Date   

Re: [PATCH] ccache.bbclass: document CCACHE_MAXSIZE variable

Khem Raj
 

you need to send it to oe-core ml

On Thu, May 26, 2022 at 4:15 PM Zach Welch <zach@...> wrote:

Setting this avoids premature cache object eviction during large builds.

Signed-off-by: Zachary T Welch <zach@...>
---
meta/classes/ccache.bbclass | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/meta/classes/ccache.bbclass b/meta/classes/ccache.bbclass
index 4532894c57..913304ab35 100644
--- a/meta/classes/ccache.bbclass
+++ b/meta/classes/ccache.bbclass
@@ -12,7 +12,12 @@
# Set CCACHE_TOP_DIR to a shared dir
# CCACHE_TOP_DIR = /path/to/shared_ccache/
#
-# - TO debug ccahe
+# - Adjust the ccache size limit to avoid overflow during large builds:
+# export CCACHE_MAXSIZE = "100G"
+# To find a reasonable limit, set this limit to 0 (no limit), then
+# observe how large the ccache directory grows.
+#
+# - To debug ccache:
# export CCACHE_DEBUG = "1"
# export CCACHE_LOGFILE = "${CCACHE_DIR}/logfile.log"
# And also set PARALLEL_MAKE = "-j 1" to get make the log in order
--
2.25.1




[PATCH] ccache.bbclass: document CCACHE_MAXSIZE variable

Zach Welch
 

Setting this avoids premature cache object eviction during large builds.

Signed-off-by: Zachary T Welch <zach@...>
---
meta/classes/ccache.bbclass | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/meta/classes/ccache.bbclass b/meta/classes/ccache.bbclass
index 4532894c57..913304ab35 100644
--- a/meta/classes/ccache.bbclass
+++ b/meta/classes/ccache.bbclass
@@ -12,7 +12,12 @@
# Set CCACHE_TOP_DIR to a shared dir
# CCACHE_TOP_DIR = /path/to/shared_ccache/
#
-# - TO debug ccahe
+# - Adjust the ccache size limit to avoid overflow during large builds:
+# export CCACHE_MAXSIZE = "100G"
+# To find a reasonable limit, set this limit to 0 (no limit), then
+# observe how large the ccache directory grows.
+#
+# - To debug ccache:
# export CCACHE_DEBUG = "1"
# export CCACHE_LOGFILE = "${CCACHE_DIR}/logfile.log"
# And also set PARALLEL_MAKE = "-j 1" to get make the log in order
--
2.25.1


[meta-oe][dunfell][PATCH] mariadb: update to 10.4.25

Armin Kuster
 

Source: mariadb.org
MR: 117530, 117522, 117514, 117506, 117497, 117489, 117481, 117473, 117465, 117457, 117449, 117380, 117364, 117356, 117336, 117212, 117204, 117196, 117180, 117188, 117169, 117161, 117441, 117372
Type: Security Fix
Disposition: Backport from mariagdb.org
ChangeID: 8bf787570ebe8503d2974af92e17b505e70440e5
Description:

LTS version, bug fix only.

Include these CVES:
CVE-2022-27458
CVE-2022-27457
CVE-2022-27456
CVE-2022-27455
CVE-2022-27452
CVE-2022-27451
CVE-2022-27449
CVE-2022-27448
CVE-2022-27447
CVE-2022-27446
CVE-2022-27445
CVE-2022-27444
CVE-2022-27387
CVE-2022-27386
CVE-2022-27385
CVE-2022-27384
CVE-2022-27383
CVE-2022-27382
CVE-2022-27381
CVE-2022-27380
CVE-2022-27379
CVE-2022-27378
CVE-2022-27377
CVE-2022-27376

Signed-off-by: Armin Kuster <akuster808@...>
Signed-off-by: Armin Kuster <akuster@...>
---
.../{mariadb-native_10.4.24.bb => mariadb-native_10.4.25.bb} | 0
meta-oe/recipes-dbs/mysql/mariadb.inc | 4 ++--
.../mysql/{mariadb_10.4.24.bb => mariadb_10.4.25.bb} | 0
3 files changed, 2 insertions(+), 2 deletions(-)
rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.4.24.bb => mariadb-native_10.4.25.bb} (100%)
rename meta-oe/recipes-dbs/mysql/{mariadb_10.4.24.bb => mariadb_10.4.25.bb} (100%)

diff --git a/meta-oe/recipes-dbs/mysql/mariadb-native_10.4.24.bb b/meta-oe/recipes-dbs/mysql/mariadb-native_10.4.25.bb
similarity index 100%
rename from meta-oe/recipes-dbs/mysql/mariadb-native_10.4.24.bb
rename to meta-oe/recipes-dbs/mysql/mariadb-native_10.4.25.bb
diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc
index 9aca7371af..565f4d5613 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -17,8 +17,8 @@ SRC_URI = "https://downloads.mariadb.org/interstitial/${BP}/source/${BP}.tar.gz
file://0001-disable-ucontext-on-musl.patch \
file://fix-arm-atomic.patch \
"
-SRC_URI[md5sum] = "af39316a6803d13f84fb586635598036"
-SRC_URI[sha256sum] = "fe975551b37f095640ea5e380eb896a37e331caf113dbe5d05564714338df846"
+
+SRC_URI[sha256sum] = "ff963c4e11bc06b775f66f2b1ddef184996208fb4b23cfdb50d95fb02eaa7ef8"

UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases"

diff --git a/meta-oe/recipes-dbs/mysql/mariadb_10.4.24.bb b/meta-oe/recipes-dbs/mysql/mariadb_10.4.25.bb
similarity index 100%
rename from meta-oe/recipes-dbs/mysql/mariadb_10.4.24.bb
rename to meta-oe/recipes-dbs/mysql/mariadb_10.4.25.bb
--
2.25.1


[meta-oe][master][kirkstone][PATCH] mariadb: update to 10.7.4

Armin Kuster
 

LTS version, bugfix only update.

Drop clang-64bit-atomics.patch as the patched code was removed in this update.
https://github.com/MariaDB/server/commit/cf483a7766d0730872232fdedd727d30a493fe29

Includes these CVES:
CVE-2022-27458
CVE-2022-27457
CVE-2022-27456
CVE-2022-27455
CVE-2022-27452
CVE-2022-27451
CVE-2022-27449
CVE-2022-27448
CVE-2022-27447
CVE-2022-27446
CVE-2022-27445
CVE-2022-27444
CVE-2022-27387
CVE-2022-27386
CVE-2022-27384
CVE-2022-27383
CVE-2022-27382
CVE-2022-27381
CVE-2022-27380
CVE-2022-27379
CVE-2022-27378
CVE-2022-27377
CVE-2022-27376

Signed-off-by: Armin Kuster <akuster808@...>
---
...ive_10.7.3.bb => mariadb-native_10.7.4.bb} | 0
meta-oe/recipes-dbs/mysql/mariadb.inc | 3 +-
.../mysql/mariadb/clang-64bit-atomics.patch | 178 ------------------
.../{mariadb_10.7.3.bb => mariadb_10.7.4.bb} | 0
4 files changed, 1 insertion(+), 180 deletions(-)
rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.7.3.bb => mariadb-native_10.7.4.bb} (100%)
delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch
rename meta-oe/recipes-dbs/mysql/{mariadb_10.7.3.bb => mariadb_10.7.4.bb} (100%)

diff --git a/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.3.bb b/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb
similarity index 100%
rename from meta-oe/recipes-dbs/mysql/mariadb-native_10.7.3.bb
rename to meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb
diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc
index 855f124834..3f246dc0a5 100644
--- a/meta-oe/recipes-dbs/mysql/mariadb.inc
+++ b/meta-oe/recipes-dbs/mysql/mariadb.inc
@@ -20,11 +20,10 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \
file://mm_malloc.patch \
file://sys_futex.patch \
file://mariadb-openssl3.patch \
- file://clang-64bit-atomics.patch \
"
SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch"

