific kernel provider or configuration wants to enable BTF and pahole analysis, it isn't currently possible due to the explicit definition to false in the base kernel build arguments. pahole is now detected by the kernel built itself, so unless pahole-native is enabled, the result is the same. If a kernel does require an explicit disable of pahole, it is better to carry PAHOLE=false in those specific recipes. Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie (cherry picked from commit b1e4851a36ed47ce6ba880a49264b9a57c78cf4f) Signed-off-by: Xiangyu Chen --- meta/classes-recipe/kernel.bbclass | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/classes-recipe/kernel.bbclass b/meta/classes-recipe/kernel.bbclass index e634eabd49..1e97de5696 100644 --- a/meta/classes-recipe/kernel.bbclass +++ b/meta/classes-recipe/kernel.bbclass @@ -235,7 +235,7 @@ KERNEL_EXTRA_ARGS ?= "" EXTRA_OEMAKE += ' CC="${KERNEL_CC}" LD="${KERNEL_LD}" OBJCOPY="${KERNEL_OBJCOPY}"' EXTRA_OEMAKE += ' HOSTCC="${BUILD_CC}" HOSTCFLAGS="${BUILD_CFLAGS}" HOSTLDFLAGS="${BUILD_LDFLAGS}" HOSTCPP="${BUILD_CPP}"' -EXTRA_OEMAKE += ' HOSTCXX="${BUILD_CXX}" HOSTCXXFLAGS="${BUILD_CXXFLAGS}" PAHOLE=false' +EXTRA_OEMAKE += ' HOSTCXX="${BUILD_CXX}" HOSTCXXFLAGS="${BUILD_CXXFLAGS}"' KERNEL_ALT_IMAGETYPE ??= "" -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182467): https://lists.openembedded.org/g/openembedded-core/message/182467 Mute This Topic: https://lists.openembedded.org/mt/99380943/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-Core][PATCH v2 2/2] testimage: implement test artifacts retriever for failing tests
What might work better without code complications is testimage.bbclass setting only the minimum set (no ptests): +TESTIMAGE_FAILED_QA_ARTIFACTS ??= "\ +${localstatedir}/log \ +${sysconfdir}/version \ +${sysconfdir}/os-release \ " Then core-image-ptest.bb should append "${libdir}/{MCNAME}/ptest" to that. As that same image recipe installs only a single ptest via IMAGE_INSTALL:append, and the artifacts are retrieved only if that ptest would fail, this would achieve the same outcome. Other images (which can potentially include many ptests) can then set what artifacts to retrieve themselves as they please. Alex On Wed, 7 Jun 2023 at 10:49, Richard Purdie wrote: > > On Wed, 2023-06-07 at 10:30 +0200, Alexis Lothoré via > lists.openembedded.org wrote: > > Add a basic artifacts retrievers in testimage class which: > > - triggers when at least one runtime test fails but tests execution > > encountered no major issue > > - reads a list of paths to retrieve from TESTIMAGE_FAILED_QA_ARTIFACTS > > - checks for artifacts presence on target > > - retrieve those files over scp thanks to existing ssh class > > - store those files in an "artifacts" directory in "tmp/log/oeqa/" > > > > This implementation assumes that the SSH or Qemu target has run and > > finished gracefully. If tests do not finish because of an exception, > > artifacts will not be retrieved > > > > Bring partial solution to [YOCTO #14901] > > > > Signed-off-by: Alexis Lothoré > > --- > > Changes since v1: > > - only gather artifacts in nominal case (ie qemu runs without any raised > > exception) > > - list artifacts directly in variable instead of using external file > > - use standard variables in artifacts paths > > - allow glob patterns usage in artifacts paths > > - expand/filter artifacts list on target before retrieving them > > - tune default artifacts list > > --- > > meta/classes-recipe/testimage.bbclass | 49 +++ > > 1 file changed, 49 insertions(+) > > > > diff --git a/meta/classes-recipe/testimage.bbclass > > b/meta/classes-recipe/testimage.bbclass > > index b48cd96575d2..c6ce74a9e7a8 100644 > > --- a/meta/classes-recipe/testimage.bbclass > > +++ b/meta/classes-recipe/testimage.bbclass > > @@ -18,6 +18,16 @@ inherit image-artifact-names > > > > TESTIMAGE_AUTO ??