diff options
Diffstat (limited to 'meta/lib/patchtest')
51 files changed, 3014 insertions, 0 deletions
diff --git a/meta/lib/patchtest/README.md b/meta/lib/patchtest/README.md new file mode 100644 index 0000000000..f66613c0c1 --- /dev/null +++ b/meta/lib/patchtest/README.md @@ -0,0 +1,20 @@ +# patchtest selftests for openembedded-core + +This directory provides a test suite and selftest script for use with the +patchtest repository: https://git.yoctoproject.org/patchtest/ + +To setup for use: + +1. Clone https://git.openembedded.org/openembedded-core (this repo) and https://git.openembedded.org/bitbake/ +2. Clone https://git.yoctoproject.org/patchtest +3. Install the necessary Python modules: in meta/lib/patchtest or the patchtest + repo, do `pip install -r requirements.txt` +4. Add patchtest to PATH: `export PATH=/path/to/patchtest/repo:$PATH` +5. Initialize the environment: `source oe-init-build-env` +6. Add meta-selftest to bblayers.conf: `bitbake-layers add-layer + /path/to/meta-selftest/` (the selftests use this layer's recipes as test + targets) +7. Finally, run the selftest script: `./meta/lib/patchtest/selftest/selftest` + +For more information on using patchtest, see the patchtest repo at +https://git.yoctoproject.org/patchtest/. diff --git a/meta/lib/patchtest/data.py b/meta/lib/patchtest/data.py new file mode 100644 index 0000000000..356259921d --- /dev/null +++ b/meta/lib/patchtest/data.py @@ -0,0 +1,86 @@ +# ex:ts=4:sw=4:sts=4:et +# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- +# +# patchtestdata: module used to share command line arguments between +# patchtest & test suite and a data store between test cases +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only +# +# NOTE: Strictly speaking, unit test should be isolated from outside, +# but patchtest test suites uses command line input data and +# pretest and test test cases may use the datastore defined +# on this module + +import os +import argparse +import collections +import logging + +logger=logging.getLogger('patchtest') +info=logger.info + +default_testdir = os.path.abspath(os.path.dirname(__file__) + "/tests") +default_repodir = os.path.abspath(os.path.dirname(__file__) + "/../../..") + +# Data store commonly used to share values between pre and post-merge tests +PatchTestDataStore = collections.defaultdict(str) + +class PatchTestInput(object): + """Abstract the patchtest argument parser""" + + @classmethod + def set_namespace(cls): + parser = cls.get_parser() + parser.parse_args(namespace=cls) + + @classmethod + def get_parser(cls): + parser = argparse.ArgumentParser() + + target_patch_group = parser.add_mutually_exclusive_group(required=True) + + target_patch_group.add_argument('--patch', metavar='PATCH', dest='patch_path', + help='The patch to be tested') + + target_patch_group.add_argument('--directory', metavar='DIRECTORY', dest='patch_path', + help='The directory containing patches to be tested') + + parser.add_argument('--repodir', metavar='REPO', + default=default_repodir, + help="Name of the repository where patch is merged") + + parser.add_argument('--testdir', metavar='TESTDIR', + default=default_testdir, + help="Directory where test cases are located") + + parser.add_argument('--top-level-directory', '-t', + dest='topdir', + default=None, + help="Top level directory of project (defaults to start directory)") + + parser.add_argument('--pattern', '-p', + dest='pattern', + default='test*.py', + help="Pattern to match test files") + + parser.add_argument('--base-branch', '-b', + dest='basebranch', + help="Branch name used by patchtest to branch from. By default, it uses the current one.") + + parser.add_argument('--base-commit', '-c', + dest='basecommit', + help="Commit ID used by patchtest to branch from. By default, it uses HEAD.") + + parser.add_argument('--debug', '-d', + action='store_true', + help='Enable debug output') + + parser.add_argument('--log-results', + action='store_true', + help='Enable logging to a file matching the target patch name with ".testresult" appended') + + + return parser + diff --git a/meta/lib/patchtest/patch.py b/meta/lib/patchtest/patch.py new file mode 100644 index 0000000000..90faf3eeb4 --- /dev/null +++ b/meta/lib/patchtest/patch.py @@ -0,0 +1,43 @@ +# ex:ts=4:sw=4:sts=4:et +# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- +# +# patchtestpatch: PatchTestPatch class which abstracts a patch file +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import logging +import utils + +logger = logging.getLogger('patchtest') + +class PatchTestPatch(object): + def __init__(self, path, forcereload=False): + self._path = path + self._forcereload = forcereload + + self._contents = None + self._branch = None + + @property + def contents(self): + if self._forcereload or (not self._contents): + logger.debug('Reading %s contents' % self._path) + try: + with open(self._path, newline='') as _f: + self._contents = _f.read() + except IOError: + logger.warn("Reading the mbox %s failed" % self.resource) + return self._contents + + @property + def path(self): + return self._path + + @property + def branch(self): + if not self._branch: + self._branch = utils.get_branch(self._path) + return self._branch diff --git a/meta/lib/patchtest/repo.py b/meta/lib/patchtest/repo.py new file mode 100644 index 0000000000..5f361ac500 --- /dev/null +++ b/meta/lib/patchtest/repo.py @@ -0,0 +1,120 @@ +# ex:ts=4:sw=4:sts=4:et +# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- +# +# patchtestrepo: PatchTestRepo class used mainly to control a git repo from patchtest +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import os +import utils +import logging +import git +from patch import PatchTestPatch + +logger = logging.getLogger('patchtest') +info=logger.info + +class PatchTestRepo(object): + + # prefixes used for temporal branches/stashes + prefix = 'patchtest' + + + def __init__(self, patch, repodir, commit=None, branch=None): + self._repodir = repodir + self._repo = git.Repo.init(repodir) + self._patch = PatchTestPatch(patch) + self._current_branch = self._repo.active_branch.name + + # targeted branch defined on the patch may be invalid, so make sure there + # is a corresponding remote branch + valid_patch_branch = None + if self._patch.branch in self._repo.branches: + valid_patch_branch = self._patch.branch + + # Target Branch + # Priority (top has highest priority): + # 1. branch given at cmd line + # 2. branch given at the patch + # 3. current branch + self._branch = branch or valid_patch_branch or self._current_branch + + # Target Commit + # Priority (top has highest priority): + # 1. commit given at cmd line + # 2. branch given at cmd line + # 3. branch given at the patch + # 3. current HEAD + self._commit = self._get_commitid(commit) or \ + self._get_commitid(branch) or \ + self._get_commitid(valid_patch_branch) or \ + self._get_commitid('HEAD') + + self._workingbranch = "%s_%s" % (PatchTestRepo.prefix, os.getpid()) + + # create working branch. Use the '-B' flag so that we just + # check out the existing one if it's there + self._repo.git.execute(['git', 'checkout', '-B', self._workingbranch, self._commit]) + + self._patchmerged = False + + # Check if patch can be merged using git-am + self._patchcanbemerged = True + try: + # Make sure to get the absolute path of the file + self._repo.git.execute(['git', 'apply', '--check', os.path.abspath(self._patch.path)], with_exceptions=True) + except git.exc.GitCommandError as ce: + self._patchcanbemerged = False + + # for debugging purposes, print all repo parameters + logger.debug("Parameters") + logger.debug("\tRepository : %s" % self._repodir) + logger.debug("\tTarget Commit : %s" % self._commit) + logger.debug("\tTarget Branch : %s" % self._branch) + logger.debug("\tWorking branch : %s" % self._workingbranch) + logger.debug("\tPatch : %s" % self._patch) + + @property + def patch(self): + return self._patch.path + + @property + def branch(self): + return self._branch + + @property + def commit(self): + return self._commit + + @property + def ismerged(self): + return self._patchmerged + + @property + def canbemerged(self): + return self._patchcanbemerged + + def _get_commitid(self, commit): + + if not commit: + return None + + try: + return self._repo.rev_parse(commit).hexsha + except Exception as e: + print(f"Couldn't find commit {commit} in repo") + + return None + + def merge(self): + if self._patchcanbemerged: + self._repo.git.execute(['git', 'am', '--keep-cr', os.path.abspath(self._patch.path)]) + self._patchmerged = True + + def clean(self): + self._repo.git.execute(['git', 'checkout', self._current_branch]) + self._repo.git.execute(['git', 'branch', '-D', self._workingbranch]) + self._patchmerged = False diff --git a/meta/lib/patchtest/requirements.txt b/meta/lib/patchtest/requirements.txt new file mode 100644 index 0000000000..4247b91f09 --- /dev/null +++ b/meta/lib/patchtest/requirements.txt @@ -0,0 +1,7 @@ +boto3 +git-pw>=2.5.0 +GitPython +jinja2 +pylint +pyparsing>=3.0.9 +unidiff diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.fail new file mode 100644 index 0000000000..30c1bc4624 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.fail @@ -0,0 +1,43 @@ +From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001 +From: First Last <first.last@example.