-SRC_URI[sha256sum] = "da286919ffc9c913282202349709b6ba4ebcd342815e8dae0aa6b6bd8f515cd4"
+SRC_URI[sha256sum] = "73dd9c9d325520f20ca5e0ef16f94b7be1146bed7e4a78e735c20daebf3a4173"

UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases"

diff --git a/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch b/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch
deleted file mode 100644
index cdc2947b7b..0000000000
--- a/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-Prevent Clang from emitting atomic libcalls
-
-Clang expects 8-byte alignment for some 64-bit atomic operations
-in some 32-bit targets. Native instruction lock cmpxchg8b (for x86)
-should only require 4-byte alignment.
-
-This patch tries to add 8-byte alignents to data needing atomic ops
-which helps clang to not generate the libatomic calls but emit
-builtins directly.
-
-Upstream-Status: Submitted[https://jira.mariadb.org/browse/MDEV-28162]
-Signed-off-by: Khem Raj <raj.khem@...>
-
---- a/include/my_atomic.h
-+++ b/include/my_atomic.h
-@@ -115,6 +115,16 @@
- #include "atomic/gcc_builtins.h"
- #endif
-
-+#include <stdint.h>
-+
-+# ifdef __GNUC__
-+typedef __attribute__((__aligned__(8))) int64 ATOMIC_I64;
-+typedef __attribute__((__aligned__(8))) uint64 ATOMIC_U64;
-+# else
-+typedef int64 ATOMIC_I64;
-+typedef uint64 ATOMIC_U64;
-+# endif
-+
- #if SIZEOF_LONG == 4
- #define my_atomic_addlong(A,B) my_atomic_add32((int32*) (A), (B))
- #define my_atomic_loadlong(A) my_atomic_load32((int32*) (A))
-@@ -123,12 +133,12 @@
- #define my_atomic_faslong(A,B) my_atomic_fas32((int32*) (A), (B))
- #define my_atomic_caslong(A,B,C) my_atomic_cas32((int32*) (A), (int32*) (B), (C))
- #else
--#define my_atomic_addlong(A,B) my_atomic_add64((int64*) (A), (B))
--#define my_atomic_loadlong(A) my_atomic_load64((int64*) (A))
--#define my_atomic_loadlong_explicit(A,O) my_atomic_load64_explicit((int64*) (A), (O))
--#define my_atomic_storelong(A,B) my_atomic_store64((int64*) (A), (B))
--#define my_atomic_faslong(A,B) my_atomic_fas64((int64*) (A), (B))
--#define my_atomic_caslong(A,B,C) my_atomic_cas64((int64*) (A), (int64*) (B), (C))
-+#define my_atomic_addlong(A,B) my_atomic_add64((ATOMIC_I64*) (A), (B))
-+#define my_atomic_loadlong(A) my_atomic_load64((ATOMIC_I64*) (A))
-+#define my_atomic_loadlong_explicit(A,O) my_atomic_load64_explicit((ATOMIC_I64*) (A), (O))
-+#define my_atomic_storelong(A,B) my_atomic_store64((ATOMIC_I64*) (A), (B))
-+#define my_atomic_faslong(A,B) my_atomic_fas64((ATOMIC_I64*) (A), (B))
-+#define my_atomic_caslong(A,B,C) my_atomic_cas64((ATOMIC_I64*) (A), (ATOMIC_I64*) (B), (C))
- #endif
-
- #ifndef MY_MEMORY_ORDER_SEQ_CST
---- a/storage/perfschema/pfs_atomic.h
-+++ b/storage/perfschema/pfs_atomic.h
-@@ -41,7 +41,7 @@ public:
- }
-
- /** Atomic load. */
-- static inline int64 load_64(int64 *ptr)
-+ static inline int64 load_64(ATOMIC_I64 *ptr)
- {
- return my_atomic_load64(ptr);
- }
-@@ -53,9 +53,9 @@ public:
- }
-
- /** Atomic load. */
-- static inline uint64 load_u64(uint64 *ptr)
-+ static inline uint64 load_u64(ATOMIC_U64 *ptr)
- {
-- return (uint64) my_atomic_load64((int64*) ptr);
-+ return (uint64) my_atomic_load64((ATOMIC_I64*) ptr);
- }
-
- /** Atomic store. */
-@@ -65,7 +65,7 @@ public:
- }
-
- /** Atomic store. */
-- static inline void store_64(int64 *ptr, int64 value)
-+ static inline void store_64(ATOMIC_I64 *ptr, int64 value)
- {
- my_atomic_store64(ptr, value);
- }
-@@ -77,9 +77,9 @@ public:
- }
-
- /** Atomic store. */
-- static inline void store_u64(uint64 *ptr, uint64 value)
-+ static inline void store_u64(ATOMIC_U64 *ptr, uint64 value)
- {
-- my_atomic_store64((int64*) ptr, (int64) value);
-+ my_atomic_store64((ATOMIC_I64*) ptr, (int64) value);
- }
-
- /** Atomic add. */
-@@ -89,7 +89,7 @@ public:
- }
-
- /** Atomic add. */
-- static inline int64 add_64(int64 *ptr, int64 value)
-+ static inline int64 add_64(ATOMIC_I64 *ptr, int64 value)
- {
- return my_atomic_add64(ptr, value);
- }
-@@ -101,9 +101,9 @@ public:
- }
-
- /** Atomic add. */
-- static inline uint64 add_u64(uint64 *ptr, uint64 value)
-+ static inline uint64 add_u64(ATOMIC_U64 *ptr, uint64 value)
- {
-- return (uint64) my_atomic_add64((int64*) ptr, (int64) value);
-+ return (uint64) my_atomic_add64((ATOMIC_I64*) ptr, (int64) value);
- }
-
- /** Atomic compare and swap. */
-@@ -114,7 +114,7 @@ public:
- }
-
- /** Atomic compare and swap. */
-- static inline bool cas_64(int64 *ptr, int64 *old_value,
-+ static inline bool cas_64(ATOMIC_I64 *ptr, ATOMIC_I64 *old_value,
- int64 new_value)
- {
- return my_atomic_cas64(ptr, old_value, new_value);
-@@ -129,10 +129,10 @@ public:
- }
-
- /** Atomic compare and swap. */
-- static inline bool cas_u64(uint64 *ptr, uint64 *old_value,
-+ static inline bool cas_u64(ATOMIC_U64 *ptr, ATOMIC_U64 *old_value,
- uint64 new_value)
- {
-- return my_atomic_cas64((int64*) ptr, (int64*) old_value,
-+ return my_atomic_cas64((ATOMIC_I64*) ptr, (ATOMIC_I64*) old_value,
- (uint64) new_value);
- }
- };
---- a/sql/sql_class.h
-+++ b/sql/sql_class.h
-@@ -1049,7 +1049,7 @@ static inline void update_global_memory_
- (longlong) global_status_var.global_memory_used,
- size));
- // workaround for gcc 4.2.4-1ubuntu4 -fPIE (from DEB_BUILD_HARDENING=1)
-- int64 volatile * volatile ptr= &global_status_var.global_memory_used;
-+ ATOMIC_I64 volatile * volatile ptr= &global_status_var.global_memory_used;
- my_atomic_add64_explicit(ptr, size, MY_MEMORY_ORDER_RELAXED);
- }
-
---- a/storage/innobase/include/srv0mon.h
-+++ b/storage/innobase/include/srv0mon.h
-@@ -49,7 +49,7 @@ enum monitor_running_status {
- typedef enum monitor_running_status monitor_running_t;
-
- /** Monitor counter value type */
--typedef int64_t mon_type_t;
-+typedef ATOMIC_I64 mon_type_t;
-
- /** Two monitor structures are defined in this file. One is
- "monitor_value_t" which contains dynamic counter values for each
-@@ -568,7 +568,7 @@ Use MONITOR_INC if appropriate mutex pro
- if (enabled) { \
- ib_uint64_t value; \
- value = my_atomic_add64_explicit( \
-- (int64*) &MONITOR_VALUE(monitor), 1, \
-+ (ATOMIC_I64*) &MONITOR_VALUE(monitor), 1, \
- MY_MEMORY_ORDER_RELAXED) + 1; \
- /* Note: This is not 100% accurate because of the \
- inherent race, we ignore it due to performance. */ \
-@@ -585,7 +585,7 @@ Use MONITOR_DEC if appropriate mutex pro
- if (enabled) { \
- ib_uint64_t value; \
- value = my_atomic_add64_explicit( \
-- (int64*) &MONITOR_VALUE(monitor), -1, \
-+ (ATOMIC_I64*) &MONITOR_VALUE(monitor), -1, \
- MY_MEMORY_ORDER_RELAXED) - 1; \
- /* Note: This is not 100% accurate because of the \
- inherent race, we ignore it due to performance. */ \
diff --git a/meta-oe/recipes-dbs/mysql/mariadb_10.7.3.bb b/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb
similarity index 100%
rename from meta-oe/recipes-dbs/mysql/mariadb_10.7.3.bb
rename to meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb
--
2.25.1


