From patchwork Wed May 25 14:36:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8506 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C50D9C4332F for ; Wed, 25 May 2022 14:36:36 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.7594.1653489391091661760 for ; Wed, 25 May 2022 07:36:31 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=BC7B2HOD; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id y199so19380481pfb.9 for ; Wed, 25 May 2022 07:36:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=BVN+yR6gOpOCDU9HEcpn2o5X/BN2rD2acwmVWwGwDvA=; b=BC7B2HODRc3XdMYHZCLlRuKvfGC1LUri43D+FhL9WqSIaOQgI1nX6b00iTsUf8BbLt GQ2LvjQQPEOlKnh9SjouPslRRd6uvblaJ9biyCcOI1VFyMcptVDrhl4AaNNnKLr4k5r5 fzO96elEuycj2cmx1Ke9T/e+QMJrQy8EJ1I4w1IOvFBVyrfQMljvevHIW2dhphtgWkf7 zUb7Ycv7FkmotN+denO4yDoaI6taBM/QMSJhljLJw5yyxzMBbXMmhmQeDSPQXRhTTCWy UY7sppGcSasTh5Cj1lt0x6MYecgZoWZLGgrH3RGcdJWWHxOOR680iaCwx4/5mbC4m4jJ fm4Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BVN+yR6gOpOCDU9HEcpn2o5X/BN2rD2acwmVWwGwDvA=; b=PTE0PUgNIPiAgJASSQPz8FuK1+3AdFJhUK1seNr6XnAaswxLYDP8GRccX4kwlrP1rQ hMn6MPQChEBMn5OOzXkF807sR9/6z9At47wzrmII+nSHmIEW2hFYBwJA4rTWdLmnx7BL wrKwywpfdtT1CLWiapYim5O6Wj4qDumrZ36/DDvPz8WJbq/KvtmsZzLZDVEYdesmDqiQ tg+qmRtSKy5tROHQUF3+c1WdMhtVqEcL78puybHLjhkly6aRkOstHGYFkBE7xGihIVP4 pQzN/+2AuGqukixJJihalDVRlI64rUQh5p4gzwEsnoUDS9NLDdB/23DD5VibZoI88xTx c1sA== X-Gm-Message-State: AOAM532yeVJv47uSe2ohQQduA7DFERAYJNSuq4R8n4KqjPyy+56D42F2 jOcvnJ+VWrb1EaBoMGSaGlOUDTDhaqQyv0ei X-Google-Smtp-Source: ABdhPJzaepxeaVqYXqykfQg3us0UJ8TZEYm7m3ZlZ7s1rCt4SZc65pnHoQedEU9HyB5C6pwDoyNTsw== X-Received: by 2002:a05:6a00:b41:b0:50d:35fa:476d with SMTP id p1-20020a056a000b4100b0050d35fa476dmr34129300pfo.33.1653489389479; Wed, 25 May 2022 07:36:29 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id h6-20020a170902f70600b0015eb200cc00sm9399287plo.138.2022.05.25.07.36.28 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 May 2022 07:36:28 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 1/4] pcre2: CVE-2022-1586 Out-of-bounds read Date: Wed, 25 May 2022 04:36:09 -1000 Message-Id: <7f4daf88b71f486ddc7140500d2b44181a99222f.1653489126.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 25 May 2022 14:36:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166147 From: Hitendra Prajapati Source: https://github.com/PCRE2Project/pcre2 MR: 118027 Type: Security Fix Disposition: Backport from https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a ChangeID: e9b448d96a7e58b34b2c4069757a6f3ca0917713 Description: CVE-2022-1586: pcre2: Out-of-bounds read in compile_xclass_matchingpath in pcre2_jit_compile.c. Signed-off-by: Hitendra Prajapati Signed-off-by: Jeremy A. Puhlman Signed-off-by: Steve Sakoman --- .../libpcre/libpcre2/CVE-2022-1586.patch | 59 +++++++++++++++++++ .../recipes-support/libpcre/libpcre2_10.34.bb | 1 + 2 files changed, 60 insertions(+) create mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch new file mode 100644 index 0000000000..fbbbc9ca77 --- /dev/null +++ b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch @@ -0,0 +1,59 @@ +From 233c4248550d0c1d9bfee42198d5ee0855b7d413 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Mon, 23 May 2022 13:52:39 +0530 +Subject: [PATCH] CVE-2022-1586 + +Upstream-Status: Backport from https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a + +Signed-off-by: Hitendra Prajapati +--- + ChangeLog | 3 +++ + src/pcre2_jit_compile.c | 2 +- + src/pcre2_jit_test.c | 4 ++++ + 3 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/ChangeLog b/ChangeLog +index 0926c29..b5d72dc 100644 +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,6 +1,9 @@ + Change Log for PCRE2 + -------------------- + ++23. Fixed a unicode properrty matching issue in JIT. The character was not ++fully read in caseless matching. ++ + + Version 10.34 21-November-2019 + ------------------------------ +diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c +index f564127..5d43865 100644 +--- a/src/pcre2_jit_compile.c ++++ b/src/pcre2_jit_compile.c +@@ -7119,7 +7119,7 @@ while (*cc != XCL_END) + { + SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP); + cc++; +- if (*cc == PT_CLIST) ++ if (*cc == PT_CLIST && *cc == XCL_PROP) + { + other_cases = PRIV(ucd_caseless_sets) + cc[1]; + while (*other_cases != NOTACHAR) +diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c +index a9b3880..9df87fd 100644 +--- a/src/pcre2_jit_test.c ++++ b/src/pcre2_jit_test.c +@@ -408,6 +408,10 @@ static struct regression_test_case regression_test_cases[] = { + { MUP, A, 0, 0 | F_PROPERTY, "[\xc3\xa2-\xc3\xa6\xc3\x81-\xc3\x84\xe2\x80\xa8-\xe2\x80\xa9\xe6\x92\xad\\p{Zs}]{2,}", "\xe2\x80\xa7\xe2\x80\xa9\xe6\x92\xad \xe6\x92\xae" }, + { MUP, A, 0, 0 | F_PROPERTY, "[\\P{L&}]{2}[^\xc2\x85-\xc2\x89\\p{Ll}\\p{Lu}]{2}", "\xc3\xa9\xe6\x92\xad.a\xe6\x92\xad|\xc2\x8a#" }, + { PCRE2_UCP, 0, 0, 0 | F_PROPERTY, "[a-b\\s]{2,5}[^a]", "AB baaa" }, ++ { MUP, 0, 0, 0 | F_NOMATCH, "[^\\p{Hangul}\\p{Z}]", " " }, ++ { MUP, 0, 0, 0, "[\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" }, ++ { MUP, 0, 0, 0, "[\\x{a92e}\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" }, ++ { CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" }, + + /* Possible empty brackets. */ + { MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" }, +-- +2.25.1 + diff --git a/meta/recipes-support/libpcre/libpcre2_10.34.bb b/meta/recipes-support/libpcre/libpcre2_10.34.bb index f2c36944d8..213b946a54 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.34.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.34.bb @@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://LICENCE;md5=b1588d3bb4cb0e1f5a597d908f8c5b37" SRC_URI = "http://downloads.yoctoproject.org/mirror/sources/pcre2-${PV}.tar.bz2 \ file://pcre-cross.patch \ + file://CVE-2022-1586.patch \ " SRC_URI[md5sum] = "d280b62ded13f9ccf2fac16ee5286366" From patchwork Wed May 25 14:36:10 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8505 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id BDFBCC433EF for ; Wed, 25 May 2022 14:36:36 +0000 (UTC) Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web09.7491.1653489393222113283 for ; Wed, 25 May 2022 07:36:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=D+mTkFyf; spf=softfail (domain: sakoman.com, ip: 209.85.214.171, mailfrom: steve@sakoman.com) Received: by mail-pl1-f171.google.com with SMTP id a13so8220933plh.6 for ; Wed, 25 May 2022 07:36:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=GOKFpJfGpVb0D8zOa2xO4guyQePTR7l4qBIyyR3Vr4A=; b=D+mTkFyfmo5nTB41Nx5If+miOcByNcIy792VK/U05OZQLsTMDCtJCQoq8DRts9Ypbd 9fSBSJECRmh8Sou9SO1Yxs+4xMYWP9NxcT9qTktyNMktMIbM2BS8CqWSJKVTcYQcqtVX m/2znje0zbBkSO8G/Hn2cx+73K430fRHpIH/Y/P1rQ/JpTnKfpVrP+xT1NL42VAlAr8W FQP2OU9Ugjhy50zBuOaWx5/lqwu1XHX3jgnp/CqgJMsa+36UqsWH/JPA2YY7RaPWXSs9 cLCYzwzcHgmcfcx2A7Kb9M4IfcF1fyy+EDLEds/8TNBEJkJBCAqz96B4A5sXAOUcV9KV vUPg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=GOKFpJfGpVb0D8zOa2xO4guyQePTR7l4qBIyyR3Vr4A=; b=l5jJE7OEo9AKmyHq/Dqy7sGH0u2RXYWa6KRyXjdbFNWP8Lxv8XRJMfjt/lK7SN2lU7 hu7T6nadQyavWj4uXSDHA0jV3ka+SMT1NkKdJX9leDgps88tNVkbLf5Ltm8r4lZ1JcSB ELXGCGlXy4lEkGw+Be/unDeoYkQRnsKKUqPDKKB51hh/KbHGCrM459/8+QWn+xdm/AEQ IIGTsVk1rOqVrp7pYW/Uxo6T/ZGZtdgZooqO29tyZ8/bWRKibhnU6oWcy+tiSP4V2U3P iUCjIOOgDNcXPS2+VA4Szu0MhbgDg8jZp6M4yF1cw36lxuXM71BXRMMs1fLCrekVikyL Qqpw== X-Gm-Message-State: AOAM532YzoX7sSrTF/dUHcJhlo72lDYByBy6/fDHzHvHiem8ZxZhEkYI wa8G38/77nRX2WPsTxQlzMnGlUfNKJFSvL2L X-Google-Smtp-Source: ABdhPJzz/8qXBPoKx2ATK9yRSCoFc3xy8dzfMqTJEynNSi1fGb00DNVl6Tk9nHTjXtjjbAtKIfXRSg== X-Received: by 2002:a17:90b:1a81:b0:1e0:3314:2447 with SMTP id ng1-20020a17090b1a8100b001e033142447mr10588366pjb.121.1653489392129; Wed, 25 May 2022 07:36:32 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id h6-20020a170902f70600b0015eb200cc00sm9399287plo.138.2022.05.25.07.36.30 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 May 2022 07:36:31 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 2/4] mobile-broadband-provider-info: upgrade 20220315 -> 20220511 Date: Wed, 25 May 2022 04:36:10 -1000 Message-Id: <9d5b4fdc7ce0458577af5a16b6d7277e3d812e36.1653489126.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 25 May 2022 14:36:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166148 From: Alexander Kanavin Signed-off-by: Alexander Kanavin Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit f14c8094e7a049ac1b04c45b76855d0503559932) Signed-off-by: Steve Sakoman --- .../mobile-broadband-provider-info_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index 781b9216c5..e6f216e5cb 100644 --- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -5,8 +5,8 @@ SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "4cbb44a9fe26aa6f0b28beb79f9488b37c097b5e" -PV = "20220315" +SRCREV = "3d5c8d0f7e0264768a2c000d0fd4b4d4a991e041" +PV = "20220511" PE = "1" SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main" From patchwork Wed May 25 14:36:11 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8503 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B8745C433FE for ; Wed, 25 May 2022 14:36:36 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web09.7492.1653489396199149259 