= "0" > > > > +# When any test fails, TESTIMAGE_FAILED_QA ARTIFACTS will be parsed and for > > +# each entry in it, if artifact pointed by path description exists on > > target, > > +# it will be retrieved onto host > > + > > +TESTIMAGE_FAILED_QA_ARTIFACTS ??= "\ > > +${localstatedir}/log \ > > +${sysconfdir}/version \ > > +${sysconfdir}/os-release \ > > +${libdir}/*/ptest" > > I know Alex Kanavin asked for this but I'm really not sure > ${libdir}/*/ptest is a great idea. This will effectively copy the > entire ptest package files for every ptest on the image. Now we split > ptests to different images it is less of an issue but it is still > potentially rather large. Could we at least limit it to failing ptests? > > Cheers, > > Richard > > > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182466): https://lists.openembedded.org/g/openembedded-core/message/182466 Mute This Topic: https://lists.openembedded.org/mt/99380468/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] fixup! fix: reproducible builds for initramfs and UKI img
On Wed, 2023-06-07 at 11:00 +0200, Alexander Kanavin wrote: > It's better to resend the whole patchset as v2. I did squash this one into the original patch. For future reference, I did also tweak the shortlog to mention "image_types:" as the prefix so the area of code changing was clearer and matches the format we usually use. It is nice to see work on reproducibility! Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182465): https://lists.openembedded.org/g/openembedded-core/message/182465 Mute This Topic: https://lists.openembedded.org/mt/99359051/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-core] [PATCH v4] qemu: Split the qemu package
From: Mingli Yu Currently all files as below packaged into one package such as qemu-7.2.0-*.rpm. After the qemu package installed on the target, it will take up about 464M which includes not only the one matches the arch of the target but aslo all available built qemu targets which set by QEMU_TARGETS. # ls tmp-glibc/work/core2-64-wrs-linux/qemu/7.2.0-r0/image/usr/bin/ qemu-aarch64 qemu-img qemu-mips64el qemu-ppc64 qemu-sh4qemu-system-loongarch64 qemu-system-ppc qemu-system-x86_64 qemu-arm qemu-io qemu-mipsel qemu-ppc64le qemu-storage-daemon qemu-system-mips qemu-system-ppc64 qemu-x86_64 qemu-edid qemu-loongarch64 qemu-mips.real qemu-pr-helper qemu-system-aarch64 qemu-system-mips64 qemu-system-riscv32 qemu-ga qemu-mips qemu-nbd qemu-riscv32qemu-system-arm qemu-system-mips64el qemu-system-riscv64 qemu-i386 qemu-mips64 qemu-ppc qemu-riscv64qemu-system-i386 qemu-system-mipsel qemu-system-sh4 Split the qemu package into qemu-7.2.0-*.rpm, qemu-system-*.rpm, qemu-user-*.rpm and etc. And let user can only choose the corresponding qemu arch package they want to install should ease the concerns who cares much about the size in embedded device as it decreases the qemu rpm (qemu-7.2.0*.rpm) size from about 65M to about 19M and the size of the extracted qemu RPM decreased from about 464M to about 248M. For the users who want to install all arch packages, they can install qemu-system-all and qemu-user-all to meet their need. Signed-off-by: Mingli Yu --- meta/recipes-devtools/qemu/qemu.inc | 19 +++ 1 file changed, 19 insertions(+) diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index a87dee5c99..108dd0947a 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -230,6 +230,25 @@ INSANE_SKIP:${PN} = "arch" FILES:${PN} += "${datadir}/icons" +# For user who want to install all arch packages +PACKAGES =+ "${PN}-system-all ${PN}-user-all" + +ALLOW_EMPTY:${PN}-system-all = "1" +ALLOW_EMPTY:${PN}-user-all = "1" + +python populate_packages:prepend() { +archdir = d.expand('${bindir}/') +syspackages = do_split_packages(d, archdir, r'^qemu-system-(.*)$', '${PN}-system-%s', 'QEMU full system emulation binaries(%s)' , prepend=True) +if syspackages: +d.setVar('RDEPENDS:' + d.getVar('PN') + '-system-all', ' '.join(syspackages)) + +userpackages = do_split_packages(d, archdir, r'^qemu-((?!system|edid|ga|img|io|nbd|pr-helper|storage-daemon).