aboutsummaryrefslogtreecommitdiffstats
path: root/meta
Commit message (Collapse)AuthorAgeFilesLines
* devtool: Split tests into multiple classessumoRichard Purdie2019-04-091-52/+61
| | | | | | | | | | | | This allows better parallelism between the different tests as currently this block takes the longest time to execute. devtool tests are still all grouped into the "devtool" module for ease of exection. This also makes it easier to execute some subset of devtool tests for testing devtool changes. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa: Default to buffer mode for testsRichard Purdie2019-04-096-13/+1
| | | | | | | | | | | Currently some tests run in buffer mode and some don't. Those that don't can corrupt stdout/stderr. Switch to using buffer mode everywhere so we're consistent. If there is useful output on stdout/stderr, it will be displayed if the test fails. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/selftest/devtool: Ensure dbus is built befoe running testRichard Purdie2019-04-091-0/+2
| | | | | | | | | | | | | | If dbus isn't build first the dbus dependency of dbus-wait can't be detected through pkgconfig and the test fails: AssertionError: {'DEPENDS': {'dbus'}} != {} - {'DEPENDS': {'dbus'}} + {} : Some expected variables not found in recipe: {'DEPENDS': {'dbus'}} Ensure dbus is built and present in the sysroot. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* logging: use warning instead warnChen Qi2019-04-093-6/+6
| | | | | | | | | | | | | | The warn method is deprecated. We should use the documented warning instead. Quoting from the python's official doc: """ Note: There is an obsolete method warn which is functionally identical to warning. As warn is deprecated, please do not use it - use warning instead. """ Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lib/oe: Fix collections ABCs DeprecationWarning in Python 3.7+Khem Raj2019-04-091-2/+7
| | | | | | | | | | | | | | | | - Prefer collections.abc (new in Python 3.3) over collections for abstract base classes - In Python 3.8, the abstract base classes in collections.abc will no longer be exposed in the regular collections module. This will help create a clearer distinction between the concrete classes and the abstract base classes." - https://docs.python.org/3.7/whatsnew/3.7.html#deprecated - see https://github.com/python/cpython/commit/c66f9f8d3909f588c251957d499599a1680e2320 Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* pkgdata.py: avoid target-sdk-dummy-provides to mess things upChen Qi2019-04-071-0/+1
| | | | | | | | | | | | | | | | | | Sometimes we meet the following failure for the test_lookup_recipe test case. AssertionError: 'zlib\nbusybox is in the RPROVIDES of target-sdk-provid[32 chars]ummy' != 'zlib\nbusybox' zlib + busybox- busybox is in the RPROVIDES of target-sdk-provides-dummy: - target-sdk-provides-dummy This is because target-sdk-provides-dummy rprovides busybox. So clean things up to avoid failure. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/toaster: updated test id namingYeoh Ee Peng2019-04-062-93/+93
| | | | | | | | | | | | | | | | All test id (eg. @alias) inside manual testcase file shall follow the same test id naming convention from oeqa automated tests (eg. selftest, runtime, sdk, etc), where the test id consists of <test_module>.<test_suite>.<test_function>. Furthermore, there shall be only 1 unique test_module per each manual testcases file, where test_module match the file name itself. This file was using test_module name that does not match the file name itself. Fixed test_module name as well as the test_suite name. Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/toaster: transfer manual toaster test cases to oeqaYeoh Ee Peng2019-04-062-0/+3742
| | | | | | | | | | | | | | | | | | | | | As part of the solution to replace Testopia, manual test cases need to be migrated to OEQA. These manual test case json files will serve two use cases. Use case#1: as input to the future commandline-based manual test runner script, where this script will display actions and expected result information in user friendly text, then it will capture user input for test result and log, finally it will write test result and log into existing standardize test result json format from OEQA framework for automated tests. Use case#2: QA will open and read these json file manually for planning manual test execution. Any reader interested in understanding manual test cases will open and read these files. Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/kernel-dev.json: test id updatedsangeeta jain2019-04-061-18/+18
