diff options
Diffstat (limited to 'meta-oe/recipes-security/keyutils/files')
4 files changed, 158 insertions, 0 deletions
diff --git a/meta-oe/recipes-security/keyutils/files/0001-Adhere-to-the-SOURCE_DATE_EPOCH-standard.patch b/meta-oe/recipes-security/keyutils/files/0001-Adhere-to-the-SOURCE_DATE_EPOCH-standard.patch new file mode 100644 index 0000000000..ecc5b00967 --- /dev/null +++ b/meta-oe/recipes-security/keyutils/files/0001-Adhere-to-the-SOURCE_DATE_EPOCH-standard.patch @@ -0,0 +1,32 @@ +From 3f7f70c746277e1a89978166533374a8b9bd5407 Mon Sep 17 00:00:00 2001 +From: Alex Kiernan <alex.kiernan@gmail.com> +Date: Wed, 25 Jan 2023 17:05:25 +0000 +Subject: [PATCH] Adhere to the SOURCE_DATE_EPOCH standard + +Adhere to the SOURCE_DATE_EPOCH standard and use it's date when set +otherwise fall back to the default behaviour. + +Signed-off-by: Jelle van der Waa <jelle@vdwaa.nl> +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- +Upstream-Status: Pending + + Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Makefile b/Makefile +index 599b1452a05a..7776b0f0d63d 100644 +--- a/Makefile ++++ b/Makefile +@@ -109,7 +109,7 @@ all: keyctl request-key key.dns_resolver cxx + ############################################################################### + #RPATH = -Wl,-rpath,$(LIBDIR) + +-VCPPFLAGS := -DPKGBUILD="\"$(shell date -u +%F)\"" ++VCPPFLAGS := -DPKGBUILD="\"$(date --utc --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%F)\"" + VCPPFLAGS += -DPKGVERSION="\"keyutils-$(VERSION)\"" + VCPPFLAGS += -DAPIVERSION="\"libkeyutils-$(APIVERSION)\"" + +-- +2.39.0 + diff --git a/meta-oe/recipes-security/keyutils/files/0001-tests-builtin_trusted-Failure-command-is-failed.patch b/meta-oe/recipes-security/keyutils/files/0001-tests-builtin_trusted-Failure-command-is-failed.patch new file mode 100644 index 0000000000..b78d7f7f28 --- /dev/null +++ b/meta-oe/recipes-security/keyutils/files/0001-tests-builtin_trusted-Failure-command-is-failed.patch @@ -0,0 +1,27 @@ +From 714542f009860e1652bc06d05ab939290374a114 Mon Sep 17 00:00:00 2001 +From: Alex Kiernan <alex.kiernan@gmail.com> +Date: Thu, 26 Jan 2023 08:27:12 +0000 +Subject: [PATCH 1/2] tests: builtin_trusted: Failure command is `failed` + +Upstream-Status: Pending +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- + tests/features/builtin_trusted/runtest.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/features/builtin_trusted/runtest.sh b/tests/features/builtin_trusted/runtest.sh +index 27910b5fa8e7..437f5ad1d6b2 100644 +--- a/tests/features/builtin_trusted/runtest.sh ++++ b/tests/features/builtin_trusted/runtest.sh +@@ -24,7 +24,7 @@ id_key --to=blk %:.blacklist + # There should be at least one built-in trusted key for module signing. + list_keyring $btk + expect_keyring_rlist bkeys +-if [ `echo $bkeys | wc -w` = 0 ]; then fail; fi ++if [ `echo $bkeys | wc -w` = 0 ]; then failed; fi + + # Check we can't add random keys to those keyrings + marker "TRY ADDING USER KEYS" +-- +2.39.0 + diff --git a/meta-oe/recipes-security/keyutils/files/0001-tests-toolbox.inc.sh-update-regex-for-getting-endian.patch b/meta-oe/recipes-security/keyutils/files/0001-tests-toolbox.inc.sh-update-regex-for-getting-endian.patch new file mode 100644 index 0000000000..314487aef6 --- /dev/null +++ b/meta-oe/recipes-security/keyutils/files/0001-tests-toolbox.inc.sh-update-regex-for-getting-endian.patch @@ -0,0 +1,35 @@ +From b84ecc2e3e56a25a3efd56c8942ad6bab3ff9ba1 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Fri, 2 Dec 2022 15:35:40 +0800 +Subject: [PATCH] tests/toolbox.inc.sh: update regex for getting