*)$', '${PN}-user-%s', 'QEMU full user emulation binaries(%s)' , prepend=True) +if "qemu-user-mips" in ' '.join(userpackages): +d.appendVar('RDEPENDS:qemu-user-mips', ' '+ 'bash') +if userpackages: +d.setVar('RDEPENDS:' + d.getVar('PN') + '-user-all', ' '.join(userpackages)) +} + # Put the guest agent in a separate package PACKAGES =+ "${PN}-guest-agent" SUMMARY:${PN}-guest-agent = "QEMU guest agent" -- 2.25.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182464): https://lists.openembedded.org/g/openembedded-core/message/182464 Mute This Topic: https://lists.openembedded.org/mt/99380658/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH] fixup! fix: reproducible builds for initramfs and UKI img
It's better to resend the whole patchset as v2. Alex On Tue, 6 Jun 2023 at 10:01, Frieder Paape wrote: > > The failure happens because `touch` doesn't create a file if called with the > no-dereference option `-h`. > Removing `-h` from affected touch command. > > Signed-off-by: Frieder Paape > --- > meta/classes-recipe/image_types.bbclass | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/meta/classes-recipe/image_types.bbclass > b/meta/classes-recipe/image_types.bbclass > index f73b4d965e..023eb87537 100644 > --- a/meta/classes-recipe/image_types.bbclass > +++ b/meta/classes-recipe/image_types.bbclass > @@ -150,7 +150,7 @@ IMAGE_CMD:cpio () { > ln -sf /sbin/init ${WORKDIR}/cpio_append/init > touch -h -r ${IMAGE_ROOTFS}/sbin/init > ${WORKDIR}/cpio_append/init > else > -touch -h -r ${IMAGE_ROOTFS} > ${WORKDIR}/cpio_append/init > +touch -r ${IMAGE_ROOTFS} > ${WORKDIR}/cpio_append/init > fi > (cd ${WORKDIR}/cpio_append && echo ./init | cpio --reproducible > -oA -H newc -F ${IMGDEPLOYDIR}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cpio) > fi > -- > 2.39.2 (Apple Git-143) > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182463): https://lists.openembedded.org/g/openembedded-core/message/182463 Mute This Topic: https://lists.openembedded.org/mt/99359051/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-Core][PATCH v2 2/2] testimage: implement test artifacts retriever for failing tests
On Wed, 2023-06-07 at 10:30 +0200, Alexis Lothoré via lists.openembedded.org wrote: > Add a basic artifacts retrievers in testimage class which: > - triggers when at least one runtime test fails but tests execution > encountered no major issue > - reads a list of paths to retrieve from TESTIMAGE_FAILED_QA_ARTIFACTS > - checks for artifacts presence on target > - retrieve those files over scp thanks to existing ssh class > - store those files in an "artifacts" directory in "tmp/log/oeqa/" > > This implementation assumes that the SSH or Qemu target has run and > finished gracefully. If tests do not finish because of an exception, > artifacts will not be retrieved > > Bring partial solution to [YOCTO #14901] > > Signed-off-by: Alexis Lothoré > --- > Changes since v1: > - only gather artifacts in nominal case (ie qemu runs without any raised > exception) > - list artifacts directly in variable instead of using external file > - use standard variables in artifacts paths > - allow glob patterns usage in artifacts paths > - expand/filter artifacts list on target before retrieving them > - tune default artifacts list > --- > meta/classes-recipe/testimage.bbclass | 49 +++ > 1 file changed, 49 insertions(+) > > diff --git a/meta/classes-recipe/testimage.bbclass > b/meta/classes-recipe/testimage.bbclass > index b48cd96575d2..c6ce74a9e7a8 100644 > --- a/meta/classes-recipe/testimage.bbclass > +++ b/meta/classes-recipe/testimage.bbclass > @@ -18,6 +18,16 @@ inherit image-artifact-names > > TESTIMAGE_AUTO ??= "0" > > +# When any test fails, TESTIMAGE_FAILED_QA ARTIFACTS will be parsed and for > +# each entry in it, if artifact pointed by path description exists on target, > +# it will be retrieved onto host > + > +TESTIMAGE_FAILED_QA_ARTIFACTS ??