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should fail the test_author_valid test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..f3dec1b220c +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,21 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.pass new file mode 100644 index 0000000000..6e82b08bc6 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.1.pass @@ -0,0 +1,43 @@ +From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001 +From: First Last <first.last@address.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should pass the test_author_valid test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..f3dec1b220c +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,21 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.fail new file mode 100644 index 0000000000..745a8f45d9 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.fail @@ -0,0 +1,43 @@ +From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001 +From: Upgrade Helper <auh@auh.yoctoproject.org> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should fail the test_author_valid test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..f3dec1b220c +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,21 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.pass new file mode 100644 index 0000000000..56cb77fa69 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_author_valid.2.pass @@ -0,0 +1,43 @@ +From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001 +From: First Last <averylongemailaddressthatishardtoread.from@address.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should pass the test_author_valid test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..f3dec1b220c +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,21 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.fail new file mode 100644 index 0000000000..6facb8c756 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.fail @@ -0,0 +1,67 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should fail the test_bugzilla_entry_format test. + +[YOCTO 1234] +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.pass new file mode 100644 index 0000000000..2f35458b4f --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_bugzilla_entry_format.pass @@ -0,0 +1,67 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_bugzilla_entry_format test. + +[YOCTO #1234] +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.fail new file mode 100644 index 0000000000..6f4e61c0da --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.fail @@ -0,0 +1,62 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.pass new file mode 100644 index 0000000000..3fbc23fd00 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_commit_message_presence.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_commit_message_presence test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.fail new file mode 100644 index 0000000000..0dda6802d1 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.fail @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should fail the test_mbox_format test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ +%+ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.pass new file mode 100644 index 0000000000..f06ae11d04 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_mbox_format.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_mbox_format test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.1.skip b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.1.skip new file mode 100644 index 0000000000..072ccc28c0 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.1.skip @@ -0,0 +1,35 @@ +From d12db4cfa913b0e7a4b5bd858d3019acc53ce426 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Wed, 30 Aug 2023 12:15:00 -0400 +Subject: [PATCH] selftest-hello: upgrade 1.0 -> 1.1 + +This file should skip the test_series_merge_on_head test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../{selftest-hello_1.0.bb => selftest-hello_1.1.bb} | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + rename meta-selftest/recipes-test/selftest-hello/{selftest-hello_1.0.bb => selftest-hello_1.1.bb} (88%) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.1.bb +similarity index 88% +rename from meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +rename to meta-selftest/recipes-test/selftest-hello/selftest-hello_1.1.bb +index 547587bef4..acc388ec2c 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.1.bb +@@ -1,3 +1,4 @@ ++SUMMARY = "Hello!" + DESCRIPTION = "Simple helloworld application -- selftest variant" + SECTION = "examples" + LICENSE = "MIT" +@@ -16,4 +17,4 @@ do_install() { + install -m 0755 helloworld ${D}${bindir} + } + +-BBCLASSEXTEND = "native nativesdk" +\ No newline at end of file ++BBCLASSEXTEND = "native nativesdk" +-- +2.41.0 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.2.skip b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.2.skip new file mode 100644 index 0000000000..49bd1f8ede --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_series_merge_on_head.2.skip @@ -0,0 +1,41 @@ +From 55208224f492af0ad929555ffc9b95ff1d301c5f Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Thu, 17 Aug 2023 15:02:38 -0400 +Subject: [PATCH] python3-dtc: upgrade 1.6.1 -> 1.7.0 + +Changelog: https://kernel.googlesource.com/pub/scm/utils/dtc/dtc/+log/039a99414e778332d8f9c04cbd3072e1dcc62798 + +Remove custom PV from the recipe since the relevant functionality is in +1.7.0: + +[tgamblin@megalith dtc]$ git tag --contains c001fc01a43e7a06447c06ea3d50bd60641322b8 +v1.7.0 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> +--- + .../python/{python3-dtc_1.6.1.bb => python3-dtc_1.7.0.bb} | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + rename meta/recipes-devtools/python/{python3-dtc_1.6.1.bb => python3-dtc_1.7.0.bb} (92%) + +diff --git a/meta/recipes-devtools/python/python3-dtc_1.6.1.bb b/meta/recipes-devtools/python/python3-dtc_1.7.0.bb +similarity index 92% +rename from meta/recipes-devtools/python/python3-dtc_1.6.1.bb +rename to meta/recipes-devtools/python/python3-dtc_1.7.0.bb +index 95ab0be474..85e48d4694 100644 +--- a/meta/recipes-devtools/python/python3-dtc_1.6.1.bb ++++ b/meta/recipes-devtools/python/python3-dtc_1.7.0.bb +@@ -14,9 +14,8 @@ UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" + + LIC_FILES_CHKSUM = "file://pylibfdt/libfdt.i;beginline=1;endline=6;md5=afda088c974174a29108c8d80b5dce90" + +-SRCREV = "c001fc01a43e7a06447c06ea3d50bd60641322b8" ++SRCREV = "039a99414e778332d8f9c04cbd3072e1dcc62798" + +-PV = "1.6.1+git" + S = "${WORKDIR}/git" + + PYPA_WHEEL = "${S}/dist/libfdt-1.6.2*.whl" +-- +2.41.0 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.fail new file mode 100644 index 0000000000..c5e4df2549 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.fail @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello% fix CVE-1234-56789 + +This should fail the test_shortlog_format test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.pass new file mode 100644 index 0000000000..4948e26afc --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_format.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_shortlog_format test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.fail new file mode 100644 index 0000000000..4ed1242821 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.fail @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 this is a very long commit shortlog with way too many words included in it to pass the test + +This should fail the test_shortlong_length test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.pass new file mode 100644 index 0000000000..ef5066a650 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_shortlog_length.