summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAndreas Müller <schnitzeltony@gmail.com>2019-04-06 01:45:56 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-04-09 13:44:39 +0100
commitb54bff841bba13c4f4799928814824f3d11db3dc (patch)
treeee69ec2fc3c69f3bcd65b61d67ebfbc60f673a66
parent0dd6823875cac63a7119f63851a0dc01ea1f2e80 (diff)
downloadpoky-b54bff841bba13c4f4799928814824f3d11db3dc.tar.gz
patch/insane: Rework patch fuzz handling
Currently there are three issues which can be enhanced: 1. Fuzz warnings cannot be configured as errors for hardening. It happened often to me that these warnings were overseen and detected after commits were already out. 2. The output is too verbose - particularly when more than one file is affected. Meanwhile all users should know why patch fuzz check is performed. So move links with background information to insane.bbclass. 3. Reduce copy & paste effort slightly by printing PN (nit: <recipe> was not a correct suggestion e.g for native extended recipe - see example below) To achieve patch.py drops patch-fuzz info encapsulated by a header- and footer- string into log.do_patch. With this insane.bbclass can drop warnings/errors depending on 'patch-fuzz' in ERROR_QA or WARN_QA. Default remains unchanged: Spit out warnings only. A message for two fuzzed patches and 'pact-fuzz' in ERROR_QA now looks like: | ERROR: autoconf-native-2.69-r11 do_patch: Fuzz detected: | | Applying patch autoreconf-exclude.patch | patching file bin/autoreconf.in | Hunk #1 succeeded at 73 with fuzz 1 (offset -3 lines). | Hunk #2 succeeded at 143 (offset 6 lines). | Hunk #3 succeeded at 167 (offset 6 lines). | Hunk #4 succeeded at 177 (offset 6 lines). | Hunk #5 succeeded at 281 (offset 15 lines). | Hunk #6 succeeded at 399 (offset 15 lines). | Hunk #7 succeeded at 571 (offset 20 lines). | Hunk #8 succeeded at 612 (offset 20 lines). | Hunk #9 succeeded at 636 (offset 20 lines). | Hunk #10 succeeded at 656 (offset 20 lines). | Hunk #11 succeeded at 683 (offset 20 lines). | | Applying patch autoreconf-gnuconfigize.patch | patching file bin/autoreconf.in | Hunk #1 succeeded at 55 with fuzz 1 (offset -3 lines). | Hunk #3 succeeded at 663 (offset 18 lines). | | The context lines in the patches can be updated with devtool: | | devtool modify autoconf-native | devtool finish --force-patch-refresh autoconf-native <layer_path> | | Don't forget to review changes done by devtool! | | ERROR: autoconf-native-2.69-r11 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] (From OE-Core rev: c762c0be43a3854a43cb4b9db559b03126d50706) Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/insane.bbclass53
-rw-r--r--meta/lib/oe/patch.py19
2 files changed, 56 insertions, 16 deletions
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 37b8bb0032..b7893a4c35 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -27,7 +27,7 @@ WARN_QA ?= "ldflags useless-rpaths rpaths staticdev libdir xorg-driver-abi \
27 installed-vs-shipped compile-host-path install-host-path \ 27 installed-vs-shipped compile-host-path install-host-path \
28 pn-overrides infodir build-deps \ 28 pn-overrides infodir build-deps \
29 unknown-configure-option symlink-to-sysroot multilib \ 29 unknown-configure-option symlink-to-sysroot multilib \
30 invalid-packageconfig host-user-contaminated uppercase-pn \ 30 invalid-packageconfig host-user-contaminated uppercase-pn patch-fuzz \
31 " 31 "
32ERROR_QA ?= "dev-so debug-deps dev-deps debug-files arch pkgconfig la \ 32ERROR_QA ?= "dev-so debug-deps dev-deps debug-files arch pkgconfig la \
33 perms dep-cmp pkgvarcheck perm-config perm-line perm-link \ 33 perms dep-cmp pkgvarcheck perm-config perm-line perm-link \
@@ -1033,6 +1033,54 @@ python do_qa_staging() {
1033 bb.fatal("QA staging was broken by the package built above") 1033 bb.fatal("QA staging was broken by the package built above")
1034} 1034}
1035 1035
1036python do_qa_patch() {
