Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=styhead 2025-02-12T14:29:34+00:00 2025-02-12T14:29:34+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-12-03T13:43:30+00:00 urn:sha1:e35b91ea4d49cad0fccacdbcdbe14bae020669ec The backslash characters cause syntax warnings, mark the strings are raw to avoid this. (From OE-Core rev: abbe836162a24de5f22b38e8a2e547607e429820) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit f717f61a37ed83618d054fc4017b5f5386fb2e3c) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2025-02-03T14:24:37+00:00 Adrian Freihofer adrian.freihofer@gmail.com 2025-01-26T12:48:05+00:00 urn:sha1:a39666e2ad802c954957c8afb085586da727b2bd (From OE-Core rev: c15220660b3c61f88a34cbc193afd875e5026704) Signed-off-by: Adrian Freihofer <adrian.freihofer@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2025-01-13T13:49:08+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-11-20T16:54:44+00:00 urn:sha1:66f9cec85308921d62fa447f10828043c89a79c2 The current code is not fit for purpose when handling large files via ssh. In the strace ptest case, we can end up with a 1.4GB archive being transferred for which every byte is printed into the task logfile twice over. This is then sent over bitbake IPC which compounds the problems. Make the following improvements: * when the output is large (over 64kb), don't print it * use a bytearray for better concat performance since strings are slow for this * when there is no ssh output, say that * print periodic size status output rather than the data itself since this could be binary and/or large * fix the killed process message logic which appeared broken (From OE-Core rev: 57673a71b20e2bbb53e7652a709bdcb32c429b6b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e7dd009a17dc902852983a82bce41bf78bb1e242) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-12-09T14:25:53+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-11-22T16:06:23+00:00 urn:sha1:8cd1a180d63c54365830bdefd7f96286969d920b Tweak the gitarchive exclude handling not to error if excluded files don't match. Also return the tagname created so that other code can then use it. (From OE-Core rev: bde2cf92e1a968e7272a194b887c331742f94d5b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 1adba3430faffdf6217b6a00533a3b48a9388abc) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-12-09T14:25:53+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-11-21T11:46:08+00:00 urn:sha1:4dec1742392d0e757d5d66eee04aa49144e83b90 Using 4 space indentation in resulted in hundreds of megabytes of extra file size in general use. Reduce this to make filesizes more managable and reduce the processing cost. Some level of indentation and spacing does make the files more readable and allows use of git diff so we need to retain some of it. (From OE-Core rev: b8be3ac506bb39665390c770f72de2ca359670b1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a274cdcaf852cca9497f0358f44dda99c06aacbe) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-12-09T14:25:53+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-11-21T14:55:59+00:00 urn:sha1:d666d72ba269d92701386e029d03116c3c95ed01 There are several problems with these paths. Firstly they contain full system paths which depend upon where the test was run. These are pretty pointless and just take up a lot of space making the results files large. Secondly, they contain the same path twice. The reference and target path will always be the same thing in two different locations. Strip off the prefix and remove the duplication. This does change the output data but that can't really be avoided. It does shrink the results data and makes it more readable. (From OE-Core rev: 40b422edd954eeb917464e6baa0e952d2ed4184c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 81a44de36e864b08687451fd85aeba7c529fd7f7) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-12-09T14:25:53+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-11-21T14:55:44+00:00 urn:sha1:78809626ecb14646a06e83c8faad3d3475d1d22a The "rawlogs" data consists of a long string of results data which is already in a structured data format. I can't see this is adding much value in duplciating the data but it does create a huge string with a lot of long problematic pathnames and inflates the results data size. I suggest we drop this data as obsolete and not necessary. (From OE-Core rev: d35e96785a07bba29a76c96f91751be12497f50c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 5b2c70fab2ffa409b861d83f048b65d458d03a90) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-12-09T14:25:53+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2024-10-25T13:31:52+00:00 urn:sha1:8c3866aa530c7531ef8b7109b9e10c32b0448f47 The code was changing the timestamps of the files in the do_package output, particularly the files added for debug sources. This was to do two things: a) make do_package sstate more reproducible b) ensure better hash equivalence matching Unfortuately the debug source files are hardlinks into the source tree for efficiency so touching these, touches a lot of files in ${B} and ${S}. This causes unpredictable effects if compile is run again for example, or could cause compiling in the install task. The hash equivalence matching is of key importance but we can mimic that using clamping of the file timestamps in the depsig output used to generate the hashes. This patch drops the global timestamp clamping, instead allowing the files to retain their creation timestamps into sstate. This makes do_package sstate slightly