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_shortlog_length test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.1.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.1.fail new file mode 100644 index 0000000000..4ede7271ee --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.1.fail @@ -0,0 +1,65 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should fail the test_signed_off_by_presence test. + +CVE: CVE-1234-56789 + +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.2.fail b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.2.fail new file mode 100644 index 0000000000..f7c3f5145a --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.2.fail @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should fail the test_signed_off_by_presence test. + +CVE: CVE-1234-56789 + +Approved-of-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.pass b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.pass new file mode 100644 index 0000000000..2661c1416f --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMbox.test_signed_off_by_presence.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_signed_off_by_presence test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail new file mode 100644 index 0000000000..dccafcd9bc --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail @@ -0,0 +1,25 @@ +From 60450eefbc2c438a37c5e08759d021b18f0df0a3 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:18:17 -0400 +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE + +This should fail the test_cve_tag_format selftest. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..cc103de6e2e 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -17,4 +17,5 @@ do_install() { + install -m 0755 helloworld ${D}${bindir} + } + ++CVE_CHECK_IGNORE = "CVE-2024-12345" + BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass new file mode 100644 index 0000000000..93a6cc91fb --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass @@ -0,0 +1,25 @@ +From f91073242268d2b2c1a1a705e7fd585679f78a59 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:18:17 -0400 +Subject: [PATCH] selftest-hello: add CVE_STATUS + +This should pass the test_cve_tag_format selftest. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..88c5c98608f 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -17,4 +17,5 @@ do_install() { + install -m 0755 helloworld ${D}${bindir} + } + ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only applies on Windows" + BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.fail new file mode 100644 index 0000000000..61b3784e3c --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.fail @@ -0,0 +1,28 @@ +From 974c3a143bc67faaff9abcc0a06a3d5e692fc660 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 11:51:15 -0400 +Subject: [PATCH] selftest-hello: update LIC_FILES_CHKSUM + +This should fail the test_lic_files_chksum_modified_not_mentioned test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..356921db1dd 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -1,7 +1,7 @@ + DESCRIPTION = "Simple helloworld application -- selftest variant" + SECTION = "examples" + LICENSE = "MIT" +-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f303" + + SRC_URI = "file://helloworld.c" + +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.pass new file mode 100644 index 0000000000..b7be1e8e55 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_modified_not_mentioned.pass @@ -0,0 +1,30 @@ +From 974c3a143bc67faaff9abcc0a06a3d5e692fc660 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 11:51:15 -0400 +Subject: [PATCH] selftest-hello: update LIC_FILES_CHKSUM + +This should pass the test_lic_files_chksum_modified_not_mentioned test. + +License-Update: Stuff happened! + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..356921db1dd 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -1,7 +1,7 @@ + DESCRIPTION = "Simple helloworld application -- selftest variant" + SECTION = "examples" + LICENSE = "MIT" +-LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f303" + + SRC_URI = "file://helloworld.c" + +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.fail new file mode 100644 index 0000000000..a7a0b0bacb --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.fail @@ -0,0 +1,42 @@ +From 74bc209a4fbe4da2f57e153ccfff3d2241dada8d Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should fail the test_lic_files_chksum_presence test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 20 +++++++++++++++++++ + 1 file changed, 20 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..875bcbef859 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,20 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.pass new file mode 100644 index 0000000000..8ffa97ec56 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_lic_files_chksum_presence.pass @@ -0,0 +1,43 @@ +From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should pass the test_lic_files_chksum_presence test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..f3dec1b220c +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,21 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.fail new file mode 100644 index 0000000000..0a402d0a3e --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.fail @@ -0,0 +1,28 @@ +From f2f7b6bcb831289bc3ba2343ad7dc5bee6d6e0cd Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 08:45:41 -0400 +Subject: [PATCH] selftest-hello: remove helloworld.c + +This should fail the test_src_uri_left_files selftest. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..e95270adaeb 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,8 +3,6 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" +- + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" + +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.pass new file mode 100644 index 0000000000..a675c028d0 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_src_uri_left_files.pass @@ -0,0 +1,44 @@ +From e79933e2fc68570066eca66f0b599d259b7a1731 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 08:18:48 -0400 +Subject: [PATCH] selftest-hello: remove helloworld.c + +This should pass the test_src_uri_left_files selftest. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../recipes-test/selftest-hello/files/helloworld.c | 8 -------- + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 2 -- + 2 files changed, 10 deletions(-) + delete mode 100644 meta-selftest/recipes-test/selftest-hello/files/helloworld.c + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/helloworld.c b/meta-selftest/recipes-test/selftest-hello/files/helloworld.c +deleted file mode 100644 +index fc7169b7b83..00000000000 +--- a/meta-selftest/recipes-test/selftest-hello/files/helloworld.c ++++ /dev/null +@@ -1,8 +0,0 @@ +-#include <stdio.h> +- +-int main(void) +-{ +- printf("Hello world!\n"); +- +- return 0; +-} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..e95270adaeb 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,8 +3,6 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" +- + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" + +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.fail new file mode 100644 index 0000000000..1087843619 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.fail @@ -0,0 +1,42 @@ +From f4b72cc24f5e2a290a8637775c4d41c16d5d83aa Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should fail the test_summary_presence test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 20 +++++++++++++++++++ + 1 file changed, 20 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..2dc352d479e +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,20 @@ ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.pass new file mode 100644 index 0000000000..3d35a8d8fb --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_summary_presence.pass @@ -0,0 +1,43 @@ +From 04eb94a0134ef5eb5b5fd783b303104fbfcd8437 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 11:03:47 -0400 +Subject: [PATCH] selftest-hello: add selftest-hello-extra + +This should pass the test_summary_presence test. + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../selftest-hello-extra_1.0.bb | 21 +++++++++++++++++++ + 1 file changed, 21 insertions(+) + create mode 100644 meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +new file mode 100644 +index 00000000000..f3dec1b220c +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello-extra_1.0.bb +@@ -0,0 +1,21 @@ ++SUMMARY = "This is an example summary" ++DESCRIPTION = "Simple helloworld application -- selftest variant" ++SECTION = "examples" ++LICENSE = "MIT" ++LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" ++ ++SRC_URI = "file://helloworld.c" ++ ++S = "${WORKDIR}/sources" ++UNPACKDIR = "${S}" ++ ++do_compile() { ++ ${CC} ${CFLAGS} ${LDFLAGS} helloworld.c -o helloworld ++} ++ ++do_install() { ++ install -d ${D}${bindir} ++ install -m 0755 helloworld ${D}${bindir} ++} ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.fail b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.fail new file mode 100644 index 0000000000..f64f2a40b0 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.fail @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should fail the test_cve_tag_format test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-BAD_FORMAT ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.pass b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.pass new file mode 100644 index 0000000000..3819487041 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestPatch.test_cve_tag_format.