do_patch failing when executed multiple times in the same S=WORKDIR Was: [yocto] Strange sporadic build issues (incremental builds in docker container)

Martin Jansa
 

On Wed, Mar 30, 2022 at 11:29 PM Trevor Woerner <twoerner@...> wrote:
On Wed 2022-03-30 @ 04:08:31 PM, Richard Purdie wrote:
> On Wed, 2022-03-30 at 09:40 -0400, Trevor Woerner wrote:
> > Hi Matthias,
> >
> > On Wed 2022-03-30 @ 06:32:00 AM, Matthias Klein wrote:
> > > Yes, you are right, it is mostly the same recipes that fail. But they also change from time to time.
> > > Today it happened to me even without Jenkins and Docker, normally in the console with the recipe keymaps_1.0.bb.
> >
> > And keymaps follows the exact same pattern as modutils-initscripts and
> > initscripts; namely that their sources are entirely contained in-tree:
> >
> >     keymaps/
> >     ├── files
> >     │   ├── GPLv2.patch
> >     │   └── keymap.sh
> >     └── keymaps_1.0.bb
> >
> >     keymaps/keymaps_1.0.bb
> >      23 SRC_URI = "file://keymap.sh \
> >      24            file://GPLv2.patch"
> >
> > Any recipe that follows this pattern is susceptible, it's probably just a
> > coincidence that most of my failures happened to be with the two recipes I
> > mentioned.
> >
> > This issue has revealed a bug, and fixing that bug would be great. However,
> > the thing is, keymap.sh is a shell program written 12 years ago which hasn't
> > changed since. The GPL/COPYING file is only there for "reasons". The license
> > file doesn't *need* to be moved into the build area for this recipe to get its
> > job done (namely installing keymap.sh into the image's sysvinit).
>
> The "good" news is I did work out how to reproduce this.
>
> bitbake keymaps -c clean
> bitbake keymaps
> bitbake keymaps -c unpack -f
> bitbake keymaps -c patch
> bitbake keymaps -c unpack -f
> bitbake keymaps -c patch

Awesome! That is a very simple and quick reproducer!

> I haven't looked at why but hopefully that helps us more forward with looking at
> the issue.
>
> The complications with S == WORKDIR were one of the reasons I did start work on
> patches to make it work better and maybe move fetching into a dedicated
> direction rather than WORKDIR and then symlink things. I never got that patch to
> work well enough to submit though (and it is too late for a major change like
> that in this release).

As per our conversation I quickly tried the following (not that I expected
this to be a final solution, but just a poking-around kind of thing):

        diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
        index cc81461473..503da61b3d 100644
        --- a/meta/classes/base.bbclass
        +++ b/meta/classes/base.bbclass
        @@ -170,6 +170,7 @@ do_unpack[dirs] = "${WORKDIR}"
         do_unpack[cleandirs] = "${@d.getVar('S') if os.path.normpath(d.getVar('S')) != os.path.normpath(d.getVar('WORKDIR')) else os.path.join('${S}', 'patches')}"

         python base_do_unpack() {
        +    bb.utils.remove(d.getVar('B') + "/.pc", recurse=True)
             src_uri = (d.getVar('SRC_URI') or "").split()
             if not src_uri:
                 return

And it changed the error message from:

        $ bitbake keymaps -c patch
        ...
        ERROR: keymaps-1.0-r31 do_patch: Applying patch 'GPLv2.patch' on target directory '/z/build-master/quilt-fix/qemux86/nodistro/build/tmp-glibc/work/qemux86-oe-linux/keymaps/1.0-r31'
        CmdError('quilt --quiltrc /z/build-master/quilt-fix/qemux86/nodistro/build/tmp-glibc/work/qemux86-oe-linux/keymaps/1.0-r31/recipe-sysroot-native/etc/quiltrc push', 0, 'stdout:
        stderr: File series fully applied, ends at patch GPLv2.patch
        ')

to:

        $ bitbake keymaps -c patch
        ...
        ERROR: keymaps-1.0-r31 do_patch: Applying patch 'GPLv2.patch' on target directory '/z/build-master/quilt-fix/qemux86/nodistro/build/tmp-glibc/work/qemux86-oe-linux/keymaps/1.0-r31'
        CmdError('quilt --quiltrc /z/build-master/quilt-fix/qemux86/nodistro/build/tmp-glibc/work/qemux86-oe-linux/keymaps/1.0-r31/recipe-sysroot-native/etc/quiltrc push', 0, 'stdout: Applying patch GPLv2.patch
        The next patch would create the file COPYING,
        which already exists!  Applying it anyway.
        patching file COPYING
        Hunk #1 FAILED at 1.
        1 out of 1 hunk FAILED -- rejects in file COPYING
        Patch GPLv2.patch can be reverse-applied

        stderr: ')

progress? https://www.reddit.com/r/ProgrammerHumor/comments/8j5qim/progress/

+oe-core ML as it isn't poky/yocto specific

Just small update as multiple people mentioned this (in case I don't send the final fix later today).

There are couple recipes affected by this e.g. keymaps (.patch already removed in oe-core), makedevs (.patch removal sent to ML yesterday https://lists.openembedded.org/g/openembedded-core/message/166172), devmem2 (https://lists.openembedded.org/g/openembedded-devel/message/97270), but there are other recipes with S = "${WORKDIR}" where you can trigger this e.g. by having a .patch file in DISTRO layer .bbappend (e.g. tzdata with webOS https://github.com/webosose/meta-webosose/blob/06e5298d9f5c47679b679081d9930f8d1c776142/meta-webos/recipes-extended/tzdata/tzdata.bbappend#L10)

This do_patch issue is caused by:
introduced in kirkstone with:

I'm still looking how to fix this properly, but the shortest sequence to reproduce this is just
bitbake keymaps -c patch
bitbake keymaps -c unpack -f
bitbake keymaps -c patch

And the change in quilt behavior is causing QuiltTree.Clean (quilt pop -a -f) in:

to fail with "No series file found" before undoing the patches in WORKDIR.

Removing ".pc" as Trevor tried above doesn't help, because we really need quilt's help to undo the patches (in this case to delete COPYING file from WORKDIR before applying the .patch which tries to add it again), because do_unpack cannot just wipe S and start over (because S == WORKDIR) - not selectively removing the files listed in SRC_URI, because COPYING file isn't listed there.

Using skip_series_check in 'quilt pop' (partially reverting the change from upstream) helps a bit, but might be difficult to upstream.

Will send a fix later today or next week.

Cheers,


Re: [meta-filesystems][dunfell][PATCH] fuse: Set CVE_PRODUCT

Ranjitsinh Rathod
 

Hi Armin,

We have sent this patch for dunfell so you can take this.
This will get applied without any conflicts.