= "\ > +${localstatedir}/log \ > +${sysconfdir}/version \ > +${sysconfdir}/os-release \ > +${libdir}/*/ptest" I know Alex Kanavin asked for this but I'm really not sure ${libdir}/*/ptest is a great idea. This will effectively copy the entire ptest package files for every ptest on the image. Now we split ptests to different images it is less of an issue but it is still potentially rather large. Could we at least limit it to failing ptests? Cheers, Richard -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182462): https://lists.openembedded.org/g/openembedded-core/message/182462 Mute This Topic: https://lists.openembedded.org/mt/99380468/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-core] [PATCH v3] qemu: Split the qemu package
On Wed, 2023-06-07 at 11:09 +0800, Yu, Mingli wrote: > Hi Richard and Bruce, > > On 6/2/23 21:19, Richard Purdie wrote: > > CAUTION: This email comes from a non Wind River email account! > > Do not click links or open attachments unless you recognize the sender and > > know the content is safe. > > > > On Fri, 2023-06-02 at 09:08 -0400, Bruce Ashfield wrote: > > > On Thu, Jun 1, 2023 at 10:37 PM Yu, Mingli > > > wrote: > > > > > > > > From: Mingli Yu > > > > > > > > Currently all files as below packaged into one package such as > > > > qemu-7.2.0-*.rpm. After the qemu package installed on the target, > > > > it will take up about 464M which includes not only the one matches > > > > the arch of the target but aslo all available built qemu targets > > > > which set by QEMU_TARGETS. > > > > > > > > # ls tmp-glibc/work/core2-64-wrs-linux/qemu/7.2.0-r0/image/usr/bin/ > > > > qemu-aarch64 qemu-img qemu-mips64el qemu-ppc64 > > > > qemu-sh4qemu-system-loongarch64 qemu-system-ppc > > > > qemu-system-x86_64 > > > > qemu-arm qemu-io qemu-mipsel qemu-ppc64le > > > > qemu-storage-daemon qemu-system-mips qemu-system-ppc64 > > > > qemu-x86_64 qemu-edid qemu-loongarch64 qemu-mips.real > > > > qemu-pr-helper qemu-system-aarch64 qemu-system-mips64 > > > > qemu-system-riscv32 qemu-ga qemu-mips qemu-nbd > > > > qemu-riscv32qemu-system-arm qemu-system-mips64el > > > > qemu-system-riscv64 qemu-i386 qemu-mips64 qemu-ppc > > > > qemu-riscv64qemu-system-i386 qemu-system-mipsel > > > > qemu-system-sh4 > > > > > > > > Split the qemu package into qemu-7.2.0-*.rpm, > > > > qemu-system-aarch64-7.2.0*.rpm, > > > > qemu-system-x86_64-7.2.0*.rpm and etc. And let user can only choose the > > > > corresponding qemu arch package they want to install should ease the > > > > concerns > > > > who cares much about the size in embedded device as it decreases the > > > > qemu rpm > > > > (qemu-7.2.0*.rpm) size from about 65M to about 19M and the size of the > > > > extracted qemu RPM decreased from about 464M to about 248M. > > > > > > > > Signed-off-by: Mingli Yu > > > > --- > > > > meta/recipes-devtools/qemu/qemu.inc | 5 + > > > > 1 file changed, 5 insertions(+) > > > > > > > > diff --git a/meta/recipes-devtools/qemu/qemu.inc > > > > b/meta/recipes-devtools/qemu/qemu.inc > > > > index a87dee5c99..c6fd39aab6 100644 > > > > --- a/meta/recipes-devtools/qemu/qemu.inc > > > > +++ b/meta/recipes-devtools/qemu/qemu.inc > > > > @@ -230,6 +230,11 @@ INSANE_SKIP:${PN} = "arch" > > > > > > > > FILES:${PN} += "${datadir}/icons" > > > > > > > > +python populate_packages:prepend() { > > > > +archdir = d.expand('${bindir}/') > > > > +do_split_packages(d, archdir, r'^qemu-system-(.