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_cve_tag format test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.fail b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.fail new file mode 100644 index 0000000000..b2d0fab9e3 --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.fail @@ -0,0 +1,65 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should fail the test_signed_off_by_presence test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 25 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 28 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,25 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.pass b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.pass new file mode 100644 index 0000000000..2661c1416f --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestPatch.test_signed_off_by_presence.pass @@ -0,0 +1,66 @@ +From c9519f11502d5bb5c143ed43b4c981b6a211bdf9 Mon Sep 17 00:00:00 2001 +From: Trevor Gamblin <tgamblin@baylibre.com> +Date: Fri, 31 May 2024 09:54:50 -0400 +Subject: [PATCH] selftest-hello: fix CVE-1234-56789 + +This should pass the test_signed_off_by_presence test. + +CVE: CVE-1234-56789 + +Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> +--- + .../files/0001-Fix-CVE-1234-56789.patch | 26 +++++++++++++++++++ + .../selftest-hello/selftest-hello_1.0.bb | 4 ++- + 2 files changed, 29 insertions(+), 1 deletion(-) + create mode 100644 meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch + +diff --git a/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +new file mode 100644 +index 00000000000..8a4f9329303 +--- /dev/null ++++ b/meta-selftest/recipes-test/selftest-hello/files/0001-Fix-CVE-1234-56789.patch +@@ -0,0 +1,26 @@ ++From b26a31186e6ee2eb1f506d5f2f9394d327a0df2f Mon Sep 17 00:00:00 2001 ++From: Trevor Gamblin <tgamblin@baylibre.com> ++Date: Tue, 29 Aug 2023 14:08:20 -0400 ++Subject: [PATCH] Fix CVE-NOT-REAL ++ ++CVE: CVE-1234-56789 ++Upstream-Status: Backport(http://example.com/example) ++ ++Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> ++--- ++ strlen.c | 1 + ++ 1 file changed, 1 insertion(+) ++ ++diff --git a/strlen.c b/strlen.c ++index 1788f38..83d7918 100644 ++--- a/strlen.c +++++ b/strlen.c ++ ++int main() { ++ ++ printf("%d\n", str_len(string1)); ++ printf("%d\n", str_len(string2)); ++ printf("CVE FIXED!!!\n"); ++ ++ return 0; ++} +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 2dc352d479e..d937759f157 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -3,7 +3,9 @@ SECTION = "examples" + LICENSE = "MIT" + LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +-SRC_URI = "file://helloworld.c" ++SRC_URI = "file://helloworld.c \ ++ file://0001-Fix-CVE-1234-56789.patch \ ++ " + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" +-- +2.45.1 + diff --git a/meta/lib/patchtest/selftest/selftest b/meta/lib/patchtest/selftest/selftest new file mode 100755 index 0000000000..6fad50ce61 --- /dev/null +++ b/meta/lib/patchtest/selftest/selftest @@ -0,0 +1,94 @@ +#!/usr/bin/env python3 + +# Test every patch from files folder and output error on failure +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +import os +import subprocess +import sys + +currentdir = os.path.dirname(os.path.abspath(__file__)) +patchesdir = os.path.join(currentdir, 'files') +topdir = os.path.dirname(currentdir) +parentdir = os.path.dirname(topdir) + +# path to the repo root +repodir = os.path.dirname(os.path.dirname(parentdir)) + +def print_results(passcount, failcount, skipcount, xpasscount, xfailcount, xskipcount, errorcount): + total = passcount + skipcount + failcount + xpasscount + xfailcount + xskipcount + errorcount + print("============================================================================") + print("Testsuite summary for %s" % os.path.basename(topdir)) + print("============================================================================") + print("# TOTAL: %s" % str(total)) + print("# XPASS: %s" % str(xpasscount)) + print("# XFAIL: %s" % str(xfailcount)) + print("# XSKIP: %s" % str(xskipcount)) + print("# PASS: %s" % str(passcount)) + print("# FAIL: %s" % str(failcount)) + print("# SKIP: %s" % str(skipcount)) + print("# ERROR: %s" % str(errorcount)) + print("============================================================================") + +# Once the tests are in oe-core, we can remove the testdir param and use os.path.dirname to get relative paths +def test(root, patch): + res = True + patchpath = os.path.abspath(os.path.join(root, patch)) + + cmd = 'patchtest --repodir %s --testdir %s/tests --patch %s' % (repodir, topdir, patchpath) + results = subprocess.check_output(cmd, stderr=subprocess.STDOUT, universal_newlines=True, shell=True) + + return results + +if __name__ == '__main__': + passcount = 0 + failcount = 0 + skipcount = 0 + xpasscount = 0 + xfailcount = 0 + xskipcount = 0 + errorcount = 0 + + results = None + + for root, dirs, patches in os.walk(patchesdir): + for patch in patches: + results = test(root, patch) + + a = patch.split('.') + klass, testname = a[0], a[1] + expected_result = a[-1] + testid = ".%s.%s" % (klass,testname) + + for resultline in results.splitlines(): + if testid in resultline: + result, _ = resultline.split(':', 1) + + if expected_result.upper() == "FAIL" and result.upper() == "FAIL": + xfailcount = xfailcount + 1 + print("XFAIL: %s (file: %s)" % (testid.strip("."), os.path.basename(patch))) + elif expected_result.upper() == "PASS" and result.upper() == "PASS": + xpasscount = xpasscount + 1 + print("XPASS: %s (file: %s)" % (testid.strip("."), os.path.basename(patch))) + elif expected_result.upper() == "SKIP" and result.upper() == "SKIP": + xskipcount = xskipcount + 1 + print("XSKIP: %s (file: %s)" % (testid.strip("."), os.path.basename(patch))) + else: + print("%s: %s (%s)" % (result.upper(), testid.strip("."), os.path.basename(patch))) + if result.upper() == "PASS": + passcount = passcount + 1 + elif result.upper() == "FAIL": + failcount = failcount + 1 + elif result.upper() == "SKIP": + skipcount = skipcount + 1 + else: + print("Bad result on test %s against %s" % (testid.strip("."), os.path.basename(patch))) + errorcount = errorcount + 1 + break + else: + print ("No test for=%s" % patch) + + print_results(passcount, failcount, skipcount, xpasscount, xfailcount, xskipcount, errorcount) diff --git a/meta/lib/patchtest/tests/__init__.py b/meta/lib/patchtest/tests/__init__.py new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/meta/lib/patchtest/tests/__init__.py diff --git a/meta/lib/patchtest/tests/base.py b/meta/lib/patchtest/tests/base.py new file mode 100644 index 0000000000..424e61b5be --- /dev/null +++ b/meta/lib/patchtest/tests/base.py @@ -0,0 +1,239 @@ +# Base class to be used by all test cases defined in the suite +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +import unittest +import logging +import json +import unidiff +from data import PatchTestInput +import mailbox +import collections +import sys +import os +import re + +sys.path.insert(0, os.path.join(os.path.dirname(__file__), 'pyparsing')) + +logger = logging.getLogger('patchtest') +debug=logger.debug +info=logger.info +warn=logger.warn +error=logger.error + +Commit = collections.namedtuple('Commit', ['author', 'subject', 'commit_message', 'shortlog', 'payload']) + +class PatchtestOEError(Exception): + """Exception for handling patchtest-oe errors""" + def __init__(self, message, exitcode=1): + super().