Thanks,

Best Regards,

Ranjitsinh Rathod
Technical Leader |  | KPIT Technologies Ltd.
Cellphone: +91-84606 92403
__________________________________________
KPIT | Follow us on LinkedIn


From: openembedded-devel@... <openembedded-devel@...> on behalf of omkar via lists.openembedded.org <omkarpatil10.93=gmail.com@...>
Sent: Thursday, May 26, 2022 3:14 PM
To: openembedded-devel@... <openembedded-devel@...>; omkarpatil10.93@... <omkarpatil10.93@...>
Cc: Ranjitsinh Rathod <Ranjitsinh.Rathod@...>; Omkar Patil <Omkar.Patil@...>
Subject: [oe][meta-filesystems][dunfell][PATCH] fuse: Set CVE_PRODUCT
 
Caution: This email originated from outside of the KPIT. Do not click links or open attachments unless you recognize the sender and know the content is safe.

From: Omkar Patil <omkar.patil@...>

set CVE_PRODUCT to avoid wrongly reported CVEs

Signed-off-by: Omkar Patil <omkar.patil@...>
Signed-off-by: Omkar Patil <omkarpatil10.93@...>
---
 meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb | 3 +++
 meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb  | 6 ++----
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
index 24b17fc93..b15bcd228 100644
--- a/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
@@ -22,6 +22,9 @@ UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>3(\.\d+)+).tar.xz"

 inherit meson pkgconfig

+# set vendor along with fuse to fix wrongly reported CVEs
+CVE_PRODUCT = "fuse_project:fuse"
+
 DEPENDS = "udev"

 PACKAGES =+ "fuse3-utils"
diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
index 49682b3cd..cfd9650c9 100644
--- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
@@ -19,10 +19,8 @@ SRC_URI = "https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Flibfuse%2Flibfuse%2Freleases%2Fdownload%2F%24&amp;data=05%7C01%7Cranjitsinh.rathod%40kpit.com%7C83b651494f5444d27b7408da3efc9091%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637891551789489516%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=8ioNpnZj3C%2BoQR0JYG3ug7T23KvkRXMX9ST3YUwhzQM%3D&amp;reserved=0{BP}/${BP}.tar.
 SRC_URI[md5sum] = "8000410aadc9231fd48495f7642f3312"
 SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7c1b4b5"

-# CVE-2019-14860 is a REDHAT specific issue and was addressed for REDHAT Fuse products on Red Hat Fuse 7.4.1 and Red Hat Fuse 7.5.0.
-# REDHAT has also released the fix and updated their security advisories after significant releases.
-CVE_PRODUCT = "fuse"
-CVE_CHECK_WHITELIST += "CVE-2019-14860"
+# set vendor along with fuse to fix wrongly reported CVEs
+CVE_PRODUCT = "fuse_project:fuse"

 UPSTREAM_CHECK_URI = "https://apc01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Flibfuse%2Flibfuse%2Freleases&amp;data=05%7C01%7Cranjitsinh.rathod%40kpit.com%7C83b651494f5444d27b7408da3efc9091%7C3539451eb46e4a26a242ff61502855c7%7C0%7C0%7C637891551789489516%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&amp;sdata=o2sHG5VW6H%2BXEqkBThXg81ziwC6%2FaTFcbSYtVSpxrQ4%3D&amp;reserved=0"
 UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz"
--
2.17.1

This message contains information that may be privileged or confidential and is the property of the KPIT Technologies Ltd. It is intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to read, print, retain copy, disseminate, distribute, or use this message or any part thereof. If you receive this message in error, please notify the sender immediately and delete all copies of this message. KPIT Technologies Ltd. does not accept any liability for virus infected mails.


[meta-filesystems][dunfell][PATCH] fuse: Set CVE_PRODUCT

omkar
 

From: Omkar Patil <omkar.patil@...>

set CVE_PRODUCT to avoid wrongly reported CVEs

Signed-off-by: Omkar Patil <omkar.patil@...>
Signed-off-by: Omkar Patil <omkarpatil10.93@...>
---
meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb | 3 +++
meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb | 6 ++----
2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
index 24b17fc93..b15bcd228 100644
--- a/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse3_3.9.2.bb
@@ -22,6 +22,9 @@ UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>3(\.\d+)+).tar.xz"

inherit meson pkgconfig

+# set vendor along with fuse to fix wrongly reported CVEs
+CVE_PRODUCT = "fuse_project:fuse"
+
DEPENDS = "udev"

PACKAGES =+ "fuse3-utils"
diff --git a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
index 49682b3cd..cfd9650c9 100644
--- a/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
+++ b/meta-filesystems/recipes-support/fuse/fuse_2.9.9.bb
@@ -19,10 +19,8 @@ SRC_URI = "https://github.com/libfuse/libfuse/releases/download/${BP}/${BP}.tar.
SRC_URI[md5sum] = "8000410aadc9231fd48495f7642f3312"
SRC_URI[sha256sum] = "d0e69d5d608cc22ff4843791ad097f554dd32540ddc9bed7638cc6fea7c1b4b5"

-# CVE-2019-14860 is a REDHAT specific issue and was addressed for REDHAT Fuse products on Red Hat Fuse 7.4.1 and Red Hat Fuse 7.5.0.
-# REDHAT has also released the fix and updated their security advisories after significant releases.
-CVE_PRODUCT = "fuse"
-CVE_CHECK_WHITELIST += "CVE-2019-14860"
+# set vendor along with fuse to fix wrongly reported CVEs
+CVE_PRODUCT = "fuse_project:fuse"

UPSTREAM_CHECK_URI = "https://github.com/libfuse/libfuse/releases"
UPSTREAM_CHECK_REGEX = "fuse\-(?P<pver>2(\.\d+)+).tar.gz"
--
2.17.1


Re: Honister merge request: May 25th

Khem Raj
 

merged thanks

On Wed, May 25, 2022 at 7:20 PM akuster808 <akuster808@...> wrote:

The following changes since commit 9a0caf5b09e14a28a54c3f8524d97530aeb8152c:

zabbix: Fix sereval CVEs (2022-04-16 09:48:15 -0700)

are available in the Git repository at:

https://git.openembedded.org/meta-openembedded honister-next

for you to fetch changes up to 0e6c34f82ca4d43cbca3754c5fe37c5b3bdd0f37:

ostree: prevent ostree-native depending on target virtual/kernel to
provide kernel-module-overlay (2022-05-23 07:43:39 -0700)

----------------------------------------------------------------
Martin Jansa (1):
ostree: prevent ostree-native depending on target virtual/kernel
to provide kernel-module-overlay

Nicolas Dechesne (1):
imlib2: update SRC_URI

meta-oe/recipes-extended/ostree/ostree_2021.3.bb | 2 +-
meta-oe/recipes-graphics/imlib2/imlib2_git.bb | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)


Honister merge request: May 25th

Armin Kuster
 

The following changes since commit 9a0caf5b09e14a28a54c3f8524d97530aeb8152c:

  zabbix: Fix sereval CVEs (2022-04-16 09:48:15 -0700)

are available in the Git repository at:

  https://git.openembedded.org/meta-openembedded honister-next

for you to fetch changes up to 0e6c34f82ca4d43cbca3754c5fe37c5b3bdd0f37:

  ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay (2022-05-23 07:43:39 -0700)

----------------------------------------------------------------
Martin Jansa (1):
      ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay

Nicolas Dechesne (1):
      imlib2: update SRC_URI

 meta-oe/recipes-extended/ostree/ostree_2021.3.bb | 2 +-
 meta-oe/recipes-graphics/imlib2/imlib2_git.bb    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)


Re: [kirkstone][PATCH 3/3] devmem2: update SRC_URI according to redirect

Martin Jansa
 

buildroot removed it in 2019 and recommends to use busybox version instead:
https://github.com/buildroot/buildroot/commit/2b2579afebfc7a9b8a458af1f2d206101fbfa19c

"Use the the Busybox devmem utility, instead, which provides the same functionality."