less reproducibile. We could clamp the sstate timestamps but that would lead to two different sets of timestamps depending on whether the data came from sstate or not. I'd prefer to have consistent code behaviour, rather than differing behavhour depending on whether data came from sstate or not. If we wanted to have reproducibiliy and fix the "corruption" of S/B and have consistent codepaths, the only other option would be two copies of the sources, which could end up huge and seems the least desireable option. This patch therefore drops the timestamp clamping in the sstate files and tweaks the depsig data generation to clamp the timestamps for do_package instead since this seems the best compromise. I validated that rpm/deb/ipk files still generate correctly as before. (From OE-Core rev: 0e6b2c761f6d727fe21a0ce2803a0f0aef236f59) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 475759fdab7200488b2a568b2ba1aa31a456d113) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-11-30T13:41:59+00:00 Alexander Kanavin alex@linutronix.de 2024-10-31T10:15:24+00:00 urn:sha1:afa029245b463d254c0f3c47d12275b36fbd5269 The first no-fail check was an attempt to work around the old CDN's instability (and it didn't really help); it should not be necessary with the new CDN, and only delays a-full completion. (From OE-Core rev: 6ffde2643e6ee8a2a0eddca173a254dbdc4a79bb) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 7f75c42b7fcf60a9ca58d3ded9047df675d76dc2) Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-11-30T13:41:59+00:00 Peter Marko peter.marko@siemens.com 2024-10-30T18:49:51+00:00 urn:sha1:2b4c64dbef651adac2b371ea19fae4284f4ed1f7 When CPE is not provided and character ":" is in cve status description, current code takes only last part of split function. This works only if there is no ":" in description, otherwise it drops the other split parts. Do a new split of the original string to take the whole description unchanged. This fixes following entries from world build of poky+meta-oe+meta-python: tiff-4.6.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2015-7313 CVE_STATUS: fixed-version: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue description: //security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue corrected: Tested with check from https://security-tracker.debian.org/tracker/CVE-2015-7313 and already 4.3.0 doesn't have the issue gnupg-2.5.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2022-3219 CVE_STATUS: upstream-wontfix: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993 description: //dev.gnupg.org/T5993 corrected: Upstream doesn't seem to be keen on merging the proposed commit - https://dev.gnupg.org/T5993 libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35325 CVE_STATUS: upstream-wontfix: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303 description: //github.com/yaml/libyaml/issues/303 corrected: Upstream thinks this is a misuse (or wrong use) of the libyaml API - https://github.com/yaml/libyaml/issues/303 libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35326 CVE_STATUS: upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 description: //github.com/yaml/libyaml/issues/302 corrected: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 libyaml-0.2.5-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2024-35328 CVE_STATUS: upstream-wontfix: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 description: //github.com/yaml/libyaml/issues/302 corrected: Upstream thinks there is no working code that is exploitable - https://github.com/yaml/libyaml/issues/302 cpio-2.15-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2023-7216 CVE_STATUS: disputed: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html description: //lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html corrected: intended behaviour, see https://lists.gnu.org/archive/html/bug-cpio/2024-03/msg00000.html openssh-9.9p1-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2023-51767 CVE_STATUS: upstream-wontfix: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1. description: //bugzilla.mindrot.org/show_bug.cgi?id=3656#c1. corrected: It was demonstrated on modified sshd and does not exist in upstream openssh https://bugzilla.mindrot.org/show_bug.cgi?id=3656#c1. cups-2.4.10-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2021-25317 CVE_STATUS: not-applicable-config: This concerns /var/log/cups having lp ownership, our /var/log/cups is root:root, so this doesn't apply. description: root, so this doesn't apply. corrected: This concerns /var/log/cups having lp ownership, our /var/log/cups is root:root, so this doesn't apply. unzip-1_6.0-r0 do_cve_check: CVE_STATUS with 3 parts for CVE-2008-0888 CVE_STATUS: fixed-version: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source description: //bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source corrected: Patch from https://bugzilla.redhat.com/attachment.cgi?id=293893&action=diff applied to 6.0 source syslog-ng-4.7.0-r0 do_cve_check: CVE_STATUS with 6 parts for CVE-2022-38725 CVE_STATUS: cpe-incorrect: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32 description: syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32 corrected: cve-check wrongly matches cpe:2.3:a:oneidentity:syslog-ng:*:*:*:*:premium:*:*:* < 7.0.32 (From OE-Core rev: 5cd34a34879ad424f3b1637b48892d6fa037861d) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit cc33dd9176726cb4b2d2f142ed1bc655da8e0a9f) Signed-off-by: Steve Sakoman <steve@sakoman.com>