__init__(message) + self.exitcode = exitcode + +class Base(unittest.TestCase): + # if unit test fails, fail message will throw at least the following JSON: {"id": <testid>} + + endcommit_messages_regex = re.compile(r'\(From \w+-\w+ rev:|(?<!\S)Signed-off-by|(?<!\S)---\n') + patchmetadata_regex = re.compile(r'-{3} \S+|\+{3} \S+|@{2} -\d+,\d+ \+\d+,\d+ @{2} \S+') + + + @staticmethod + def msg_to_commit(msg): + payload = msg.get_payload() + return Commit(subject=msg['subject'].replace('\n', ' ').replace(' ', ' '), + author=msg.get('From'), + shortlog=Base.shortlog(msg['subject']), + commit_message=Base.commit_message(payload), + payload=payload) + + @staticmethod + def commit_message(payload): + commit_message = payload.__str__() + match = Base.endcommit_messages_regex.search(payload) + if match: + commit_message = payload[:match.start()] + return commit_message + + @staticmethod + def shortlog(shlog): + # remove possible prefix (between brackets) before colon + start = shlog.find(']', 0, shlog.find(':')) + # remove also newlines and spaces at both sides + return shlog[start + 1:].replace('\n', '').strip() + + @classmethod + def setUpClass(cls): + + # General objects: mailbox.mbox and patchset + cls.mbox = mailbox.mbox(PatchTestInput.repo.patch) + + # Patch may be malformed, so try parsing it + cls.unidiff_parse_error = '' + cls.patchset = None + try: + cls.patchset = unidiff.PatchSet.from_filename(PatchTestInput.repo.patch, encoding=u'UTF-8') + except unidiff.UnidiffParseError as upe: + cls.patchset = [] + cls.unidiff_parse_error = str(upe) + + # Easy to iterate list of commits + cls.commits = [] + for msg in cls.mbox: + if msg['subject'] and msg.get_payload(): + cls.commits.append(Base.msg_to_commit(msg)) + + cls.setUpClassLocal() + + @classmethod + def tearDownClass(cls): + cls.tearDownClassLocal() + + @classmethod + def setUpClassLocal(cls): + pass + + @classmethod + def tearDownClassLocal(cls): + pass + + def fail(self, issue, fix=None, commit=None, data=None): + """ Convert to a JSON string failure data""" + value = {'id': self.id(), + 'issue': issue} + + if fix: + value['fix'] = fix + if commit: + value['commit'] = {'subject': commit.subject, + 'shortlog': commit.shortlog} + + # extend return value with other useful info + if data: + value['data'] = data + + return super(Base, self).fail(json.dumps(value)) + + def skip(self, issue, data=None): + """ Convert the skip string to JSON""" + value = {'id': self.id(), + 'issue': issue} + + # extend return value with other useful info + if data: + value['data'] = data + + return super(Base, self).skipTest(json.dumps(value)) + + def shortid(self): + return self.id().split('.')[-1] + + def __str__(self): + return json.dumps({'id': self.id()}) + +class Metadata(Base): + @classmethod + def setUpClassLocal(cls): + cls.tinfoil = cls.setup_tinfoil() + + # get info about added/modified/remove recipes + cls.added, cls.modified, cls.removed = cls.get_metadata_stats(cls.patchset) + + @classmethod + def tearDownClassLocal(cls): + cls.tinfoil.shutdown() + + @classmethod + def setup_tinfoil(cls, config_only=False): + """Initialize tinfoil api from bitbake""" + + # import relevant libraries + try: + scripts_path = os.path.join(PatchTestInput.repodir, 'scripts', 'lib') + if scripts_path not in sys.path: + sys.path.insert(0, scripts_path) + import scriptpath + scriptpath.add_bitbake_lib_path() + import bb.tinfoil + except ImportError: + raise PatchtestOEError('Could not import tinfoil module') + + orig_cwd = os.path.abspath(os.curdir) + + # Load tinfoil + tinfoil = None + try: + builddir = os.environ.get('BUILDDIR') + if not builddir: + logger.warn('Bitbake environment not loaded?') + return tinfoil + os.chdir(builddir) + tinfoil = bb.tinfoil.Tinfoil() + tinfoil.prepare(config_only=config_only) + except bb.tinfoil.TinfoilUIException as te: + if tinfoil: + tinfoil.shutdown() + raise PatchtestOEError('Could not prepare properly tinfoil (TinfoilUIException)') + except Exception as e: + if tinfoil: + tinfoil.shutdown() + raise e + finally: + os.chdir(orig_cwd) + + return tinfoil + + @classmethod + def get_metadata_stats(cls, patchset): + """Get lists of added, modified and removed metadata files""" + + def find_pn(data, path): + """Find the PN from data""" + pn = None + pn_native = None + for _path, _pn in data: + if path in _path: + if 'native' in _pn: + # store the native PN but look for the non-native one first + pn_native = _pn + else: + pn = _pn + break + else: + # sent the native PN if found previously + if pn_native: + return pn_native + + # on renames (usually upgrades), we need to check (FILE) base names + # because the unidiff library does not provided the new filename, just the modified one + # and tinfoil datastore, once the patch is merged, will contain the new filename + path_basename = path.split('_')[0] + for _path, _pn in data: + _path_basename = _path.split('_')[0] + if path_basename == _path_basename: + pn = _pn + return pn + + if not cls.tinfoil: + cls.tinfoil = cls.setup_tinfoil() + + added_paths, modified_paths, removed_paths = [], [], [] + added, modified, removed = [], [], [] + + # get metadata filename additions, modification and removals + for patch in patchset: + if patch.path.endswith('.bb') or patch.path.endswith('.bbappend') or patch.path.endswith('.inc'): + if patch.is_added_file: + added_paths.append(os.path.join(os.path.abspath(PatchTestInput.repodir), patch.path)) + elif patch.is_modified_file: + modified_paths.append(os.path.join(os.path.abspath(PatchTestInput.repodir), patch.path)) + elif patch.is_removed_file: + removed_paths.append(os.path.join(os.path.abspath(PatchTestInput.repodir), patch.path)) + + data = cls.tinfoil.cooker.recipecaches[''].pkg_fn.items() + + added = [find_pn(data,path) for path in added_paths] + modified = [find_pn(data,path) for path in modified_paths] + removed = [find_pn(data,path) for path in removed_paths] + + return [a for a in added if a], [m for m in modified if m], [r for r in removed if r] diff --git a/meta/lib/patchtest/tests/pyparsing/common.py b/meta/lib/patchtest/tests/pyparsing/common.py new file mode 100644 index 0000000000..cbce4c38bc --- /dev/null +++ b/meta/lib/patchtest/tests/pyparsing/common.py @@ -0,0 +1,26 @@ +# common pyparsing variables +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +import pyparsing + +# general +colon = pyparsing.Literal(":") +start = pyparsing.LineStart() +end = pyparsing.LineEnd() +at = pyparsing.Literal("@") +lessthan = pyparsing.Literal("<") +greaterthan = pyparsing.Literal(">") +opensquare = pyparsing.Literal("[") +closesquare = pyparsing.Literal("]") +inappropriate = pyparsing.CaselessLiteral("Inappropriate") +submitted = pyparsing.CaselessLiteral("Submitted") + +# word related +nestexpr = pyparsing.nestedExpr(opener='[', closer=']') +inappropriateinfo = pyparsing.Literal("Inappropriate") + nestexpr +submittedinfo = pyparsing.Literal("Submitted") + nestexpr +word = pyparsing.Word(pyparsing.alphas) +worddot = pyparsing.Word(pyparsing.alphas+".") diff --git a/meta/lib/patchtest/tests/pyparsing/parse_cve_tags.py b/meta/lib/patchtest/tests/pyparsing/parse_cve_tags.py new file mode 100644 index 0000000000..f7fb82ec2b --- /dev/null +++ b/meta/lib/patchtest/tests/pyparsing/parse_cve_tags.py @@ -0,0 +1,18 @@ +# signed-off-by pyparsing definition +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + + +import pyparsing +import common + +name = pyparsing.Regex('\S+.*(?= <)') +username = pyparsing.OneOrMore(common.worddot) +domain = pyparsing.OneOrMore(common.worddot) +cve = pyparsing.Regex('CVE\-\d{4}\-\d+') +cve_mark = pyparsing.Literal("CVE:") + +cve_tag = pyparsing.AtLineStart(cve_mark + cve) +patch_cve_tag = pyparsing.AtLineStart("+" + cve_mark + cve) diff --git a/meta/lib/patchtest/tests/pyparsing/parse_shortlog.py b/meta/lib/patchtest/tests/pyparsing/parse_shortlog.py new file mode 100644 index 0000000000..30d3ab35b3 --- /dev/null +++ b/meta/lib/patchtest/tests/pyparsing/parse_shortlog.py @@ -0,0 +1,14 @@ +# subject pyparsing definition +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +# NOTE:This is an oversimplified syntax of the mbox's summary + +import pyparsing +import common + +target = pyparsing.OneOrMore(pyparsing.Word(pyparsing.printables.replace(':',''))) +summary = pyparsing.OneOrMore(pyparsing.Word(pyparsing.printables)) +shortlog = common.start + target + common.colon + summary + common.end diff --git a/meta/lib/patchtest/tests/pyparsing/parse_signed_off_by.py b/meta/lib/patchtest/tests/pyparsing/parse_signed_off_by.py new file mode 100644 index 0000000000..692ebec3ff --- /dev/null +++ b/meta/lib/patchtest/tests/pyparsing/parse_signed_off_by.py @@ -0,0 +1,22 @@ +# signed-off-by pyparsing definition +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + + +import pyparsing +import common + +name = pyparsing.Regex('\S+.