On Wed, May 25, 2022 at 8:32 PM Khem Raj <raj.khem@...> wrote:
On Wed, May 25, 2022 at 11:08 AM Denys Dmytriyenko <denis@...> wrote:
>
> Sure, I can do that and put it in the repo, since I've made few patches on top
> of it... Before I do that, are there any objections? Bootlin?

I would suggest to cross post with buildroot and see if there is
interest in using it from
a separate repository.

>
>
> On Wed, May 25, 2022 at 08:03:58PM +0200, Martin Jansa wrote:
> > Anyone willing to create a repo for this on github instead of patching this
> > in metadata?
> >
> > This is another reproducer for do_patch issue described here
> > https://lists.yoctoproject.org/g/yocto/message/56602
> >
> > On Fri, May 13, 2022 at 1:43 AM Denys Dmytriyenko <denis@...> wrote:
> >
> > > From: Michael Opdenacker <michael.opdenacker@...>
> > >
> > > http://www.free-electrons.com now redirects to https://bootlin.com
> > >
> > > Signed-off-by: Michael Opdenacker <michael.opdenacker@...>
> > > Signed-off-by: Khem Raj <raj.khem@...>
> > > Signed-off-by: Denys Dmytriyenko <denis@...>
> > > ---
> > >  meta-oe/recipes-support/devmem2/devmem2.bb | 2 +-
> > >  1 file changed, 1 insertion(+), 1 deletion(-)
> > >
> > > diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb
> > > b/meta-oe/recipes-support/devmem2/devmem2.bb
> > > index ba7aad8ab..70d413521 100644
> > > --- a/meta-oe/recipes-support/devmem2/devmem2.bb
> > > +++ b/meta-oe/recipes-support/devmem2/devmem2.bb
> > > @@ -3,7 +3,7 @@ LICENSE = "GPL-2.0-or-later"
> > >  LIC_FILES_CHKSUM =
> > > "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
> > >  PR = "r7"
> > >
> > > -SRC_URI = "
> > > http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c
> > > \
> > > +SRC_URI = "
> > > https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
> > >             file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \
> > >
> > > file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \
> > >
> > > file://0001-devmem2-support-different-page-sizes-at-run-time.patch \
> > > --
> > > 2.25.1
>
>
>


Re: [kirkstone][PATCH 3/3] devmem2: update SRC_URI according to redirect

Khem Raj
 

On Wed, May 25, 2022 at 11:08 AM Denys Dmytriyenko <denis@...> wrote:

Sure, I can do that and put it in the repo, since I've made few patches on top
of it... Before I do that, are there any objections? Bootlin?
I would suggest to cross post with buildroot and see if there is
interest in using it from
a separate repository.



On Wed, May 25, 2022 at 08:03:58PM +0200, Martin Jansa wrote:
Anyone willing to create a repo for this on github instead of patching this
in metadata?

This is another reproducer for do_patch issue described here
https://lists.yoctoproject.org/g/yocto/message/56602

On Fri, May 13, 2022 at 1:43 AM Denys Dmytriyenko <denis@...> wrote:

From: Michael Opdenacker <michael.opdenacker@...>

http://www.free-electrons.com now redirects to https://bootlin.com

Signed-off-by: Michael Opdenacker <michael.opdenacker@...>
Signed-off-by: Khem Raj <raj.khem@...>
Signed-off-by: Denys Dmytriyenko <denis@...>
---
meta-oe/recipes-support/devmem2/devmem2.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb
b/meta-oe/recipes-support/devmem2/devmem2.bb
index ba7aad8ab..70d413521 100644
--- a/meta-oe/recipes-support/devmem2/devmem2.bb
+++ b/meta-oe/recipes-support/devmem2/devmem2.bb
@@ -3,7 +3,7 @@ LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM =
"file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
PR = "r7"

-SRC_URI = "
http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c
\
+SRC_URI = "
https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \

file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \

file://0001-devmem2-support-different-page-sizes-at-run-time.patch \
--
2.25.1


Re: [kirkstone][PATCH 3/3] devmem2: update SRC_URI according to redirect

Martin Jansa
 


On Wed, May 25, 2022 at 8:04 PM Martin Jansa via lists.openembedded.org <Martin.Jansa=gmail.com@...> wrote:
Anyone willing to create a repo for this on github instead of patching this in metadata?

This is another reproducer for do_patch issue described here https://lists.yoctoproject.org/g/yocto/message/56602

On Fri, May 13, 2022 at 1:43 AM Denys Dmytriyenko <denis@...> wrote:
From: Michael Opdenacker <michael.opdenacker@...>

http://www.free-electrons.com now redirects to https://bootlin.com

Signed-off-by: Michael Opdenacker <michael.opdenacker@...>
Signed-off-by: Khem Raj <raj.khem@...>
Signed-off-by: Denys Dmytriyenko <denis@...>
---
 meta-oe/recipes-support/devmem2/devmem2.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-oe/recipes-support/devmem2/devmem2.bb
index ba7aad8ab..70d413521 100644
--- a/meta-oe/recipes-support/devmem2/devmem2.bb
+++ b/meta-oe/recipes-support/devmem2/devmem2.bb
@@ -3,7 +3,7 @@ LICENSE = "GPL-2.0-or-later"
 LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
 PR = "r7"

-SRC_URI = "http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
+SRC_URI = "https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
            file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \
            file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \
            file://0001-devmem2-support-different-page-sizes-at-run-time.patch \
--
2.25.1








Re: [kirkstone][PATCH 3/3] devmem2: update SRC_URI according to redirect

Denys Dmytriyenko
 

Sure, I can do that and put it in the repo, since I've made few patches on top
of it... Before I do that, are there any objections? Bootlin?

On Wed, May 25, 2022 at 08:03:58PM +0200, Martin Jansa wrote:
Anyone willing to create a repo for this on github instead of patching this
in metadata?

This is another reproducer for do_patch issue described here
https://lists.yoctoproject.org/g/yocto/message/56602

On Fri, May 13, 2022 at 1:43 AM Denys Dmytriyenko <denis@...> wrote:

From: Michael Opdenacker <michael.opdenacker@...>

http://www.free-electrons.com now redirects to https://bootlin.com

Signed-off-by: Michael Opdenacker <michael.opdenacker@...>
Signed-off-by: Khem Raj <raj.khem@...>
Signed-off-by: Denys Dmytriyenko <denis@...>
---
meta-oe/recipes-support/devmem2/devmem2.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb
b/meta-oe/recipes-support/devmem2/devmem2.bb
index ba7aad8ab..70d413521 100644
--- a/meta-oe/recipes-support/devmem2/devmem2.bb
+++ b/meta-oe/recipes-support/devmem2/devmem2.bb
@@ -3,7 +3,7 @@ LICENSE = "GPL-2.0-or-later"
LIC_FILES_CHKSUM =
"file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
PR = "r7"

-SRC_URI = "
http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c
\
+SRC_URI = "
https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \

file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \

file://0001-devmem2-support-different-page-sizes-at-run-time.patch \
--
2.25.1


Re: [kirkstone][PATCH 3/3] devmem2: update SRC_URI according to redirect

Martin Jansa
 

Anyone willing to create a repo for this on github instead of patching this in metadata?