endian + +Update regex for getting endian in following condition: +/proc/777/exe: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2 + +Upstream-Status: Submitted [Submitted to keyrings@vger.kernel.org ] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + tests/toolbox.inc.sh | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh +index 8bf0db6f6d87..7ea2f253ba7d 100644 +--- a/tests/toolbox.inc.sh ++++ b/tests/toolbox.inc.sh +@@ -13,10 +13,10 @@ + echo === $OUTPUTFILE === + + endian=`file -L /proc/$$/exe` +-if expr "$endian" : '.* MSB \+\(pie executable\|executable\|shared object\).*' >&/dev/null ++if expr "$endian" : '.* MSB .*\(pie executable\|executable\|shared object\).*' >&/dev/null + then + endian=BE +-elif expr "$endian" : '.* LSB \+\(pie executable\|executable\|shared object\).*' >&/dev/null ++elif expr "$endian" : '.* LSB .*\(pie executable\|executable\|shared object\).*' >&/dev/null + then + endian=LE + else +-- +2.39.0 + diff --git a/meta-oe/recipes-security/keyutils/files/0002-tests-Use-head-n1-for-busybox-compatibility.patch b/meta-oe/recipes-security/keyutils/files/0002-tests-Use-head-n1-for-busybox-compatibility.patch new file mode 100644 index 0000000000..900f2f0ec9 --- /dev/null +++ b/meta-oe/recipes-security/keyutils/files/0002-tests-Use-head-n1-for-busybox-compatibility.patch @@ -0,0 +1,64 @@ +From 5e660f246bb04560692ac9fc144574732c7e19e7 Mon Sep 17 00:00:00 2001 +From: Alex Kiernan <alex.kiernan@gmail.com> +Date: Thu, 26 Jan 2023 08:28:16 +0000 +Subject: [PATCH 2/2] tests: Use `head -n1` for busybox compatibility + +Upstream-Status: Pending +Signed-off-by: Alex Kiernan <alex.kiernan@gmail.com> +--- + tests/keyctl/session/valid/runtest.sh | 4 ++-- + tests/keyctl/show/noargs/runtest.sh | 2 +- + tests/toolbox.inc.sh | 2 +- + 3 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/tests/keyctl/session/valid/runtest.sh b/tests/keyctl/session/valid/runtest.sh +index 4c831314c0b0..456e9f32de23 100644 +--- a/tests/keyctl/session/valid/runtest.sh ++++ b/tests/keyctl/session/valid/runtest.sh +@@ -17,7 +17,7 @@ then + expect_key_rdesc rdesc "keyring@.*@.*@.*@_ses[^@]*\$" + + # check the session keyring ID is shown +- seskeyring="`tail -2 $OUTPUTFILE | head -1`" ++ seskeyring="`tail -2 $OUTPUTFILE | head -n1`" + if ! expr "$seskeyring" : "Joined session keyring: [0-9]*" >&/dev/null + then + failed +@@ -30,7 +30,7 @@ new_session qwerty keyctl rdescribe @s "@" + expect_key_rdesc rdesc "keyring@.*@.*@.*@qwerty" + + # check the session keyring ID is shown +-seskeyring="`tail -2 $OUTPUTFILE | head -1`" ++seskeyring="`tail -2 $OUTPUTFILE | head -n1`" + if ! expr "$seskeyring" : "Joined session keyring: [0-9]*" >&/dev/null + then + failed +diff --git a/tests/keyctl/show/noargs/runtest.sh b/tests/keyctl/show/noargs/runtest.sh +index d5072716c76a..a6d8b6b585c4 100644 +--- a/tests/keyctl/show/noargs/runtest.sh ++++ b/tests/keyctl/show/noargs/runtest.sh +@@ -31,7 +31,7 @@ then + fi + + # the first key listed (line 2) should be a keying (the session keyring) ... +-keyring1="`grep -n keyring $OUTPUTFILE | cut -d: -f1 | head -1`" ++keyring1="`grep -n keyring $OUTPUTFILE | cut -d: -f1 | head -n1`" + if [ "$keyring1" != "4" ] + then + failed +diff --git a/tests/toolbox.inc.sh b/tests/toolbox.inc.sh +index 7ea2f253ba7d..a461a73daaa3 100644 +--- a/tests/toolbox.inc.sh ++++ b/tests/toolbox.inc.sh +@@ -229,7 +229,7 @@ function check_notify () + if [ "$1" = "-2" ] + then + shift +- my_logline="`tail -2 $watch_log | head -1`" ++ my_logline="`tail -2 $watch_log | head -n1`" + else + my_logline="`tail -1 $watch_log`" + fi +-- +2.39.0 + |