| | | | | | | | | | | | | | | | All test id (eg. @alias) inside manual testcase file shall follow the same test id naming convention from oeqa automated tests (eg. selftest, runtime, sdk, etc), where the test id consists of <test_module>.<test_suite>.<test_function>. Furthermore, there shall be only 1 unique test_module per each manual testcases file. This file was using more than 1 unique test_module for testcases. Furthermore, some of the testcases were defined using different test_suite where it was not needed. This patch fix the manual testcases file to have only 1 unique test_module as well as test_suite to simplify test id naming. Signed-off-by: sangeeta jain <sangeeta.jain@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/compliance-test.json: test id updated and missing test cases addedsangeeta jain2019-04-061-4/+56
| | | | | | | | | | | | | | | | | | | | Two changes made in oeqa/manual/compliance-test.json: 1. All test id (eg. @alias) inside manual testcase file shall follow the same test id naming convention from oeqa automated tests (eg. selftest, runtime, sdk, etc), where the test id consists of <test_module>.<test_suite>.<test_function>. Furthermore, there shall be only 1 unique test_module per each manual testcases file. This file was using more than 1 unique test_module for testcases. Furthermore, some of the testcases were defined using different test_suite where it was not needed. This patch fix the manual testcases file to have only 1 unique test_module as well as test_suite to simplify test id naming. 2. Added 2 missing test cases for Beaglebone Stress Test. Signed-off-by: sangeeta jain <sangeeta.jain@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/bsp-hw.json: test id updated and obsolete test cases removedsangeeta jain2019-04-061-220/+46
| | | | | | | | | | | | | | | | | | | | Two changes made in oeqa/manual/bsp-hw.json: 1. All test id (eg. @alias) inside manual testcase file shall follow the same test id naming convention from oeqa automated tests (eg. selftest, runtime, sdk, etc), where the test id consists of <test_module>.<test_suite>.<test_function>. Furthermore, there shall be only 1 unique test_module per each manual testcases file. This file was using more than 1 unique test_module for testcases. Furthermore, some of the testcases were defined using different test_suite where it was not needed. This patch fix the manual testcases file to have only 1 unique test_module as well as test_suite to simplify test id naming. 2. As per review by Intel and Windriver team, 7 testcases were found obsolete. Removed 7 testcases. Signed-off-by: sangeeta jain <sangeeta.jain@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/bsp-hw.json: add non-IA testsMazliana2019-04-061-0/+260
| | | | | | | | | | | QA team found that 10 manual bsp test cases from Testopia for Beaglebone, EdgeRouter, and MPC need to be up streamed [YOCTO #12650] Signed-off-by: Mazliana <mazliana.mohamad@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/sdk.json: Updated toolchain tarball to core-image-satosangeeta jain2019-04-061-7/+7
| | | | | | | | | | | | | | Manual test step for SDK is updated. Previously toolchain was "poky-glibc-x86_64-core-image-sato-sdk<type-arch>-toolchain-<release-version>.sh" But toochain for core-image-sato-sdk is not available in releases after 2.1, hence changed it to "poky-glibc-x86_64-core-image-sato-<type-arch>-toolchain-<release-version>.sh Other less significant update is to add exepcted result in intermediate test steps. Signed-off-by: sangeeta jain <sangeeta.jain@intel.com> "poky-glibc-x86_64-core-image-sato-<type-arch>-toolchain-<release-version>.sh" Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual: Add manual runtime 'compliance' testcases to jsonSudhir Sharma2019-04-061-0/+142
| | | | | | | | Added json file for compliance test cases to the manual runtime tests Signed-off-by: Sudhir Sharma <sudhirx.sharma@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/bsp-qemu.json: Update for QEMU_USE_KVMRobert Yang2019-04-061-2/+2
| | | | | | | | Now QEMU_USE_KVM can only be boolean, can not contain MACHINE any more. Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual/build-appliance: Drop test which is already automatedRichard Purdie2019-04-061-26/+0
| | | | | | | The nightly-build-appliance target already tests this particular build. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual: Remove bitbake-selftest executionRichard Purdie2019-04-061-30/+0