This is another reproducer for do_patch issue described here https://lists.yoctoproject.org/g/yocto/message/56602

On Fri, May 13, 2022 at 1:43 AM Denys Dmytriyenko <denis@...> wrote:
From: Michael Opdenacker <michael.opdenacker@...>

http://www.free-electrons.com now redirects to https://bootlin.com

Signed-off-by: Michael Opdenacker <michael.opdenacker@...>
Signed-off-by: Khem Raj <raj.khem@...>
Signed-off-by: Denys Dmytriyenko <denis@...>
---
 meta-oe/recipes-support/devmem2/devmem2.bb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-oe/recipes-support/devmem2/devmem2.bb
index ba7aad8ab..70d413521 100644
--- a/meta-oe/recipes-support/devmem2/devmem2.bb
+++ b/meta-oe/recipes-support/devmem2/devmem2.bb
@@ -3,7 +3,7 @@ LICENSE = "GPL-2.0-or-later"
 LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf"
 PR = "r7"

-SRC_URI = "http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
+SRC_URI = "https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \
            file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \
            file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \
            file://0001-devmem2-support-different-page-sizes-at-run-time.patch \
--
2.25.1





Re: [PATCH 5/7] python3-hatchling: add new recipe and build class

Khem Raj
 

On Wed, May 25, 2022 at 3:37 AM Ross Burton <Ross.Burton@...> wrote:

Sorry, forgot to say that this series depends on a patch I’ve sent for oe-core (to add pluggy-native).
yeah figured

Ross

On 24 May 2022, at 21:32, Khem Raj <raj.khem@...> wrote:

Its failing YP compat checks see

https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/1778

On Tue, May 24, 2022 at 5:12 AM Ross Burton <ross.burton@...> wrote:

Hatchling is the build backend used by the Hatch tool. Add the recipe
and a pep517 build class.

Signed-off-by: Ross Burton <ross.burton@...>
---
meta-python/classes/python_hatchling.bbclass | 5 +++++
.../packagegroups/packagegroup-meta-python.bb | 1 +
.../python/python3-hatchling_1.3.0.bb | 21 +++++++++++++++++++
3 files changed, 27 insertions(+)
create mode 100644 meta-python/classes/python_hatchling.bbclass
create mode 100644 meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb

diff --git a/meta-python/classes/python_hatchling.bbclass b/meta-python/classes/python_hatchling.bbclass
new file mode 100644
index 0000000000..b3cbe23601
--- /dev/null
+++ b/meta-python/classes/python_hatchling.bbclass
@@ -0,0 +1,5 @@
+inherit python_pep517 python3native python3-dir setuptools3-base
+
+DEPENDS += "python3-hatchling-native"
+
+PEP517_BUILD_API = "hatchling.build"
diff --git a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
index 2fcf34260c..80ec0720fd 100644
--- a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
+++ b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
@@ -168,6 +168,7 @@ RDEPENDS:packagegroup-meta-python3 = "\
python3-h11 \
python3-h2 \
python3-h5py \
+ python3-hatchling \
python3-haversine \
python3-hpack \
python3-html2text \
diff --git a/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb
new file mode 100644
index 0000000000..a6550a9732
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb
@@ -0,0 +1,21 @@
+SUMMARY = "The extensible, standards compliant build backend used by Hatch"
+HOMEPAGE = "https://hatch.pypa.io/latest/"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=cbe2fd33fc9297692812fc94b7d27fd9"
+
+inherit pypi python_hatchling
+
+DEPENDS += "python3-pluggy-native python3-tomli-native python3-pathspec-native python3-packaging-native python3-editables-native"
+DEPENDS:remove:class-native = "python3-hatchling-native"
+
+SRC_URI[sha256sum] = "1401d45d3dd6a5910f64d539acaa943486d5e8b7dda1a97f2b0040fdddc5b85e"
+
+# Until we have a proper tool to invoke PEP517 builds, hatchling can't
+# bootstrap itself automatically.
+PEP517_BUILD_API = "hatchling.ouroboros"
+
+do_compile:prepend() {
+ export PYTHONPATH=src
+}
+
+BBCLASSEXTEND = "native nativesdk"
--
2.25.1



[meta-oe][dunfell][PATCH] tcpdump: Add fix for CVE-2018-16301

Riyaz Ahmed Khan
 

From: Riyaz Ahmed Khan <Riyaz.Khan@...>

Add patch for CVE issue: CVE-2018-16301
Link: https://github.com/the-tcpdump-group/tcpdump/commit/8ab211a7ec728bb0ad8c766c8eeb12deb0a13b86

Upstream-Status: Pending

Issue: MGUBSYS-5370

Change-Id: I2aac084e61ba9d71ae614a97b4924eaa60328b79
Signed-off-by: Riyaz Ahmed Khan <Riyaz.Khan@...>
---
.../tcpdump/tcpdump/CVE-2018-16301.patch | 111 ++++++++++++++++++
.../recipes-support/tcpdump/tcpdump_4.9.3.bb | 1 +
2 files changed, 112 insertions(+)
create mode 100644 meta-networking/recipes-support/tcpdump/tcpdump/CVE-2018-16301.patch

diff --git a/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2018-16301.patch b/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2018-16301.patch
new file mode 100644
index 000000000..5f5c68ccd
--- /dev/null
+++ b/meta-networking/recipes-support/tcpdump/tcpdump/CVE-2018-16301.patch
@@ -0,0 +1,111 @@
+From 8ab211a7ec728bb0ad8c766c8eeb12deb0a13b86 Mon Sep 17 00:00:00 2001
+From: Guy Harris <gharris@...>
+Date: Wed, 30 Sep 2020 11:37:30 -0700
+Subject: [PATCH] Handle very large -f files by rejecting them.
+
+_read(), on Windows, has a 32-bit size argument and a 32-bit return
+value, so reject -f files that have more than 2^31-1 characters.
+
+Add some #defines so that, on Windows, we use _fstati64 to get the size
+of that file, to handle large files.
+
+Don't assume that our definition for ssize_t is the same size as size_t;
+by the time we want to print the return value of the read, we know it'll
+fit into an int, so just cast it to int and print it with %d.
+
+(cherry picked from commit faf8fb70af3a013e5d662b8283dec742fd6b1a77)
+
+CVE: CVE-2022-25308
+Upstream-Status: Backport [https://github.com/the-tcpdump-group/tcpdump/commit/8ab211a7ec728bb0ad8c766c8eeb12deb0a13b86]
+
+Signed-off-by: Riyaz Ahmed Khan <Riyaz.Khan@...>
+
+---
+ netdissect-stdinc.h | 16 +++++++++++++++-
+ tcpdump.c | 15 ++++++++++++---
+ 2 files changed, 27 insertions(+), 4 deletions(-)
+
+diff --git a/netdissect-stdinc.h b/netdissect-stdinc.h
+index 8282c5846..9941c2a16 100644
+--- a/netdissect-stdinc.h
++++ b/netdissect-stdinc.h
+@@ -149,10 +149,17 @@
+ #ifdef _MSC_VER
+ #define stat _stat
+ #define open _open
+-#define fstat _fstat
+ #define read _read
+ #define close _close
+ #define O_RDONLY _O_RDONLY
++
++/*
++ * We define our_fstat64 as _fstati64, and define our_statb as
++ * struct _stati64, so we get 64-bit file sizes.
++ */
++#define our_fstat _fstati64
++#define our_statb struct _stati64
++
+ #endif /* _MSC_VER */
+
+ /*
+@@ -211,6 +218,13 @@ typedef char* caddr_t;
+
+ #include <arpa/inet.h>
+
++/*
++ * We should have large file support enabled, if it's available,
++ * so just use fstat as our_fstat and struct stat as our_statb.
++ */
++#define our_fstat fstat
++#define our_statb struct stat
++
+ #endif /* _WIN32 */
+
+ #ifndef HAVE___ATTRIBUTE__
+diff --git a/tcpdump.c b/tcpdump.c
+index 043bda1d7..8f27ba2a4 100644
+--- a/tcpdump.c
++++ b/tcpdump.c
+@@ -108,6 +108,7 @@ The Regents of the University of California. All rights reserved.\n";
+ #endif /* HAVE_CAP_NG_H */
+ #endif /* HAVE_LIBCAP_NG */
+
++#include "netdissect-stdinc.h"
+ #include "netdissect.h"
+ #include "interface.h"
+ #include "addrtoname.h"
+@@ -861,15 +862,22 @@ read_infile(char *fname)
+ {
+ register int i, fd, cc;
+ register char *cp;
+- struct stat buf;
++ our_statb buf;
+
+ fd = open(fname, O_RDONLY|O_BINARY);
+ if (fd < 0)
+ error("can't open %s: %s", fname, pcap_strerror(errno));
+
+- if (fstat(fd, &buf) < 0)
++ if (our_fstat(fd, &buf) < 0)
+ error("can't stat %s: %s", fname, pcap_strerror(errno));
+
++ /*
++ * Reject files whose size doesn't fit into an int; a filter
++ * *that* large will probably be too big.
++ */
++ if (buf.st_size > INT_MAX)
++ error("%s is too large", fname);
++
+ cp = malloc((u_int)buf.st_size + 1);
+ if (cp == NULL)
+ error("malloc(%d) for %s: %s", (u_int)buf.st_size + 1,
+@@ -878,7 +886,8 @@ read_infile(char *fname)
+ if (cc < 0)
+ error("read %s: %s", fname, pcap_strerror(errno));
+ if (cc != buf.st_size)
+- error("short read %s (%d != %d)", fname, cc, (int)buf.st_size);
++ error("short read %s (%d != %d)", fname, (int) cc,
++ (int)buf.st_size);
+
+ close(fd);
+ /* replace "# comment" with spaces */
diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb
index 2ea493863..66bf21775 100644
--- a/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb
+++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.9.3.bb
@@ -18,6 +18,7 @@ SRC_URI = " \
file://add-ptest.patch \
file://run-ptest \
file://0001-PPP-When-un-escaping-don-t-allocate-a-too-large-buff.patch \
+ file://CVE-2018-16301.patch \
"

