summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRoss Burton <ross.burton@arm.com>2022-05-06 16:56:00 +0100
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-05-12 16:44:06 +0100
commit6c843a5069095daf0d4fb8a10e9f5252b028ff01 (patch)
tree7af8202fcdf8681818a53ace589cd1ad69410f0a
parentc5580a0571e399a0ef5869beb4eb208acf8ae721 (diff)
downloadpoky-6c843a5069095daf0d4fb8a10e9f5252b028ff01.tar.gz
oeqa/selftest: add test for git working correctly inside pseudo
The fix for CVE-2022-24765 in git[1] breaks any use of git inside pseudo. Add a simple test case to oe-selftest to verify that at least basic uses of git work fine under pseudo. [1] https://github.com/git/git/commit/8959555cee7ec045958f9b6dd62e541affb7e7d9 (From OE-Core rev: 3fafd22233be8961801fa541969383b5b8444dee) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 46822268040a23dbb81f71fe35aee8c2663a31f6) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb15
-rw-r--r--meta/lib/oeqa/selftest/cases/git.py15
2 files changed, 30 insertions, 0 deletions
diff --git a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
index cc5d7eae5a..fa3041b7d8 100644
--- a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
+++ b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb
@@ -7,3 +7,18 @@ INHIBIT_DEFAULT_DEPS = "1"
7 7
8SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test;branch=master" 8SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test;branch=master"
9SRCREV = "a2885dd7d25380d23627e7544b7bbb55014b16ee" 9SRCREV = "a2885dd7d25380d23627e7544b7bbb55014b16ee"
10
11S = "${WORKDIR}/git"
12
13do_test_git_as_user() {
14 cd ${S}
15 git status
16}
17addtask test_git_as_user after do_unpack
18
19fakeroot do_test_git_as_root() {
20 cd ${S}
21 git status
22}
23do_test_git_as_root[depends] += "virtual/fakeroot-native:do_populate_sysroot"
24addtask test_git_as_root after do_unpack
diff --git a/meta/lib/oeqa/selftest/cases/git.py b/meta/lib/oeqa/selftest/cases/git.py
new file mode 100644
index 0000000000..f12874dc7d
--- /dev/null
+++ b/meta/lib/oeqa/selftest/cases/git.py
@@ -0,0 +1,15 @@
1from oeqa.selftest.case import OESelftestTestCase
2from oeqa.utils.commands import bitbake
3
4class GitCheck(OESelftestTestCase):
5 def test_git_intercept(self):
6 """
7 Git binaries with CVE-2022-24765 fixed will refuse to operate on a
8 repository which is owned by a different user. This breaks our
9 do_install task as that runs inside pseudo, so the git repository is
10 owned by the build user but git is running as (fake)root.
11
12 We have an intercept which disables pseudo, so verify that it works.
13 """
14 bitbake("git-submodule-test -c test_git_as_user")
15 bitbake("git-submodule-test -c test_git_as_root")