| | | | | | | | The autobuilder runs bitbake-selftest already so we don't need to execute this manually. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* oeqa/manual: transfer manual test cases from testopia to oeqaYeoh Ee Peng2019-04-069-0/+2750
| | | | | | | | | | | | | | | | | | | | | As part of the solution to replace Testopia, manual test cases need to be migrated to OEQA. These manual test case json files will serve two use cases. Use case#1: as input to the future commandline-based manual test runner script, where this script will display actions and expected result information in user friendly text, then it will capture user input for test result and log, finally it will write test result and log into existing standardize test result json format from OEQA framework for automated tests. Use case#2: QA will open and read these json file manually for planning manual test execution. Any reader interested in understanding manual test cases will open and read these files. Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* build-appliance-image: Update to sumo head revisionRichard Purdie2019-03-271-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oeqa/utils/gitarchive: Handle case where parent is only on originRichard Purdie2019-03-271-2/+2
| | | | | | | | | | | | | The parent code currently assumed that any parent branch is locally checked out which may not be the case. Use the local branch by default but fall back to the origin. This also means removing the later saftey check as the branch may not exist locally. This fixes the autobuilder resulttool test pushing code. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* build-appliance-image: Update to sumo head revisionRichard Purdie2019-03-261-1/+1
| | | | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* yocto-uninative: Update to 2.4Richard Purdie2019-03-261-5/+4
| | | | | | | | | This supports glibc 2.29 which is appearing in distros like Ubuntu 19.04 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [Fixed up for Sumo context; no aarch64] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* oe-build-perf-report/gitarchive: Move common useful functions to libraryRichard Purdie2019-03-251-0/+71
| | | | | | | | | These functions can be reused by the resulttool code so move to the common function library for this purpose. (From OE-Core rev: c66f848938c04e133259c5b6903dc592866ab385) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* scripts/oe-git-archive: Separate out functionality to library functionRichard Purdie2019-03-251-0/+173
| | | | | | | | | | | This turns the core of the script into a library function. Ultimately this will let us call that code with custom 'keywords' rather than relying on the data parsed from bitbake metadata which can't be used when archiving historical results. (From OE-Core rev: 4820ca2b0850e29b04a4fd5659a6e9837d6714d0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resulttool: Improvements to allow integration to the autobuilderRichard Purdie2019-03-251-58/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a combined patch of the various tweaks and improvements I made to resulttool: * Avoid subprocess.run() as its a python 3.6 feature and we have autobuilder workers with 3.5. * Avoid python keywords as variable names * Simplify dict accesses using .get() * Rename resultsutils -> resultutils to match the resultstool -> resulttool rename * Formalised the handling of "file_name" to "TESTSERIES" which the code will now add into the json configuration data if its not present, based on the directory name. * When we don't have failed test cases, print something saying so instead of an empty table * Tweak the table headers in the report to be more readable (reference "Test Series" instead if file_id and ID instead of results_id) * Improve/simplify the max string length handling * Merge the counts and percentage data into one table in the report since printing two reports of the same data confuses the user * Removed the confusing header in the regression report * Show matches, then regressions, then unmatched runs in the regression report, also remove chatting unneeded output * Try harder to "pair" up matching configurations to reduce noise in the regressions report * Abstracted the "mapping" table concept used to pairing in the regression code to general code in resultutils * Created multiple mappings for results analysis, results storage and 'flattening' results data in a merge * Simplify the merge command to take a source and a destination, letting the destination be a directory or a file, removing the need for an output