SRC_URI[md5sum] = "a4ead41d371f91aa0a2287f589958bae"
--
2.17.1


[meta-oe][master][PATCH] duktape: Add ptest

virendra thakur
 

From: Nikhil R <nikhil.r@...>

The Ptest for duktape executes below tests:

1. hello - a helloworld example is basic compilation test
that test the APIs - duk_get_top(), duk_push_c_function(),
duk_eval_string()

2. eval - a very simple for evaluating expressions from
command line which test the APIs - duk_push_string(),
duk_insert(), duk_join(), duk_pop()

3. evloop - a basic eventloop implementation test
that test the APIs - duk_is_object(), duk_compile()
duk_push_c_function(), duk_safe_call()

Test Summary:
Execution time = 46 sec

Signed-off-by: Nikhil R <nikhil.r@...>
---
.../recipes-extended/duktape/duktape_2.7.0.bb | 22 ++++++++++++-
.../recipes-extended/duktape/files/run-ptest | 32 +++++++++++++++++++
2 files changed, 53 insertions(+), 1 deletion(-)
create mode 100644 meta-oe/recipes-extended/duktape/files/run-ptest

diff --git a/meta-oe/recipes-extended/duktape/duktape_2.7.0.bb b/meta-oe/recipes-extended/duktape/duktape_2.7.0.bb
index 767478543..583e8337e 100644
--- a/meta-oe/recipes-extended/duktape/duktape_2.7.0.bb
+++ b/meta-oe/recipes-extended/duktape/duktape_2.7.0.bb
@@ -4,7 +4,11 @@ HOMEPAGE = "https://duktape.org"
LICENSE = "MIT"
LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b7825df97b52f926fc71300f7880408"

-SRC_URI = "https://duktape.org/duktape-${PV}.tar.xz"
+SRC_URI = "https://duktape.org/duktape-${PV}.tar.xz \
+ file://run-ptest \
+ "
+inherit ptest
+
SRC_URI[sha256sum] = "90f8d2fa8b5567c6899830ddef2c03f3c27960b11aca222fa17aa7ac613c2890"

EXTRA_OEMAKE = "INSTALL_PREFIX='${prefix}' DESTDIR='${D}' LIBDIR='/${baselib}'"
@@ -13,8 +17,24 @@ do_compile () {
oe_runmake -f Makefile.sharedlibrary INSTALL_PREFIX="${prefix}" DESTDIR="${D}"
}

+do_compile_ptest() {
+ oe_runmake -f Makefile.hello INSTALL_PREFIX="${prefix}" DESTDIR="${D}"
+ oe_runmake -f Makefile.eval INSTALL_PREFIX="${prefix}" DESTDIR="${D}"
+ oe_runmake -f Makefile.eventloop INSTALL_PREFIX="${prefix}" DESTDIR="${D}"
+}
+
do_install () {
oe_runmake -f Makefile.sharedlibrary INSTALL_PREFIX="${prefix}" DESTDIR="${D}" install
# libduktaped is identical to libduktape but has an hard-coded -g build flags, remove it
rm -f ${D}${libdir}/libduktaped.so*
}
+
+do_install_ptest() {
+ install -m 0755 "${WORKDIR}/duktape-2.7.0/hello" "${D}${PTEST_PATH}"
+ install -m 0755 "${WORKDIR}/duktape-2.7.0/eval" "${D}${PTEST_PATH}"
+ install -m 0755 "${WORKDIR}/duktape-2.7.0/evloop" "${D}${PTEST_PATH}"
+ install -m 0755 "${WORKDIR}/duktape-2.7.0/examples/eventloop/timer-test.js" "${D}${PTEST_PATH}"
+ install -m 0755 "${WORKDIR}/duktape-2.7.0/examples/eventloop/ecma_eventloop.js" "${D}${PTEST_PATH}"
+}
+
+RDEPENDS_${PN}-ptest += "make"
diff --git a/meta-oe/recipes-extended/duktape/files/run-ptest b/meta-oe/recipes-extended/duktape/files/run-ptest
new file mode 100644
index 000000000..852fb15de
--- /dev/null
+++ b/meta-oe/recipes-extended/duktape/files/run-ptest
@@ -0,0 +1,32 @@
+#!/bin/sh
+
+./hello &> $test.output 2>&1
+out="Hello world!"
+
+if grep -i "$out" $test.output 2>&1 ; then
+ echo "PASS: Hello duktape"
+else
+ echo "FAIL: Hello duktape"
+fi
+rm -f $test.output
+
+./eval "print('Hello world!'); 123;" > out.log
+
+sed -n '2p' out.log > eval.log
+sed -n '3p' out.log >> eval.log
+
+if grep -w 'Hello world!\|123' eval.log 2>&1; then
+ echo "PASS: eval duktape"
+else
+ echo "FAIL: eval duktape"
+fi
+rm -f eval.log out.log
+
+./evloop timer-test.js > evloop.log 2>&1
+
+if grep -i "no active timers and no sockets to poll" evloop.log 2>&1; then
+ echo "PASS: evloop duktape"
+else
+ echo "FAIL: evloop duktape"
+fi
+rm -f evloop.log
--
2.17.1


Re: [PATCH 5/7] python3-hatchling: add new recipe and build class

Ross Burton
 

Sorry, forgot to say that this series depends on a patch I’ve sent for oe-core (to add pluggy-native).

Ross

On 24 May 2022, at 21:32, Khem Raj <raj.khem@...> wrote:

Its failing YP compat checks see

https://autobuilder.yoctoproject.org/typhoon/#/builders/88/builds/1778

On Tue, May 24, 2022 at 5:12 AM Ross Burton <ross.burton@...> wrote:

Hatchling is the build backend used by the Hatch tool. Add the recipe
and a pep517 build class.