*)$', > > > > '${PN}-system-%s', 'QEMU full system emulation binaries(%s)' , > > > > prepend=True) > > > > +} > > > > > > I don't see a v3 changelog, but that does look like the unnecessary > > > default runtime dependency is gone, but what would be the method of > > > installing the packages if I have an image where I'd like the old > > > non-split functionality ? > > > > > > Either a meta packages (qemu-system-all ?) or a way to override the > > > functionality (a variable around the do_split call ?) are options to > > > enable that sort of thing. As I mentioned before, there's a different > > > expected split of the packages in some scenarios, and it would be > > > ideal to not break those use cases. > > > > This is quite a common need for things which call do_split_packages, > > I'm starting to wonder if it should support some kind of "common" > > package as a parameter which it would add dependencies to? > > I'm trying to improve the package method to try to meet the need for > both the user who cares about the rpm size and the user who want the old > non-split functionality. > > And I just did a little search for the packages which use > do_split_packages and didn't see there is any package which keep both > split and no-split functionality and just only split. > > So I don't quite understand "This is quite a common need for things > which call do_split_packages". > > BTW, if we still use the old non-split, is there any suitable method for > the user who cares about the rpm size? Any suggestions? I said we should create a package which behaves the same as the old situation, not that we should have the same binaries in both. By that I mean a package you can install with dependencies such that all the qemu binaries are pulled in together. This is something which many users of do_split_packages already do. Taking meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins- packaging.inc for example, it has some python which is commented as: """ # Go through all generated packages (excluding the main package and # the -meta package itself) and add them to the -meta package as RDEPENDS. """ You can see
[OE-Core][PATCH v2 0/2] add failed tests artifacts retriever
This series is a proposal to bring in an "artifact retriever" to ease debugging when some runtime tests fails. This is a follow-up to the initial version ([1]) and its corresponding RFC ([2]), which in turn is a proposal to address general debugging issues like [3] In the proposed form the retriever is pretty simple/dumb: it waits for all tests listed for a testimage run to be done, and if any of those tests has failed, it tries to read a list of "artifacts of interest to retrieve", and pulls those files onto the host system (next to testresults.json) for further analysis. This is true for ALL runtime tests. So for example, a failing test in a very basic test session running ping, ssh and ptests will trigger artifacts retrieval, the failing test being either a ping test, a ssh test or a ptest. The artifacts list is provided in a new bitbake TESTIMAGE_FAILED_QA_ARTIFACTS. There is one single artifacts list to be provided for a whole test run (i.e a run done with bitbake -c testimage). Artifacts list can then be overriden by affecting the variable mentioned above. Retrieved files are pulled through scp to allow compatibility for both Qemu and SSH targets, and are currently stored "as is" (unarchived/uncompressed) in tmp/log/oeqa//artifacts. The series has been tested with the following process: - add dummy failing ptest in lttng-modules through a custom patch in meta/recipes-kernel/lttng - build core-image-minimal image with: - DISTRO_FEATURES:append = " ptest" - CORE_IMAGE_EXTRA_INSTALL += "dropbear lttng-tools-ptest busybox-ptest" - TEST_SUITES = "ping ssh ptest" - IMAGE_CLASSES += "testimage" - TESTIMAGE_FAILED_QA_ARTIFACTS="${libdir}/*/ptest /etc/version /etc/os-release /var/log" - run tests: bitbake core-image-minimal -c testimage - ensure artifacts are properly retrieved and stored Changes since v1: - remove legacy scp option - put back target stop in 'finally' clause - retrieve artifacts only in nominal target run (ie no exception from ssh/qemu target run) - list artifacts directly in variable instead of using intermediate file - use standard variables in artifacts paths - allow glob patterns in artifacts paths - expand artifacts path on target before tryiong to retrieve them [1] https://lore.kernel.org/openembedded-core/20230602095037.97981-1-alexis.loth...