*(?= <)') +username = pyparsing.OneOrMore(common.worddot) +domain = pyparsing.OneOrMore(common.worddot) + +# taken from https://pyparsing-public.wikispaces.com/Helpful+Expressions +email = pyparsing.Regex(r"(?P<user>[A-Za-z0-9._%+-]+)@(?P<hostname>[A-Za-z0-9.-]+)\.(?P<domain>[A-Za-z]{2,})") + +email_enclosed = common.lessthan + email + common.greaterthan + +signed_off_by_mark = pyparsing.Literal("Signed-off-by:") +signed_off_by = pyparsing.AtLineStart(signed_off_by_mark + name + email_enclosed) +patch_signed_off_by = pyparsing.AtLineStart("+" + signed_off_by_mark + name + email_enclosed) diff --git a/meta/lib/patchtest/tests/pyparsing/parse_upstream_status.py b/meta/lib/patchtest/tests/pyparsing/parse_upstream_status.py new file mode 100644 index 0000000000..bc6c427c4c --- /dev/null +++ b/meta/lib/patchtest/tests/pyparsing/parse_upstream_status.py @@ -0,0 +1,24 @@ +# upstream-status pyparsing definition +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + + +import common +import pyparsing + +upstream_status_literal_valid_status = ["Pending", "Backport", "Denied", "Inappropriate", "Submitted"] +upstream_status_nonliteral_valid_status = ["Pending", "Backport", "Denied", "Inappropriate [reason]", "Submitted [where]"] + +upstream_status_valid_status = pyparsing.Or( + [pyparsing.Literal(status) for status in upstream_status_literal_valid_status] +) + +upstream_status_mark = pyparsing.Literal("Upstream-Status") +inappropriate_status_mark = common.inappropriate +submitted_status_mark = common.submitted + +upstream_status = common.start + upstream_status_mark + common.colon + upstream_status_valid_status +upstream_status_inappropriate_info = common.start + upstream_status_mark + common.colon + common.inappropriateinfo +upstream_status_submitted_info = common.start + upstream_status_mark + common.colon + common.submittedinfo diff --git a/meta/lib/patchtest/tests/test_mbox.py b/meta/lib/patchtest/tests/test_mbox.py new file mode 100644 index 0000000000..cd76e58a71 --- /dev/null +++ b/meta/lib/patchtest/tests/test_mbox.py @@ -0,0 +1,159 @@ +# Checks related to the patch's author +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +import base +import collections +import parse_shortlog +import parse_signed_off_by +import pyparsing +import re +import subprocess +from data import PatchTestInput + +def headlog(): + output = subprocess.check_output( + "cd %s; git log --pretty='%%h#%%aN#%%cD:#%%s' -1" % PatchTestInput.repodir, + universal_newlines=True, + shell=True + ) + return output.split('#') + +class TestMbox(base.Base): + + auh_email = 'auh@yoctoproject.org' + + invalids = [pyparsing.Regex("^Upgrade Helper.+"), + pyparsing.Regex(auh_email), + pyparsing.Regex("uh@not\.set"), + pyparsing.Regex("\S+@example\.com")] + + rexp_detect = pyparsing.Regex('\[\s?YOCTO.*\]') + rexp_validation = pyparsing.Regex('\[(\s?YOCTO\s?#\s?(\d+)\s?,?)+\]') + signoff_prog = parse_signed_off_by.signed_off_by + revert_shortlog_regex = pyparsing.Regex('Revert\s+".*"') + maxlength = 90 + + # base paths of main yocto project sub-projects + paths = { + 'oe-core': ['meta-selftest', 'meta-skeleton', 'meta', 'scripts'], + 'bitbake': ['bitbake'], + 'documentation': ['documentation'], + 'poky': ['meta-poky','meta-yocto-bsp'], + 'oe': ['meta-gpe', 'meta-gnome', 'meta-efl', 'meta-networking', 'meta-multimedia','meta-initramfs', 'meta-ruby', 'contrib', 'meta-xfce', 'meta-filesystems', 'meta-perl', 'meta-webserver', 'meta-systemd', 'meta-oe', 'meta-python'] + } + + # scripts folder is a mix of oe-core and poky, most is oe-core code except: + poky_scripts = ['scripts/yocto-bsp', 'scripts/yocto-kernel', 'scripts/yocto-layer', 'scripts/lib/bsp'] + + Project = collections.namedtuple('Project', ['name', 'listemail', 'gitrepo', 'paths']) + + bitbake = Project(name='Bitbake', listemail='bitbake-devel@lists.openembedded.org', gitrepo='http://git.openembedded.org/bitbake/', paths=paths['bitbake']) + doc = Project(name='Documentantion', listemail='yocto@yoctoproject.org', gitrepo='http://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs/', paths=paths['documentation']) + poky = Project(name='Poky', listemail='poky@yoctoproject.org', gitrepo='http://git.yoctoproject.org/cgit/cgit.cgi/poky/', paths=paths['poky']) + oe = Project(name='oe', listemail='openembedded-devel@lists.openembedded.org', gitrepo='http://git.openembedded.org/meta-openembedded/', paths=paths['oe']) + + + def test_signed_off_by_presence(self): + for commit in TestMbox.commits: + # skip those patches that revert older commits, these do not required the tag presence + if self.revert_shortlog_regex.search_string(commit.shortlog): + continue + if not self.signoff_prog.search_string(commit.payload): + self.fail('Mbox is missing Signed-off-by. Add it manually or with "git commit --amend -s"', + commit=commit) + + def test_shortlog_format(self): + for commit in TestMbox.commits: + shortlog = commit.shortlog + if not shortlog.strip(): + self.skip('Empty shortlog, no reason to execute shortlog format test') + else: + # no reason to re-check on revert shortlogs + if shortlog.startswith('Revert "'): + continue + try: + parse_shortlog.shortlog.parseString(shortlog) + except pyparsing.ParseException as pe: + self.fail('Commit shortlog (first line of commit message) should follow the format "<target>: <summary>"', + commit=commit) + + def test_shortlog_length(self): + for commit in TestMbox.commits: + # no reason to re-check on revert shortlogs + shortlog = re.sub('^(\[.*?\])+ ', '', commit.shortlog) + if shortlog.startswith('Revert "'): + continue + l = len(shortlog) + if l > self.maxlength: + self.fail('Edit shortlog so that it is %d characters or less (currently %d characters)' % (self.maxlength, l), + commit=commit) + + def test_series_merge_on_head(self): + self.skip("Merge test is disabled for now") + if PatchTestInput.repo.branch != "master": + self.skip("Skipping merge test since patch is not intended for master branch. Target detected is %s" % PatchTestInput.repo.branch) + if not PatchTestInput.repo.ismerged: + commithash, author, date, shortlog = headlog() + self.fail('Series does not apply on top of target branch %s' % PatchTestInput.repo.branch, + data=[('Targeted branch', '%s (currently at %s)' % (PatchTestInput.repo.branch, commithash))]) + + def test_target_mailing_list(self): + """In case of merge failure, check for other targeted projects""" + if PatchTestInput.repo.ismerged: + self.skip('Series merged, no reason to check other mailing lists') + + # a meta project may be indicted in the message subject, if this is the case, just fail + # TODO: there may be other project with no-meta prefix, we also need to detect these + project_regex = pyparsing.Regex("\[(?P<project>meta-.+)\]") + for commit in TestMbox.commits: + match = project_regex.search_string(commit.subject) + if match: + self.fail('Series sent to the wrong mailing list or some patches from the series correspond to different mailing lists', + commit=commit) + + for patch in self.patchset: + folders = patch.path.split('/') + base_path = folders[0] + for project in [self.bitbake, self.doc, self.oe, self.poky]: + if base_path in project.paths: + self.fail('Series sent to the wrong mailing list or some patches from the series correspond to different mailing lists', + data=[('Suggested ML', '%s [%s]' % (project.listemail, project.gitrepo)), + ('Patch\'s path:', patch.path)]) + + # check for poky's scripts code + if base_path.startswith('scripts'): + for poky_file in self.poky_scripts: + if patch.path.startswith(poky_file): + self.fail('Series sent to the wrong mailing list or some patches from the series correspond to different mailing lists', + data=[('Suggested ML', '%s [%s]' % (self.poky.listemail, self.poky.gitrepo)),('Patch\'s path:', patch.path)]) + + def test_mbox_format(self): + if self.unidiff_parse_error: + self.fail('Series has malformed diff lines. Create the series again using git-format-patch and ensure it applies using git am', + data=[('Diff line',self.unidiff_parse_error)]) + + def