directory parameter * Add the 'IMAGE_PKGTYPE' and 'DISTRO' config options to the regression mappings * Have the store command place the testresults files in a layout from the mapping, making commits into the git repo for results storage more useful for simple comparison purposes * Set the oe-git-archive tag format appropriately for oeqa results storage (and simplify the commit messages closer to their defaults) * Fix oe-git-archive to use the commit/branch data from the results file * Cleaned up the command option help to match other changes * Follow the model of git branch/tag processing used by oe-build-perf-report and use that to read the data using git show to avoid branch change * Add ptest summary to the report command * Update the tests to match the above changes Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* resulttool: enable merge, store, report and regression analysisYeoh Ee Peng2019-03-252-0/+144
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | OEQA outputs test results into json files and these files were archived by Autobuilder during QA releases. Example: each oe-selftest run by Autobuilder for different host distro generate a testresults.json file. These scripts were developed as a test result tools to manage these testresults.json file. Using the "store" operation, user can store multiple testresults.json files as well as the pre-configured directories used to hold those files. Using the "merge" operation, user can merge multiple testresults.json files to a target file. Using the "report" operation, user can view the test result summary for all available testresults.json files inside a ordinary directory or a git repository. Using the "regression-file" operation, user can perform regression analysis on testresults.json files specified. Using the "regression-dir" and "regression-git" operations, user can perform regression analysis on directory and git accordingly. These resulttool operations expect the testresults.json file to use the json format below. { "<testresult_1>": { "configuration": { "<config_name_1>": "<config_value_1>", "<config_name_2>": "<config_value_2>", ... "<config_name_n>": "<config_value_n>", }, "result": { "<testcase_namespace_1>": { "status": "<PASSED or FAILED or ERROR or SKIPPED>", "log": "<failure or error logging>" }, "<testcase_namespace_2>": { "status": "<PASSED or FAILED or ERROR or SKIPPED>", "log": "<failure or error logging>" }, ... "<testcase_namespace_n>": { "status": "<PASSED or FAILED or ERROR or SKIPPED>", "log": "<failure or error logging>" }, } }, ... "<testresult_n>": { "configuration": { "<config_name_1>": "<config_value_1>", "<config_name_2>": "<config_value_2>", ... "<config_name_n>": "<config_value_n>", }, "result": { "<testcase_namespace_1>": { "status": "<PASSED or FAILED or ERROR or SKIPPED>", "log": "<failure or error logging>" }, "<testcase_namespace_2>": { "status": "<PASSED or FAILED or ERROR or SKIPPED>", "log": "<failure or error logging>" }, ... "<testcase_namespace_n>": { "status": "<PASSED or FAILED or ERROR or SKIPPED>", "log": "<failure or error logging>" }, } }, } To use these scripts, first source oe environment, then run the entry point script to look for help. $ resulttool To store test result from oeqa automated tests, execute the below $ resulttool store <source_dir> <git_branch> To merge multiple testresults.json files, execute the below $ resulttool merge <base_result_file> <target_result_file> To report test report, execute the below $ resulttool report <source_dir> To perform regression file analysis, execute the below $ resulttool regression-file <base_result_file> <target_result_file> To perform regression dir analysis, execute the below $ resulttool regression-dir <base_result_dir> <target_result_dir> To perform regression git analysis, execute the below $ resulttool regression-git <source_dir> <base_branch> <target_branch> [YOCTO# 13012] [YOCTO# 12654] Signed-off-by: Yeoh Ee Peng <ee.peng.yeoh@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* lttng-tools: update to 2.9.11Jonathan Rajotte-Julien2019-03-241-2/+2
| | | | | Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lttng-modules: update to 2.10.9Jonathan Rajotte-Julien2019-03-241-2/+2
| | | | | | | | | | | | Pertinent fix for OE-Core since 2.10.6: Fix: out of memory error handling Fix: access migrate_disable field directly Prevent allocation of buffers if exceeding available memory 2.10.9 also contains the necessary fix to support kernel up to 5.0. Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* lttng-ust: update to 2.10.3Jonathan Rajotte-Julien2019-03-241-2/+2
| | | | | Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* coreutils: 8.29: fix native buildStefan Müller-Klieser2019-03-243-0/+382
| | | | | | | | This fixes the native build on glibc 2.28 hosts, by backporting two gnulib patches from master. Signed-off-by: Stefan Müller-Klieser <s.mueller-klieser@phytec.de> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* busybox: backport fix for issues introduced by CVE-2011-5325.patchMartin Jansa2019-03-242-0/+394
| | | | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Reviewed-by: Tom Rini <trini@konsulko.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* logrotate.py: restore /etc/logrotate.d/wtmpMingli Yu2019-03-221-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During the test logrotate.LogrotateTest.test_1_logrotate_setup, there is below logic: # mkdir $HOME/logrotate_dir # sed -i "s#wtmp {#wtmp {\n olddir $HOME/logrotate_dir#" /etc/logrotate.d/wtmp After all logrotate.LogrotateTest finished, only cleanup $HOME/logrotate_dir as below, but don't restore the config file /etc/logrotate.d/wtmp. [snip] def tearDownClass(cls): cls.tc.target.run('rm -rf $HOME/logrotate_dir') [snip] That's to say, there is one additional line added to /etc/logrotate.d/wtmp and will make the logrotate service start failed when run systemd.SystemdBasicTests.test_systemd_failed Take an example as below when run test as root: # cat /etc/logrotate.d/wtmp # no packages own wtmp -- we'll rotate it here /var/log/wtmp { olddir /root/logrotate_dir missingok monthly create 0664 root utmp minsize 1M rotate 1 } # ls /root/logrotate_dir ls: cannot access '/root/logrotate_dir': No such file or directory # systemctl start logrotate Job for logrotate.service failed because the control process exited with error code. See "systemctl status logrotate.service" and "journalctl -xe" for details. # systemctl status logrotate logrotate.service - Rotate log files Loaded: loaded (/lib/systemd/system/logrotate.service; static; vendor preset> Active: failed (Result: exit-code) since Wed 2019-02-13 03:35:19 UTC; 7s ago Docs: man:logrotate(8) man:logrotate.conf(5) Process: 540 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=1/FAILURE) Main PID: 540 (code=exited, status=1/FAILURE) Feb 13 03:35:18 qemumips systemd[1]: Starting Rotate log files... Feb 13 03:35:19 qemumips logrotate[540]: error: wtmp:9 error verifying olddir path /root/logrotate_dir: No such file or directory Feb 13 03:35:19 qemumips logrotate[540]: error: found error in file wtmp, skipping Feb 13 03:35:19 qemumips systemd[1]: logrotate.service: Main process exited, code=exited, status=1/FAILURE Feb 13 03:35:19 qemumips systemd[1]: logrotate.service: Failed with result 'exit-code'. Feb 13 03:35:19 qemumips systemd[1]: Failed to start Rotate log files. Add the logic to restore /etc/logrotate.d/wtmp to make the cleanup complete to fix the above issue. (From OE-Core rev: a2db9320d97d12d87524ff16a329f9c38a8da33f) Signed-off-by: Mingli Yu <Mingli.Yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* systemd: fix CVE-2019-6454George McCollister2019-03-223-0/+273
| | | | | | | | | | | | Apply patches from systemd_237-3ubuntu10.13 to fix CVE-2019-6454. CVE-2019-6454 is an issue in which systemd (PID1) can be crashed with a specially formed D-Bus message. For information see: https://usn.ubuntu.com/3891-1/ https://git.launchpad.net/ubuntu/+source/systemd/commit/?h=applied/ubuntu/bionic-updates&id=d7584b894afcaa8a4a1abb69db2a9c81a6276e80 Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: fix CVE-2018-6954George McCollister2019-03-223-0/+2473
| | | | | | | | | | | | | | | | | | | | Apply patches to fix CVE-2018-6954 NVD description from https://nvd.nist.gov/vuln/detail/CVE-2018-6954 systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. This occurs even if the fs.protected_symlinks sysctl is turned on. Patches from systemd_237-3ubuntu10.13.debian. These patches shouldn't be required on newer OE releases since they use systemd v239 or higher. Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: Security fix CVE-2018-16866Marcus Cooper2019-03-222-0/+50
| | | | | | | | | | | Affects < v240 Signed-off-by: Marcus Cooper <marcusc@axis.com> >From v2 patch on openembedded-core@lists.openembedded.org Incresed file name number from 0026 to 0027. Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: Security fix CVE-2018-16865George McCollister2019-03-223-0/+141