Signed-off-by: Ross Burton <ross.burton@...>
---
meta-python/classes/python_hatchling.bbclass | 5 +++++
.../packagegroups/packagegroup-meta-python.bb | 1 +
.../python/python3-hatchling_1.3.0.bb | 21 +++++++++++++++++++
3 files changed, 27 insertions(+)
create mode 100644 meta-python/classes/python_hatchling.bbclass
create mode 100644 meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb

diff --git a/meta-python/classes/python_hatchling.bbclass b/meta-python/classes/python_hatchling.bbclass
new file mode 100644
index 0000000000..b3cbe23601
--- /dev/null
+++ b/meta-python/classes/python_hatchling.bbclass
@@ -0,0 +1,5 @@
+inherit python_pep517 python3native python3-dir setuptools3-base
+
+DEPENDS += "python3-hatchling-native"
+
+PEP517_BUILD_API = "hatchling.build"
diff --git a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
index 2fcf34260c..80ec0720fd 100644
--- a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
+++ b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
@@ -168,6 +168,7 @@ RDEPENDS:packagegroup-meta-python3 = "\
python3-h11 \
python3-h2 \
python3-h5py \
+ python3-hatchling \
python3-haversine \
python3-hpack \
python3-html2text \
diff --git a/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb
new file mode 100644
index 0000000000..a6550a9732
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb
@@ -0,0 +1,21 @@
+SUMMARY = "The extensible, standards compliant build backend used by Hatch"
+HOMEPAGE = "https://hatch.pypa.io/latest/"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=cbe2fd33fc9297692812fc94b7d27fd9"
+
+inherit pypi python_hatchling
+
+DEPENDS += "python3-pluggy-native python3-tomli-native python3-pathspec-native python3-packaging-native python3-editables-native"
+DEPENDS:remove:class-native = "python3-hatchling-native"
+
+SRC_URI[sha256sum] = "1401d45d3dd6a5910f64d539acaa943486d5e8b7dda1a97f2b0040fdddc5b85e"
+
+# Until we have a proper tool to invoke PEP517 builds, hatchling can't
+# bootstrap itself automatically.
+PEP517_BUILD_API = "hatchling.ouroboros"
+
+do_compile:prepend() {
+ export PYTHONPATH=src
+}
+
+BBCLASSEXTEND = "native nativesdk"
--
2.25.1



Re: [meta-python][PATCH] python3-uinput: new package

Tim Orling
 



On Tue, May 24, 2022 at 12:46 PM Bartosz Golaszewski <brgl@...> wrote:
Add a recipe for python3-uinput: a python module for controlling the
virtual input devices on linux.

Signed-off-by: Bartosz Golaszewski <brgl@...>
---
 .../packagegroups/packagegroup-meta-python.bb |  1 +
 ...-use-setuptools-instead-of-distutils.patch | 28 +++++++++++++++++++
 .../python/python3-uinput_0.11.2.bb           | 18 ++++++++++++
 3 files changed, 47 insertions(+)
 create mode 100644 meta-python/recipes-devtools/python/python3-uinput/0001-setup-use-setuptools-instead-of-distutils.patch
 create mode 100644 meta-python/recipes-devtools/python/python3-uinput_0.11.2.bb

diff --git a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
index 6ca652e12..e3ae050ec 100644
--- a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
+++ b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
@@ -436,6 +436,7 @@ RDEPENDS:packagegroup-meta-python3 = "\
     python3-typeguard \
     python3-tzlocal \
     python3-u-msgpack-python \
+    python3-uinput \
     python3-ujson \
     python3-unidiff \
     python3-uritemplate \
diff --git a/meta-python/recipes-devtools/python/python3-uinput/0001-setup-use-setuptools-instead-of-distutils.patch b/meta-python/recipes-devtools/python/python3-uinput/0001-setup-use-setuptools-instead-of-distutils.patch
new file mode 100644
index 000000000..54a3c1867
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-uinput/0001-setup-use-setuptools-instead-of-distutils.patch
@@ -0,0 +1,28 @@
+From 7a4dde83a9584adb42c7f810d882b1fbf5767e2c Mon Sep 17 00:00:00 2001
+From: Bartosz Golaszewski <brgl@...>
+Date: Tue, 24 May 2022 21:43:35 +0200
+Subject: [PATCH] setup: use setuptools instead of distutils
+
+The latter is deprecated, use setuptools instead.
+

Missing Upstream-Status
Please submit upstream and add link to PR, etc.


+Signed-off-by: Bartosz Golaszewski <brgl@...>
+---
+ setup.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/setup.py b/setup.py
+index 3fa3343..4900b8b 100644
+--- a/setup.py
++++ b/setup.py
+@@ -3,7 +3,7 @@
+ import errno
+ import subprocess
+
+-from distutils.core import setup, Extension
++from setuptools import setup, Extension
+
+ libudev_so = "libudev.so.1"
+
+--
+2.34.1
+
diff --git a/meta-python/recipes-devtools/python/python3-uinput_0.11.2.bb b/meta-python/recipes-devtools/python/python3-uinput_0.11.2.bb
new file mode 100644
index 000000000..737bbfe2c
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-uinput_0.11.2.bb
@@ -0,0 +1,18 @@
+SUMMARY = "Python interface to Linux uinput kernel module."
+HOMEPAGE = "https://pypi.org/project/python-uinput/"
+LICENSE = "GPL-3.0-only"
+LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
+
+SRC_URI[sha256sum] = "99392b676c77b5795b86b7d75274db33fe754fd1e06fb3d58b167c797dc47f0c"
+SRC_URI += "file://0001-setup-use-setuptools-instead-of-distutils.patch"
+
+PYPI_PACKAGE = "python-uinput"
+
+inherit pypi setuptools3
+
+DEPENDS += "udev"
+RDEPENDS:${PN} += " \
+    python3-ctypes \
+    python3-distutils \
+"
+RRECOMMENDS:${PN} += "kernel-module-uinput"
--
2.34.1





Re: [PATCH 5/7] python3-hatchling: add new recipe and build class

Khem Raj
 

On Tue, May 24, 2022 at 5:12 AM Ross Burton <ross.burton@...> wrote:

Hatchling is the build backend used by the Hatch tool. Add the recipe
and a pep517 build class.

Signed-off-by: Ross Burton <ross.burton@...>
---
meta-python/classes/python_hatchling.bbclass | 5 +++++
.../packagegroups/packagegroup-meta-python.bb | 1 +
.../python/python3-hatchling_1.3.0.bb | 21 +++++++++++++++++++
3 files changed, 27 insertions(+)
create mode 100644 meta-python/classes/python_hatchling.bbclass
create mode 100644 meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb

diff --git a/meta-python/classes/python_hatchling.bbclass b/meta-python/classes/python_hatchling.bbclass
new file mode 100644
index 0000000000..b3cbe23601
--- /dev/null
+++ b/meta-python/classes/python_hatchling.bbclass
@@ -0,0 +1,5 @@
+inherit python_pep517 python3native python3-dir setuptools3-base
+
+DEPENDS += "python3-hatchling-native"
+
+PEP517_BUILD_API = "hatchling.build"
diff --git a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
index 2fcf34260c..80ec0720fd 100644
--- a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
+++ b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb
@@ -168,6 +168,7 @@ RDEPENDS:packagegroup-meta-python3 = "\
python3-h11 \
python3-h2 \
python3-h5py \
+ python3-hatchling \
python3-haversine \
python3-hpack \
python3-html2text \
diff --git a/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb
new file mode 100644
index 0000000000..a6550a9732
--- /dev/null
+++ b/meta-python/recipes-devtools/python/python3-hatchling_1.3.0.bb
@@ -0,0 +1,21 @@
+SUMMARY = "The extensible, standards compliant build backend used by Hatch"
+HOMEPAGE = "https://hatch.pypa.io/latest/"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=cbe2fd33fc9297692812fc94b7d27fd9"
+
+inherit pypi python_hatchling
+
+DEPENDS += "python3-pluggy-native python3-tomli-native python3-pathspec-native python3-packaging-native python3-editables-native"
+DEPENDS:remove:class-native = "python3-hatchling-native"
+
+SRC_URI[sha256sum] = "1401d45d3dd6a5910f64d539acaa943486d5e8b7dda1a97f2b0040fdddc5b85e"
+
+# Until we have a proper tool to invoke PEP517 builds, hatchling can't
+# bootstrap itself automatically.
+PEP517_BUILD_API = "hatchling.ouroboros"
+
+do_compile:prepend() {
+ export PYTHONPATH=src
+}
+
+BBCLASSEXTEND = "native nativesdk"
--
2.25.1



1721 - 1740 of 99001