test_commit_message_presence(self): + for commit in TestMbox.commits: + if not commit.commit_message.strip(): + self.fail('Please include a commit message on your patch explaining the change', commit=commit) + + def test_bugzilla_entry_format(self): + for commit in TestMbox.commits: + if not self.rexp_detect.search_string(commit.commit_message): + self.skip("No bug ID found") + elif not self.rexp_validation.search_string(commit.commit_message): + self.fail('Bugzilla issue ID is not correctly formatted - specify it with format: "[YOCTO #<bugzilla ID>]"', commit=commit) + + def test_author_valid(self): + for commit in self.commits: + for invalid in self.invalids: + if invalid.search_string(commit.author): + self.fail('Invalid author %s. Resend the series with a valid patch author' % commit.author, commit=commit) + + def test_non_auh_upgrade(self): + for commit in self.commits: + if self.auh_email in commit.commit_message: + self.fail('Invalid author %s. Resend the series with a valid patch author' % self.auh_email, commit=commit) diff --git a/meta/lib/patchtest/tests/test_metadata.py b/meta/lib/patchtest/tests/test_metadata.py new file mode 100644 index 0000000000..f5dbcf01ed --- /dev/null +++ b/meta/lib/patchtest/tests/test_metadata.py @@ -0,0 +1,197 @@ +# Checks related to the patch's LIC_FILES_CHKSUM metadata variable +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +import base +import os +import pyparsing +from data import PatchTestInput, PatchTestDataStore + +class TestMetadata(base.Metadata): + metadata_lic = 'LICENSE' + invalid_license = 'PATCHTESTINVALID' + metadata_chksum = 'LIC_FILES_CHKSUM' + license_var = 'LICENSE' + closed = 'CLOSED' + lictag_re = pyparsing.AtLineStart("License-Update:") + lic_chksum_added = pyparsing.AtLineStart("+" + metadata_chksum) + lic_chksum_removed = pyparsing.AtLineStart("-" + metadata_chksum) + add_mark = pyparsing.Regex('\\+ ') + max_length = 200 + metadata_src_uri = 'SRC_URI' + md5sum = 'md5sum' + sha256sum = 'sha256sum' + git_regex = pyparsing.Regex('^git\\:\\/\\/.*') + metadata_summary = 'SUMMARY' + cve_check_ignore_var = 'CVE_CHECK_IGNORE' + cve_status_var = 'CVE_STATUS' + + def test_license_presence(self): + if not self.added: + self.skip('No added recipes, skipping test') + + # TODO: this is a workaround so we can parse the recipe not + # containing the LICENSE var: add some default license instead + # of INVALID into auto.conf, then remove this line at the end + auto_conf = os.path.join(os.environ.get('BUILDDIR'), 'conf', 'auto.conf') + open_flag = 'w' + if os.path.exists(auto_conf): + open_flag = 'a' + with open(auto_conf, open_flag) as fd: + for pn in self.added: + fd.write('LICENSE ??= "%s"\n' % self.invalid_license) + + no_license = False + for pn in self.added: + rd = self.tinfoil.parse_recipe(pn) + license = rd.getVar(self.metadata_lic) + if license == self.invalid_license: + no_license = True + break + + # remove auto.conf line or the file itself + if open_flag == 'w': + os.remove(auto_conf) + else: + fd = open(auto_conf, 'r') + lines = fd.readlines() + fd.close() + with open(auto_conf, 'w') as fd: + fd.write(''.join(lines[:-1])) + + if no_license: + self.fail('Recipe does not have the LICENSE field set.') + + def test_lic_files_chksum_presence(self): + if not self.added: + self.skip('No added recipes, skipping test') + + for pn in self.added: + rd = self.tinfoil.parse_recipe(pn) + pathname = rd.getVar('FILE') + # we are not interested in images + if '/images/' in pathname: + continue + lic_files_chksum = rd.getVar(self.metadata_chksum) + if rd.getVar(self.license_var) == self.closed: + continue + if not lic_files_chksum: + self.fail('%s is missing in newly added recipe' % self.metadata_chksum) + + def test_lic_files_chksum_modified_not_mentioned(self): + if not self.modified: + self.skip('No modified recipes, skipping test') + + for patch in self.patchset: + # for the moment, we are just interested in metadata + if patch.path.endswith('.patch'): + continue + payload = str(patch) + if (self.lic_chksum_added.search_string(payload) or self.lic_chksum_removed.search_string(payload)): + # if any patch on the series contain reference on the metadata, fail + for commit in self.commits: + if self.lictag_re.search_string(commit.commit_message): + break + else: + self.fail('LIC_FILES_CHKSUM changed without "License-Update:" tag and description in commit message') + + def test_max_line_length(self): + for patch in self.patchset: + # for the moment, we are just interested in metadata + if patch.path.endswith('.patch'): + continue + payload = str(patch) + for line in payload.splitlines(): + if self.add_mark.search_string(line): + current_line_length = len(line[1:]) + if current_line_length > self.max_length: + self.fail('Patch line too long (current length %s, maximum is %s)' % (current_line_length, self.max_length), + data=[('Patch', patch.path), ('Line', '%s ...' % line[0:80])]) + + def pretest_src_uri_left_files(self): + # these tests just make sense on patches that can be merged + if not PatchTestInput.repo.canbemerged: + self.skip('Patch cannot be merged') + if not self.modified: + self.skip('No modified recipes, skipping pretest') + + # get the proper metadata values + for pn in self.modified: + # we are not interested in images + if 'core-image' in pn: + continue + rd = self.tinfoil.parse_recipe(pn) + PatchTestDataStore['%s-%s-%s' % (self.shortid(), self.metadata_src_uri, pn)] = rd.getVar(self.metadata_src_uri) + + def test_src_uri_left_files(self): + # these tests just make sense on patches that can be merged + if not PatchTestInput.repo.canbemerged: + self.skip('Patch cannot be merged') + if not self.modified: + self.skip('No modified recipes, skipping pretest') + + # get the proper metadata values + for pn in self.modified: + # we are not interested in images + if 'core-image' in pn: + continue + rd = self.tinfoil.parse_recipe(pn) + PatchTestDataStore['%s-%s-%s' % (self.shortid(), self.metadata_src_uri, pn)] = rd.getVar(self.metadata_src_uri) + + for pn in self.modified: + pretest_src_uri = PatchTestDataStore['pre%s-%s-%s' % (self.shortid(), self.metadata_src_uri, pn)].split() + test_src_uri = PatchTestDataStore['%s-%s-%s' % (self.shortid(), self.metadata_src_uri, pn)].split() + + pretest_files = set([os.path.basename(patch) for patch in pretest_src_uri if patch.startswith('file://')]) + test_files = set([os.path.basename(patch) for patch in test_src_uri if patch.startswith('file://')]) + + # check if files were removed + if len(test_files) < len(pretest_files): + + # get removals from patchset + filesremoved_from_patchset = set() + for patch in self.patchset: + if patch.is_removed_file: + filesremoved_from_patchset.add(os.path.basename(patch.path)) + + # get the deleted files from the SRC_URI + filesremoved_from_usr_uri = pretest_files - test_files + + # finally, get those patches removed at SRC_URI and not removed from the patchset + # TODO: we are not taking into account renames, so test may raise false positives + not_removed = filesremoved_from_usr_uri - filesremoved_from_patchset + if not_removed: + self.fail('Patches not removed from tree. Remove them and amend the submitted mbox', + data=[('Patch', f) for f in not_removed]) + + def test_summary_presence(self): + if not self.added: + self.skip('No added recipes, skipping test') + + for pn in self.added: + # we are not interested in images + if 'core-image' in pn: + continue + rd = self.tinfoil.parse_recipe(pn) + summary = rd.getVar(self.metadata_summary) + + # "${PN} version ${PN}-${PR}" is the default, so fail if default + if summary.startswith('%s version' % pn): + self.fail('%s is missing in newly added recipe' % self.metadata_summary) + + def test_cve_check_ignore(self): + # Skip if we neither modified a recipe or target branches are not + # Nanbield and newer. CVE_CHECK_IGNORE was first deprecated in Nanbield. + if not self.modified or PatchTestInput.repo.branch == "kirkstone" or PatchTestInput.repo.branch == "dunfell": + self.skip('No modified recipes or older target branch, skipping test') + for pn in self.modified: + # we are not interested in images + if 'core-image' in pn: + continue + rd = self.tinfoil.parse_recipe(pn) + cve_check_ignore = rd.getVar(self.cve_check_ignore_var) + + if cve_check_ignore is not None: + self.fail('%s is deprecated and should be replaced by %s' % (self.cve_check_ignore_var, self.cve_status_var)) diff --git a/meta/lib/patchtest/tests/test_patch.py