| | | | | | | | | | | Affects < v240 Based on thud commit d5d2b821fc85b8cf39f683061ac2a45bddd2139f The second patch in the thud commit doesn't apply against 237. Use the version of the second patch CVE-2018-16865_2.patch from systemd_237-3ubuntu10.13.debian. Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: Security fix CVE-2018-16864George McCollister2019-03-222-0/+194
| | | | | | | | | | | Affects < v240 Based on thud commit 403e74b07b6f3c4a2444e68c74a8434fb17aee49 The patch in the thud commit doesn't compile against 237. Use the version of this patch, CVE-2018-16864.patch from systemd_237-3ubuntu10.13.debian. Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: fix CVE-2018-15688Chen Qi2019-03-222-0/+40
| | | | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-15688 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Cherry-picked from thud 13591d7224393dc0ae529a03cdf74aceb3540ce9 Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: fix CVE-2018-15687George McCollister2019-03-222-0/+253
| | | | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-15687 Based on thud commit eeb621aa19f690971caf862290a172a115578ba1 The patch in the thud commit doesn't compile against 237. Use the version of this patch, CVE-2018-15687.patch from systemd_237-3ubuntu10.13.debian. Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: fix CVE-2018-15686Chen Qi2019-03-222-0/+251
| | | | | | | | | | | | | Backport patch to fix the following CVE. CVE: CVE-2018-15686 Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Cherry-picked from thud 0ef70603bc983315eb0e8a97958d995a31198c35 Signed-off-by: George McCollister <george.mccollister@gmail.com>
* systemd: Fix typo in root home variable.ROGEZ Matthieu2019-03-221-1/+1
| | | | | | | | This regression has been introduced while upgrading to version 237 (commit 906230a73b3ccfa4afd2a19a6b0aa18cd1d5fa08) and seems to only affect sumo version. Signed-off-by: Matthieu Rogez <matthieu.rogez@fivesgroup.com>
* oeqa/runtime/dnf: Fix test error when static libs are enabledRichard Purdie2019-03-221-1/+1
| | | | | | | | | | | | The test works by excluding curl-dev which curl-staticdev depends upon. When static libraries aren't disabled, this leads to an odd looking test failure. Simply exclude curl-staticdev as well in case its enabled to make sure the test always works. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* run-postinsts: for dpkg/opkg, do not rely on /etc/*-postinstsStefan Agner2019-03-222-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Start opkg/dpkg as soon as the respective package managers status file is present, no matter whether /etc/$pm-postinsts exists. This decouples the implicit link between postinsts scripts in /etc and the package manager: Currently the package manager is only started if those scripts are present, although the package manager does not use those scripts at all! Package managers install their own set of postinst scripts. The behavior when using rpm packages stays the same. Note that using the package managers capability to execute postinst scripts is preferred for good reasons: It makes sure that the package managers database reflects that the packages have been completely installed and configured. This change allows to drop installation of the postinsts scripts when package management is present. This will be done in a separate change. Note: Before commit 5aae19959a44 ("rootfs.py: Change logic to unistall packages") rootfs.py did not install /etc/$pm-postinsts when package management is installed! The change caused YOCTO #8235 which lead to the behavior change of run-postinsts in first place. Signed-off-by: Stefan Agner <stefan.agner@toradex.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* package_rpm/archiver: Apply bandaid to src.rpm creationRichard Purdie2019-02-251-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | error: create archive failed on file /media/build1/poky/build/tmp/work/all-poky-linux/xcursor-transparent-theme/0.1.1+gitAUTOINC+23c8af5ba4-r0/deploy-sources/allarch-poky-linux/xcursor-transparent-theme-0.1.1+gitAUTOINC+23c8af5ba4-r0/xcursor-transparent-theme-0.1.1+git0+23c8af5ba4-r0.src.rpm: cpio: read failed - No such file or directory | Building target platforms: noarch-poky-linux | Building for target noarch-poky-linux This is caused by: $ cat log.task_order do_cleansstate (24289): log.do_cleansstate.24289 do_deploy_archives_setscene (24395): log.do_deploy_archives_setscene.24395 do_fetch (24407): log.do_fetch.24407 [..] do_package_write_rpm (25448): log.do_package_write_rpm.25448 do_package_qa (25451): log.do_package_qa.25451 So do_deploy_archives can run from sstate, created a .src.rpm in WORKDIR/deploy-sources, then it was removed when rpm was running. This leads to a broken Source line in the spec file as the original file was found by the os.listdir(). This fix is just a bandaid over much more fundamental problems sadly. (From OE-Core rev: a10020ace4c3cd863c782760f7cbecea557ec6e7) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* archiver/package_rpm: Fix the worst src.rpm generation raceRichard Purdie2019-02-252-1/+7