for ; Wed, 25 May 2022 07:36:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=xt/oHImk; spf=softfail (domain: sakoman.com, ip: 209.85.214.181, mailfrom: steve@sakoman.com) Received: by mail-pl1-f181.google.com with SMTP id b5so11696888plx.10 for ; Wed, 25 May 2022 07:36:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=aIWsstHF5eZ1aNCdO0AYOi0TXnrOlpkNMyKZTl8lp2M=; b=xt/oHImkntRdQdVMdTcj/8715leXSnSa/HRvjt+M5Vw4D2cuyVXwDgbJX5omtckaLX NLx8/oqtuXvR3qn+GO/9Veww8iecISwN7KgyPwMSwuF/lJDv8b0jvnd9AwewOsPY0yH1 oxJ8Bq2N2IG4n4/5YIC3t4BiPmyi7cxapShJkAY/OegFpRJQwgt0ACLOCyTGF1PwxUV2 MRHQUcAdhnde3+1yUfm6Q9ZljbuUB+/GlJ5CFHke5xe2qJWGxVHV2A0yA01Za9eloIB9 vceJjyiBQ4yd0NrD/RylAogdN9Hi9MGeUHWM2ZKDW3014FzQnXg07/Wmk9FHffkz2U81 LZUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=aIWsstHF5eZ1aNCdO0AYOi0TXnrOlpkNMyKZTl8lp2M=; b=lRB4oUQgfKwlxfT1lhtBjRl1LbrSY0KPWrJkDqMQue0zoqBqMge7NlQ8qL07u40g4H 8FPFbo32Pn+gt+d7NUj4mHT5AZSo6oWFYkaUHjtv2wMAvzhGNxa6jayaflD0i6QSA4Jo OvlkcLTvvALCeKfgqI2lZ8nRK8oq9s7ANDxGldWHPNtV5RPg+jaJUpgxtRHyzItw3XFE dw4M8XBQid0+YhuTabm8ToM+QEcvPzSOB5Zn/MQ9WM9zKz/sKKBo83wSv7r1Welwp92H gmX3h5R1iecNIEw3P9ZhRytDG0qS+yyOwgStI3OwlqZ60B6muLjhKcNhzCHEuyQSIBO9 EArQ== X-Gm-Message-State: AOAM533uTXKYr+5K7ZiIAxPZxfPjIgy65GlTmXPHCJABve6lZhJQvsCC LoZjJA7oSOU0iYHEPDmUXLATe033QK8aUD5d X-Google-Smtp-Source: ABdhPJwWyLzzQaVlnBuRSLKk9px5Tj2GpvY+WWMqWDSsV5eSD2YIlHOAChe3NquNprKYjwxZBlwpdg== X-Received: by 2002:a17:90b:4c4d:b0:1df:a164:7055 with SMTP id np13-20020a17090b4c4d00b001dfa1647055mr10735578pjb.180.1653489395129; Wed, 25 May 2022 07:36:35 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id h6-20020a170902f70600b0015eb200cc00sm9399287plo.138.2022.05.25.07.36.33 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 May 2022 07:36:33 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 3/4] oeqa/selftest/cve_check: add tests for recipe and image reports Date: Wed, 25 May 2022 04:36:11 -1000 Message-Id: X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 25 May 2022 14:36:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166149 From: Ross Burton Add a test to verify that the JSON reports are generated correctly for both single recipe builds and image builds. More tests are needed, but this is better than nothing. Signed-off-by: Ross Burton Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit df0f35555b09c4bc75470eb45ec9c74e6587d460) Signed-off-by: Steve Sakoman --- meta/lib/oeqa/selftest/cases/cve_check.py | 77 ++++++++++++++++++++++- 1 file changed, 76 insertions(+), 1 deletion(-) diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py b/meta/lib/oeqa/selftest/cases/cve_check.py index d1947baffc..2f26f606d7 100644 --- a/meta/lib/oeqa/selftest/cases/cve_check.py +++ b/meta/lib/oeqa/selftest/cases/cve_check.py @@ -1,9 +1,13 @@ -from oe.cve_check import Version +import json +import os from oeqa.selftest.case import OESelftestTestCase +from oeqa.utils.commands import bitbake, get_bb_vars class CVECheck(OESelftestTestCase): def test_version_compare(self): + from oe.cve_check import Version + result = Version("100") > Version("99") self.assertTrue( result, msg="Failed to compare version '100' > '99'") result = Version("2.3.1") > Version("2.2.3") @@ -42,3 +46,74 @@ class CVECheck(OESelftestTestCase): self.assertTrue( result ,msg="Failed to compare version with suffix '1.0p2' > '1.0p1'") result = Version("1.0_patch2","patch") < Version("1.0_patch3","patch") self.assertTrue( result ,msg="Failed to compare version with suffix '1.0_patch2' < '1.0_patch3'") + + + def test_recipe_report_json(self): + config = """ +INHERIT += "cve-check" +CVE_CHECK_FORMAT_JSON = "1" +""" + self.write_config(config) + + vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"]) + summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"]) + recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], "m4-native_cve.json") + + try: + os.remove(summary_json) + os.remove(recipe_json) + except FileNotFoundError: + pass + + bitbake("m4-native -c cve_check") + + def check_m4_json(filename): + with open(filename) as f: + report = json.load(f) + self.assertEqual(report["version"], "1") + self.assertEqual(len(report["package"]), 1) + package = report["package"][0] + self.assertEqual(package["name"], "m4-native") + found_cves = { issue["id"]: issue["status"] for issue in package["issue"]} + self.assertIn("CVE-2008-1687", found_cves) + self.assertEqual(found_cves["CVE-2008-1687"], "Patched") + + self.assertExists(summary_json) + check_m4_json(summary_json) + self.assertExists(recipe_json) + check_m4_json(recipe_json) + + + def test_image_json(self): + config = """ +INHERIT += "cve-check" +CVE_CHECK_FORMAT_JSON = "1" +""" + self.write_config(config) + + vars = get_bb_vars(["CVE_CHECK_DIR", "CVE_CHECK_SUMMARY_DIR", "CVE_CHECK_SUMMARY_FILE_NAME_JSON"]) + report_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"]) + print(report_json) + try: + os.remove(report_json) + except FileNotFoundError: + pass + + bitbake("core-image-minimal-initramfs") + self.assertExists(report_json) + + # Check that the summary report lists at least one package + with open(report_json) as f: + report = json.load(f) + self.assertEqual(report["version"], "1") + self.assertGreater(len(report["package"]), 1) + + # Check that a random recipe wrote a recipe report to deploy/cve/ + recipename = report["package"][0]["name"] + recipe_report = os.path.join(vars["CVE_CHECK_DIR"], recipename + "_cve.json") + self.assertExists(recipe_report) + with open(recipe_report) as f: + report = json.load(f) + self.assertEqual(report["version"], "1") + self.assertEqual(len(report["package"]), 1) + self.assertEqual(report["package"][0]["name"], recipename) From patchwork Wed May 25 14:36:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 8507 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F1AFC433F5 for ; Wed, 25 May 2022 14:36:46 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web09.7493.1653489398873064372 for ; Wed, 25 May 2022 07:36:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20210112.gappssmtp.com header.s=20210112 header.b=2mH3LnmB; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id m1so18747213plx.3 for ; Wed, 25 May 2022 07:36:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20210112.gappssmtp.com; s=20210112; h=from:to:subject:date:message-id:in-reply-to:references:mime-version :content-transfer-encoding; bh=Yg7l/u6TI6TmeO/zejDy02ZYik56PAE/Jc810W2dB8Q=; b=2mH3LnmBtoyRM2KkydMCBZAwA1CLn2yTAjhfxWy8XMwx1JKqaQ9s/7XZQldH4aY2mT L0z0cveiW6JFrD/l6slHJ3tKbcwES6eXf3jdFbWYw9QXp4IJVfvjk1P7PvyIFIIEM9Lb zM3wVxoLr/bnv/EsLQQg1J7fqU5vYKZflhFvXREI7COTubVRxbNxv0P+MMkW72xicCUZ EqxGdcenYP5C/aKmYf/7Laobp6QfZ8yFofESIuIyecfucTDZx7E5n9aqlakQ7tVl97Jo gNCzY1xnb/qhStrJBKnU6mwJxM7dbFj4gMUlea/cdJn4b5wnHwFPlgYdqzy3zuNSPHu2 sgKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Yg7l/u6TI6TmeO/zejDy02ZYik56PAE/Jc810W2dB8Q=; b=UgGYnm0CdM4jtKOENc9Gv2Ip57dK2BHHrOjE9u+K0j6eefj/At6K9uYgzzcMZXAtVe VJI7E3QAqAOGoGPwpU9UDj/q4PCuo3OiK/U9CKLJxoC7yHAzuzABvThv0wNQuvpl2fON 4xWmNfGNSgPWssROhMqZB2N41QEPUcurbejz6PUH5PzPYWJOno6xWgVsfhDwAq59zSMd g792c6u6pFITKoqyCs2iBWn/kkTwumWwZeCaCTR15hIYGepc+92frFUX32+J20dJvdOK uPzq+7plZCzt6cmy2HmMex9x3CwagRYhSePw++tT4IqRZr+qECJ08yC2X0j37Qd8Sf7F PuGA== X-Gm-Message-State: AOAM530rFQZj0jRGO7U360r9bCEHXm/Ab4LjDJrAJ4IJ+KPszDXvnw9f oe996slu4yDfuGKwejrKhA4NpaLp4yGoVZtz X-Google-Smtp-Source: ABdhPJwIkEQSqYCYMgdMS7rgmH+RX0/JwqUgIC+5Ws5TawufcFmw0nG7sLSK6GXRqwtMDQlcL8/f2A== X-Received: by 2002:a17:90a:86c2:b0:1df:56ac:65c5 with SMTP id y2-20020a17090a86c200b001df56ac65c5mr10704434pjv.20.1653489397730; Wed, 25 May 2022 07:36:37 -0700 (PDT) Received: from hexa.router0800d9.com (dhcp-72-253-6-214.hawaiiantel.net. [72.253.6.214]) by smtp.gmail.com with ESMTPSA id h6-20020a170902f70600b0015eb200cc00sm9399287plo.138.2022.05.25.07.36.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 May 2022 07:36:37 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][dunfell 4/4] libdrm: add libdrm-{nouveau,radeon,intel} to RPROVIDES Date: Wed, 25 May 2022 04:36:12 -1000 Message-Id: <761f050783a445a6b900024a4e10a3c414bd504b.1653489126.git.steve@sakoman.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 25 May 2022 14:36:46 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/166150 From: Minjae Kim The libdrm-{nouveau,radeon,intel} are generated by libdrm recipe. To use these libraries as a dependency in another component, It should be explicitly added as RPROVIDES. Signed-off-by:Minjae Kim Signed-off-by: Steve Sakoman --- meta/recipes-graphics/drm/libdrm_2.4.101.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta/recipes-graphics/drm/libdrm_2.4.101.bb b/meta/recipes-graphics/drm/libdrm_2.4.101.bb index 8ec566faa9..4f3e767af0 100644 --- a/meta/recipes-graphics/drm/libdrm_2.4.101.bb +++ b/meta/recipes-graphics/drm/libdrm_2.4.101.bb @@ -57,3 +57,9 @@ FILES_${PN}-amdgpu = "${libdir}/libdrm_amdgpu.so.* ${datadir}/${PN}/amdgpu.ids" FILES_${PN}-etnaviv = "${libdir}/libdrm_etnaviv.so.*" BBCLASSEXTEND = "native nativesdk" + +RPROVIDES_${PN} += " \ + libdrm-nouveau \ + libdrm-radeon \ + libdrm-intel \ +"