b/meta/lib/patchtest/tests/test_patch.py new file mode 100644 index 0000000000..d7187a0cb1 --- /dev/null +++ b/meta/lib/patchtest/tests/test_patch.py @@ -0,0 +1,103 @@ +# Checks related to the patch's CVE lines +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import base +import os +import parse_signed_off_by +import parse_upstream_status +import pyparsing + +class TestPatch(base.Base): + + re_cve_pattern = pyparsing.Regex("CVE\-\d{4}\-\d+") + re_cve_payload_tag = pyparsing.Regex("\+CVE:(\s+CVE\-\d{4}\-\d+)+") + upstream_status_regex = pyparsing.AtLineStart("+" + "Upstream-Status") + + @classmethod + def setUpClassLocal(cls): + cls.newpatches = [] + # get just those relevant patches: new software patches + for patch in cls.patchset: + if patch.path.endswith('.patch') and patch.is_added_file: + cls.newpatches.append(patch) + + cls.mark = str(parse_signed_off_by.signed_off_by_mark).strip('"') + + # match PatchSignedOffBy.mark with '+' preceding it + cls.prog = parse_signed_off_by.patch_signed_off_by + + def setUp(self): + if self.unidiff_parse_error: + self.skip('Parse error %s' % self.unidiff_parse_error) + + self.valid_status = ', '.join(parse_upstream_status.upstream_status_nonliteral_valid_status) + self.standard_format = 'Upstream-Status: <Valid status>' + + # we are just interested in series that introduce CVE patches, thus discard other + # possibilities: modification to current CVEs, patch directly introduced into the + # recipe, upgrades already including the CVE, etc. + new_cves = [p for p in self.patchset if p.path.endswith('.patch') and p.is_added_file] + if not new_cves: + self.skip('No new CVE patches introduced') + + def test_upstream_status_presence_format(self): + if not TestPatch.newpatches: + self.skip("There are no new software patches, no reason to test Upstream-Status presence/format") + + for newpatch in TestPatch.newpatches: + payload = newpatch.__str__() + if not self.upstream_status_regex.search_string(payload): + self.fail('Added patch file is missing Upstream-Status: <Valid status> in the commit message', + data=[('Standard format', self.standard_format), ('Valid status', self.valid_status)]) + for line in payload.splitlines(): + if self.patchmetadata_regex.match(line): + continue + if self.upstream_status_regex.search_string(line): + if parse_upstream_status.inappropriate_status_mark.searchString(line): + try: + parse_upstream_status.upstream_status_inappropriate_info.parseString(line.lstrip('+')) + except pyparsing.ParseException as pe: + self.fail('Upstream-Status is Inappropriate, but no reason was provided', + data=[('Current', pe.pstr), ('Standard format', 'Upstream-Status: Inappropriate [reason]')]) + elif parse_upstream_status.submitted_status_mark.searchString(line): + try: + parse_upstream_status.upstream_status_submitted_info.parseString(line.lstrip('+')) + except pyparsing.ParseException as pe: + self.fail('Upstream-Status is Submitted, but it is not mentioned where', + data=[('Current', pe.pstr), ('Standard format', 'Upstream-Status: Submitted [where]')]) + else: + try: + parse_upstream_status.upstream_status.parseString(line.lstrip('+')) + except pyparsing.ParseException as pe: + self.fail('Upstream-Status is in incorrect format', + data=[('Current', pe.pstr), ('Standard format', self.standard_format), ('Valid status', self.valid_status)]) + + def test_signed_off_by_presence(self): + if not TestPatch.newpatches: + self.skip("There are no new software patches, no reason to test %s presence" % PatchSignedOffBy.mark) + + for newpatch in TestPatch.newpatches: + payload = newpatch.__str__() + for line in payload.splitlines(): + if self.patchmetadata_regex.match(line): + continue + if TestPatch.prog.search_string(payload): + break + else: + self.fail('A patch file has been added without a Signed-off-by tag: \'%s\'' % os.path.basename(newpatch.path)) + + def test_cve_tag_format(self): + for commit in TestPatch.commits: + if self.re_cve_pattern.search_string(commit.shortlog) or self.re_cve_pattern.search_string(commit.commit_message): + tag_found = False + for line in commit.payload.splitlines(): + if self.re_cve_payload_tag.search_string(line): + tag_found = True + break + if not tag_found: + self.fail('Missing or incorrectly formatted CVE tag in patch file. Correct or include the CVE tag in the patch with format: "CVE: CVE-YYYY-XXXX"', + commit=commit) diff --git a/meta/lib/patchtest/tests/test_python_pylint.py b/meta/lib/patchtest/tests/test_python_pylint.py new file mode 100644 index 0000000000..ef315e591c --- /dev/null +++ b/meta/lib/patchtest/tests/test_python_pylint.py @@ -0,0 +1,65 @@ +# Checks related to the python code done with pylint +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only + +import base +from io import StringIO +from data import PatchTestInput +from pylint.reporters.text import TextReporter +import pylint.lint as lint + + +class PyLint(base.Base): + pythonpatches = [] + pylint_pretest = {} + pylint_test = {} + pylint_options = " -E --disable='E0611, E1101, F0401, E0602' --msg-template='L:{line} F:{module} I:{msg}'" + + @classmethod + def setUpClassLocal(cls): + # get just those patches touching python files + cls.pythonpatches = [] + for patch in cls.patchset: + if patch.path.endswith('.py'): + if not patch.is_removed_file: + cls.pythonpatches.append(patch) + + def setUp(self): + if self.unidiff_parse_error: + self.skip('Python-unidiff parse error') + if not PyLint.pythonpatches: + self.skip('No python related patches, skipping test') + + def pretest_pylint(self): + for pythonpatch in self.pythonpatches: + if pythonpatch.is_modified_file: + pylint_output = StringIO() + reporter = TextReporter(pylint_output) + lint.Run([self.pylint_options, pythonpatch.path], reporter=reporter, exit=False) + for line in pylint_output.readlines(): + if not '*' in line: + if line.strip(): + self.pylint_pretest[line.strip().split(' ',1)[0]] = line.strip().split(' ',1)[1] + + def test_pylint(self): + for pythonpatch in self.pythonpatches: + # a condition checking whether a file is renamed or not + # unidiff doesn't support this yet + if pythonpatch.target_file is not pythonpatch.path: + path = pythonpatch.target_file[2:] + else: + path = pythonpatch.path + pylint_output = StringIO() + reporter = TextReporter(pylint_output) + lint.Run([self.pylint_options, pythonpatch.path], reporter=reporter, exit=False) + for line in pylint_output.readlines(): + if not '*' in line: + if line.strip(): + self.pylint_test[line.strip().split(' ',1)[0]] = line.strip().split(' ',1)[1] + + for issue in self.pylint_test: + if self.pylint_test[issue] not in self.pylint_pretest.values(): + self.fail('Errors in your Python code were encountered. Please check your code with a linter and resubmit', + data=[('Output', 'Please, fix the listed issues:'), ('', issue + ' ' + self.pylint_test[issue])]) diff --git a/meta/lib/patchtest/utils.py b/meta/lib/patchtest/utils.py new file mode 100644 index 0000000000..8eddf3e85f --- /dev/null +++ b/meta/lib/patchtest/utils.py @@ -0,0 +1,61 @@ +# ex:ts=4:sw=4:sts=4:et +# -*- tab-width: 4; c-basic-offset: 4; indent-tabs-mode: nil -*- +# +# utils: common methods used by the patchtest framework +# +# Copyright (C) 2016 Intel Corporation +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import os +import subprocess +import logging +import re +import mailbox + +def logger_create(name): + logger = logging.getLogger(name) + loggerhandler = logging.StreamHandler() + loggerhandler.setFormatter(logging.Formatter("%(message)s")) + logger.addHandler(loggerhandler) + logger.setLevel(logging.INFO) + return logger + +def valid_branch(branch): + """ Check if branch is valid name """ + lbranch = branch.lower() + + invalid = lbranch.startswith('patch') or \ + lbranch.startswith('rfc') or \ + lbranch.startswith('resend') or \ + re.search(r'^v\d+', lbranch) or \ + re.search(r'^\d+/\d+', lbranch) + + return not invalid + +def get_branch(path): + """ Get the branch name from mbox """ + fullprefix = "" + mbox = mailbox.mbox(path) + + if len(mbox): + subject = mbox[0]['subject'] + if subject: + pattern = re.compile(r"(\[.*\])", re.DOTALL) + match = pattern.search(subject) + if match: + fullprefix = match.group(1) + + branch, branches, valid_branches = None, [], [] + + if fullprefix: + prefix = fullprefix.strip('[]') + branches = [ b.strip() for b in prefix.split(',')] + valid_branches = [b for b in branches if valid_branch(b)] + + if len(valid_branches): + branch = valid_branches[0] + + return branch + |