| | | | | | | | | | | | | | | | | The package_rpm code is writing outside the task's sstate directory into the sstate of do_deploy_archives. This is "out of spec" since if the task is installed from sstate, the files are not restored. This means the files may appear/disappear, things are not deterministic and there are races. Extend the do_package_write_rpm code to handle writing the src.rpm into place to avoid these issues. There are other problems but this avoids races around this file. (From OE-Core rev: c6e151ba7fe0f14044537cf0ab2cac436f1496e3) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtool-cross: Handle ccache sstate 'infection' issuesRichard Purdie2019-02-251-0/+8
| | | | | | | | | | | | | | | | | | | | | | | On a system without ccache, f you: INHERIT += "ccache" bitbake libtool-cross <remove INHERIT> bitbake apmd then it fails due to being unable to find ccache. The references to ccache are coded into libtool-cross but the sstate checksum doesn't reflect this due to the way the class is coded (output should be the same regardless). The simplest solution is to remove references to ccache from the libtool script. The output then works regardless of whether ccache is present or not. The libtool-cross script is only used in a handful of cases (most of the time its dynamically generated by autoconf) so any performance issue is minor. (From OE-Core rev: ed550a49d2114c56e5bc033ecd0e83073d2d4067) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtool: Fix patch status tagRichard Purdie2019-02-251-1/+1
| | | | | | | (From OE-Core rev: 28fc470e5e10ee9cce893d037ed5e518bc5612f5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* libtool: Fix problem with libtoolize in multilib installationsRichard Purdie2019-02-252-0/+25
| | | | | | | | | | | | | | | Without this patch /usr/bin/libtoolize is different for each multilib since their host-triplets are different, despite there being no difference in the functionality of libtoolize itself. This change just patches out the problematic line since its just a comment for the user in help text. Ugly but solves the problem. This fixes issues where libtool and libXX-libtool couldn't be installed into the same system. (From OE-Core rev: f70040fd3ca3508d33ed24c749c0b8095b020dab) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* multilib_script: Add support for multilib scriptsRichard Purdie2019-02-252-0/+36
| | | | | | | | | | | | | | | | | | | | | | | Whilst the package managers handle multilib ELF binaries well, they don't handle scripts in the *bindir directories well. This adds support for marking these up so that they can be handled using update-alternatives. Its done this way so that non-multilib systems don't see any changes and there is standardisation amongst the multilibs on how the alternatives are named and prioritiesd. The priotitisation code needs to be added but this change means there is somewhere to add it. Recipe needs to set MULTILIB_SCRIPTS in the form <pkgname>:<scriptname>, e.g. MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/file1 ${PN}:${base_bindir}/file2" to indicate which script files to process from which packages. libtool is used a as a reference to stop the libtool scripts conflicting in a multilib case and allows the kernel-devsrc change to be merged. (From OE-Core rev: 18e837433d07cfdce4019c13f682c6676425a2ad) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>
* image_types: use cpio-native to build cpio imagesRoss Burton2019-02-251-0/+1
| | | | | | | | | | | | | | | | | | | | | | As per the previous commit, upstream cpio has a bug which means it crashes on append. If the image being built has already had testimage ran then cpio-native will be in the sysroot. It's also possible that some distributions are shipping this broken CVE patch too. Now that our cpio-native is fixed, until we can be sure that the host cpio isn't broken depend on cpio-native if building a cpio image. [ YOCTO #13042 ] (From OE-Core rev: c3b9aedcbe538d7fa74bd814644b4899769dec46) (From OE-Core rev: a75eba71145efa1c3d206c5e5c00608a50f013bc) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com>