1037 import subprocess
1038
1039 ###########################################################################
1040 # Check patch.log for fuzz warnings
1041 #
1042 # Further information on why we check for patch fuzz warnings:
1043 # http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
1044 # https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
1045 ###########################################################################
1046
1047 logdir = d.getVar('T')
1048 patchlog = os.path.join(logdir,"log.do_patch")
1049
1050 if os.path.exists(patchlog):
1051 fuzzheader = '--- Patch fuzz start ---'
1052 fuzzfooter = '--- Patch fuzz end ---'
1053 statement = "grep -e '%s' %s > /dev/null" % (fuzzheader, patchlog)
1054 if subprocess.call(statement, shell=True) == 0:
1055 msg = "Fuzz detected:\n\n"
1056 fuzzmsg = ""
1057 inFuzzInfo = False
1058 f = open(patchlog, "r")
1059 for line in f:
1060 if fuzzheader in line:
1061 inFuzzInfo = True
1062 fuzzmsg = ""
1063 elif fuzzfooter in line:
1064 fuzzmsg = fuzzmsg.replace('\n\n', '\n')
1065 msg += fuzzmsg
1066 msg += "\n"
1067 inFuzzInfo = False
1068 elif inFuzzInfo and not 'Now at patch' in line:
1069 fuzzmsg += line
1070 f.close()
1071 msg += "The context lines in the patches can be updated with devtool:\n"
1072 msg += "\n"
1073 msg += " devtool modify %s\n" % d.getVar('PN')
1074 msg += " devtool finish --force-patch-refresh %s <layer_path>\n\n" % d.getVar('PN')
1075 msg += "Don't forget to review changes done by devtool!\n"
1076 if 'patch-fuzz' in d.getVar('ERROR_QA'):
1077 bb.error(msg)
1078 elif 'patch-fuzz' in d.getVar('WARN_QA'):
1079 bb.warn(msg)
1080 msg = "Patch log indicates that patches do not apply cleanly."
1081 package_qa_handle_error("patch-fuzz", msg, d)
1082}
1083
1036python do_qa_configure() { 1084python do_qa_configure() {
1037 import subprocess 1085 import subprocess
1038 1086
@@ -1137,6 +1185,9 @@ python do_qa_unpack() {
1137#addtask qa_staging after do_populate_sysroot before do_build 1185#addtask qa_staging after do_populate_sysroot before do_build
1138do_populate_sysroot[postfuncs] += "do_qa_staging " 1186do_populate_sysroot[postfuncs] += "do_qa_staging "
1139 1187
1188# Check for patch fuzz
1189do_patch[postfuncs] += "do_qa_patch "
1190
1140# Check broken config.log files, for packages requiring Gettext which 1191# Check broken config.log files, for packages requiring Gettext which
1141# don't have it in DEPENDS. 1192# don't have it in DEPENDS.
1142#addtask qa_configure after do_configure before do_compile 1193#addtask qa_configure after do_configure before do_compile
diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py
index 7dd31d9d46..f43cf047c0 100644
--- a/meta/lib/oe/patch.py
+++ b/meta/lib/oe/patch.py
@@ -38,21 +38,10 @@ def runcmd(args, dir = None):
38 if exitstatus != 0: 38 if exitstatus != 0:
39 raise CmdError(cmd, exitstatus >> 8, output) 39 raise CmdError(cmd, exitstatus >> 8, output)
40 if " fuzz " in output: 40 if " fuzz " in output:
41 bb.warn(""" 41 # Drop patch fuzz info with header and footer to log file so
42Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. 42 # insane.bbclass can handle to throw error/warning
43The context lines in the patches can be updated with devtool: 43 bb.note("--- Patch fuzz start ---\n%s\n--- Patch fuzz end ---" % format(output))
44 44
45 devtool modify <recipe>
46 devtool finish --force-patch-refresh <recipe> <layer_path>
47
48Then the updated patches and the source tree (in devtool's workspace)
49should be reviewed to make sure the patches apply in the correct place
50and don't introduce duplicate lines (which can, and does happen
51when some of the context is ignored). Further information:
52http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
53https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
54Details:
55{}""".format(output))
56 return output 45 return output
57 46
58 finally: 47 finally: