diff options
author | Alexander Kanavin <alexander.kanavin@linux.intel.com> | 2018-03-12 18:49:44 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-03-15 06:27:18 -0700 |
commit | cc97bc08125b63821ce3f616771830f77c456f57 (patch) | |
tree | 82c68b0a8303a0c85841e3804319de4bfe05f64b | |
parent | 682705389526fba41ef8763d290ea4cab8787e43 (diff) | |
download | poky-cc97bc08125b63821ce3f616771830f77c456f57.tar.gz |
lib/oe/patch.py: add a warning if patch context was ignored
Ignoring patch context increases the chances of patches being
applied incorrectly. Depending on what code is being patched, this can go
completely unnoticed and create subtle bugs, sometimes with security implications.
Please see here for a specific example:
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
On the other hand, we cannot simply force all patch context to match exactly:
doing this would break a lot of recipes suddenly, across all layers.
So let's try a softer approach: issue a warning, and gently update
patches over a longer span of time. When most of the warnings are eliminated,
we can start enforcing a strict patch application policy.
I do understand that this patch creates a lot of warnings all of a sudden, however
I believe the problem does need to be addressed. All of oe-core recipes have their
context already fixed.
Sample warning:
WARNING: vulkan-1.0.61.1-r0 do_patch:
Some of the context lines in patches were ignored. This can lead to incorrectly applied patches.
The context lines in the patches can be updated with devtool:
devtool modify <recipe>
devtool finish --force-patch-refresh <recipe> <layer_path>
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored).
Details:
Applying patch demos-Don-t-build-tri-or-cube.patch
patching file demos/CMakeLists.txt
Hunk #1 succeeded at 63 (offset 2 lines).
Hunk #2 succeeded at 76 with fuzz 1 (offset 2 lines).
[YOCTO #10450]
(From OE-Core rev: 5133fd46bccf14e21680f8d94e952914edccb113)
Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/lib/oe/patch.py | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py index f02dee8d27..bfa7d21879 100644 --- a/meta/lib/oe/patch.py +++ b/meta/lib/oe/patch.py | |||
@@ -36,6 +36,22 @@ def runcmd(args, dir = None): | |||
36 | (exitstatus, output) = oe.utils.getstatusoutput(cmd) | 36 | (exitstatus, output) = oe.utils.getstatusoutput(cmd) |
37 | if exitstatus != 0: | 37 | if exitstatus != 0: |
38 | raise CmdError(cmd, exitstatus >> 8, output) | 38 | raise CmdError(cmd, exitstatus >> 8, output) |
39 | if " fuzz " in output: | ||
40 | bb.warn(""" | ||
41 | Some of the context lines in patches were ignored. This can lead to incorrectly applied patches. | ||
42 | The context lines in the patches can be updated with devtool: | ||
43 | |||
44 | devtool modify <recipe> | ||
45 | devtool finish --force-patch-refresh <recipe> <layer_path> | ||
46 | |||
47 | Then the updated patches and the source tree (in devtool's workspace) | ||
48 | should be reviewed to make sure the patches apply in the correct place | ||
49 | and don't introduce duplicate lines (which can, and does happen | ||
50 | when some of the context is ignored). Further information: | ||
51 | http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html | ||
52 | https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450 | ||
53 | Details: | ||
54 | {}""".format(output)) | ||
39 | return output | 55 | return output |
40 | 56 | ||
41 | finally: | 57 | finally: |