@bootlin.com/ [2] https://lore.kernel.org/openembedded-core/20230523161619a8c871d9@mail.local/T/#t [3] https://bugzilla.yoctoproject.org/show_bug.cgi?id=14901 Alexis Lothoré (2): oeqa/target/ssh: update options for SCP testimage: implement test artifacts retriever for failing tests meta/classes-recipe/testimage.bbclass | 49 +++ meta/lib/oeqa/core/target/ssh.py | 5 ++- 2 files changed, 53 insertions(+), 1 deletion(-) -- 2.40.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182458): https://lists.openembedded.org/g/openembedded-core/message/182458 Mute This Topic: https://lists.openembedded.org/mt/99380466/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-Core][PATCH v2 1/2] oeqa/target/ssh: update options for SCP
By default scp expects files. Passing -r option allows to copy directories too Signed-off-by: Alexis Lothoré --- Changes since v1: - drop legacy scp protocol option --- meta/lib/oeqa/core/target/ssh.py | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/lib/oeqa/core/target/ssh.py b/meta/lib/oeqa/core/target/ssh.py index 51079075b5bd..e650302052db 100644 --- a/meta/lib/oeqa/core/target/ssh.py +++ b/meta/lib/oeqa/core/target/ssh.py @@ -40,8 +40,11 @@ class OESSHTarget(OETarget): '-o', 'StrictHostKeyChecking=no', '-o', 'LogLevel=ERROR' ] +scp_options = [ +'-r' +] self.ssh = ['ssh', '-l', self.user ] + ssh_options -self.scp = ['scp'] + ssh_options +self.scp = ['scp'] + ssh_options + scp_options if port: self.ssh = self.ssh + [ '-p', port ] self.scp = self.scp + [ '-P', port ] -- 2.40.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182459): https://lists.openembedded.org/g/openembedded-core/message/182459 Mute This Topic: https://lists.openembedded.org/mt/99380467/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[OE-Core][PATCH v2 2/2] testimage: implement test artifacts retriever for failing tests
Add a basic artifacts retrievers in testimage class which: - triggers when at least one runtime test fails but tests execution encountered no major issue - reads a list of paths to retrieve from TESTIMAGE_FAILED_QA_ARTIFACTS - checks for artifacts presence on target - retrieve those files over scp thanks to existing ssh class - store those files in an "artifacts" directory in "tmp/log/oeqa/" This implementation assumes that the SSH or Qemu target has run and finished gracefully. If tests do not finish because of an exception, artifacts will not be retrieved Bring partial solution to [YOCTO #14901] Signed-off-by: Alexis Lothoré --- Changes since v1: - only gather artifacts in nominal case (ie qemu runs without any raised exception) - list artifacts directly in variable instead of using external file - use standard variables in artifacts paths - allow glob patterns usage in artifacts paths - expand/filter artifacts list on target before retrieving them - tune default artifacts list --- meta/classes-recipe/testimage.bbclass | 49 +++ 1 file changed, 49 insertions(+) diff --git a/meta/classes-recipe/testimage.bbclass b/meta/classes-recipe/testimage.bbclass index b48cd96575d2..c6ce74a9e7a8 100644 --- a/meta/classes-recipe/testimage.bbclass +++ b/meta/classes-recipe/testimage.bbclass @@ -18,6 +18,16 @@ inherit image-artifact-names TESTIMAGE_AUTO ??= "0" +# When any test fails, TESTIMAGE_FAILED_QA ARTIFACTS will be parsed and for +# each entry in it, if artifact pointed by path description exists on target, +# it will be retrieved onto host + +TESTIMAGE_FAILED_QA_ARTIFACTS ??= "\ +${localstatedir}/log \ +${sysconfdir}/version \ +${sysconfdir}/os-release \ +${libdir}/*/ptest" + # You can set (or append to) TEST_SUITES in local.conf to select the tests # which you want to run for your target. # The test names are the module names in meta/lib/oeqa/runtime/cases. @@ -192,6 +202,39 @@ def get_testimage_boot_patterns(d): boot_patterns[flag] = flagval.encode().decode('unicode-escape') return boot_patterns +def get_artifacts_list(target, raw_list): +result = [] +# Passed list may contains patterns in paths, expand them directly on target +for raw_path in raw_list.split(): +cmd = f"for p in {raw_path}; do if [ -e $p ]; then echo $p; fi; done" +try: +status, output = target.run(cmd) +if status != 0 or not output: +raise Exception() +result += output.split() +except: +bb.warn(f"No file/directory matching path {raw_path}") + +return result + +def retrieve_test_artifacts(target, artifacts_list, target_dir): +import shutil + +local_artifacts_dir = os.path.join(target_dir, "artifacts") +if os.path.isdir(local_artifacts_dir): +shutil.rmtree(local_artifacts_dir) + +os.makedirs(local_artifacts_dir) +for artifact_path in artifacts_list: +if not os.path.isabs(artifact_path): +bb.warn(f"{artifact_path} is not an absolute path") +continue +try: +dest_dir = os.path.join(local_artifacts_dir, os.path.dirname(artifact_path[1:])) +os.makedirs(dest_dir, exist_ok=True) +target.copyFrom(artifact_path, dest_dir) +except: +bb.warn(f"Can not retrieve {artifact_path} from test target") def testimage_main(d): import os @@ -383,6 +426,12 @@ def testimage_main(d): pass results = tc.runTests() complete = True +if not results.wasSuccessful(): +artifacts_list = get_artifacts_list(tc.target, d.getVar("TESTIMAGE_FAILED_QA_ARTIFACTS")) +if not artifacts_list: +bb.warn("Could not load artifacts list, skip artifacts retrieval") +else: +retrieve_test_artifacts(tc.target, artifacts_list, get_testimage_json_result_dir(d)) except (KeyboardInterrupt, BlockingIOError) as err: if isinstance(err, KeyboardInterrupt): bb.error('testimage interrupted, shutting down...') -- 2.40.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182460): https://lists.openembedded.org/g/openembedded-core/message/182460 Mute This Topic: https://lists.openembedded.org/mt/99380468/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-Core][RFC][PATCH 3/3] testimage: implement test artifacts retriever for failing tests
Hi, On Wed, Jun 07, 2023 at 09:36:07AM +0200, Alexis Lothoré wrote: > Hi Mikko, sorry for late reply, and thanks for the additional feedback > > On 6/2/23 15:07, Mikko Rapeli wrote: > > Hi, > > > > These changes are an improvement, but based on my experience in product > > test automation, > > instead of collecting logs after testing is completed, it is better to > > capture logs > > from the target device while tests are being executed. Serial console, > > systemd journal > > etc logs can be captured as streams from the device under test (DUT), and > > time stamps added > > from the test controller so that aligning events like test command > > execution and log messages > > is possible. It is also a good idea to capture core dumps via this kind of > > stream(s). > > Problems with HW and BSP SW may not be visible after testing completes > > (device has > > rebooted, reset) or capturing data is not possible at all (due to system, > > kernel, userspace hang, > > oom or too much load). > > > > This capturing of logs could be implemented by adding some configurable > > variables to execute > > commands on the test controller and inside oeqa environment at certain > > stages of testing, for example > > after serial console login prompt has been detected. Command to execute > > could be a simple > > "ssh -c 'journalctl -b -a'" to capture boot logs and "ssh 'journalctl -a > > -f'" and log the output data with > > additional time stamps to bitbake task output or a separate file. > > > > Just thinking out loud here, these changes are an improvement over current > > situation already. > > Thanks for sending these patches! > > While I tend to agree with what you are suggesting, I feel like there are some > new constraints, because of targets variety: is the system a real target or a > qemu image ? Does it run systemd/journald ? Are coredumps enabled by default ? > Of course those constraints may be quite easy to circumvent, moreover we can > think of a "best effort" solution which gathers "what it can" from running > target. Also, there may be some corner cases that would need some specific > handling: some tests can be quite long (hours), what about broken pipes during > those ? This would definitely need some re-connection strategies for example. Agreed. Currently our qemu reboot tests are failing for due some kind of reconnection issue, for example. I'll try to find time to fix this... > Since current proposed solution is not very invasive/has not much requirements > except a valid ssh access, I plan to update the series and let some real > testing > show if it is relevant. If not (or not enough), we may give a try to a > "runtime" > version like the one you are suggesting ? Yes, the series is a clear improvement over the current state. Cheers, -Mikko -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182457): https://lists.openembedded.org/g/openembedded-core/message/182457 Mute This Topic: https://lists.openembedded.org/mt/99283034/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [OE-Core][RFC][PATCH 3/3] testimage: implement test artifacts retriever for failing tests
Hi Mikko, sorry for late reply, and thanks for the additional feedback On 6/2/23 15:07, Mikko Rapeli wrote: > Hi, > > These changes are an improvement, but based on my experience in product test > automation, > instead of collecting logs after testing is completed, it is better to > capture logs > from the target device while tests are being executed. Serial console, > systemd journal > etc logs can be captured as streams from the device under test (DUT), and > time stamps added > from the test controller so that aligning events like test command execution > and log messages > is possible. It is also a good idea to capture core dumps via this kind of > stream(s). > Problems with HW and BSP SW may not be visible after testing completes > (device has > rebooted, reset) or capturing data is not possible at all (due to system, > kernel, userspace hang, > oom or too much load). > > This capturing of logs could be implemented by adding some configurable > variables to execute > commands on the test controller and inside oeqa environment at certain stages > of testing, for example > after serial console login prompt has been detected. Command to execute could > be a simple > "ssh -c 'journalctl -b -a'" to capture boot logs and "ssh 'journalctl -a -f'" > and log the output data with > additional time stamps to bitbake task output or a separate file. > > Just thinking out loud here, these changes are an improvement over current > situation already. > Thanks for sending these patches! While I tend to agree with what you are suggesting, I feel like there are some new constraints, because of targets variety: is the system a real target or a qemu image ? Does it run systemd/journald ? Are coredumps enabled by default ? Of course those constraints may be quite easy to circumvent, moreover we can think of a "best effort" solution which gathers "what it can" from running target. Also, there may be some corner cases that would need some specific handling: some tests can be quite long (hours), what about broken pipes during those ? This would definitely need some re-connection strategies for example. Since current proposed solution is not very invasive/has not much requirements except a valid ssh access, I plan to update the series and let some real testing show if it is relevant. If not (or not enough), we may give a try to a "runtime" version like the one you are suggesting ? Thanks, Alexis > > Cheers, > > -Mikko > > > > > -- Alexis Lothoré, Bootlin Embedded Linux and Kernel engineering https://bootlin.com -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182456): https://lists.openembedded.org/g/openembedded-core/message/182456 Mute This Topic: https://lists.openembedded.org/mt/99283034/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-