| Age | Commit message (Collapse) | Author |
|---|
|
If a task hash gets changed by the hash equivalence server but had
dependencies previously covered by setsecene tasks, those dependencies
need to be uncovered in case the task has to be actually run.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Batch all updates to scenequeue data together in a single invocation
instead of checking each task serially. This allows the checks for
sstate object to happen in parallel, and also makes sure the log
statement only happens once (per set of rehashes).
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
|
|
|
|
|
|
The local hash equivalence server used by bitbake requires python 3.5,
so bump up the minimum required version.
[YOCTO #13678]
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Configures the options passed to nasm to remove build paths in the
generated object files.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Adds an option to nasm to change the prefix for file paths encoded in
the object files. This allows builds to be reproducible regardless of
the build directory.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Do not strip packages when testing reproducible builds. In some cases,
stripped data differs between builds, but then gets removed. However,
the contents affect the generation of the GCC build-id, which then
differs in the resulting ELF files, even though the data that caused
this is no longer there. Inhibit stripping so that their causes can be
evaluated.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
|
|
Fixes the way that subTest results are reported so that each subTest is
reported independently, with it's own status. The base test case is also
reported, but only if it actually had a status.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
A typo was preventing the extra data about the reproducible build from
being reported in the test results
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Adds core-image-sato and core-image-full-cmdline to the list of images
that the reproducible build test builds.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
This reverts commit 73cccc81a6ec00005395981822f4797237b0dfbb.
|
|
Rebuilds target recipes from do_configure to test that partial recipe
rebuilds are also reproducible.
|
|
|
|
Adds a flag to control if the reproducible QA test should allow building
from sstate or not. Building from sstate may not be reproducible
depending on how the sstate is populated.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Refreshes the patch to fix up the printf-like formatting to also fix up
the strings when building idmapd. The patch is also submitted upstream.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Makes diffoscope show decoded debug ELF data
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
When using resulttool to display logs, it can be useful to filter out
specific tests from the combined test results. This adds a '--run'
options which accepts a Python-like slice notation to select a subset of
tests based on their starting timestamp. For example:
'--run 0' Select the most recent test
'--run -1' Select the oldest test
'--run 0:3' Select the three most recent tests
'--run 0:4:2' Select the most recent and second most recent tests
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Prefer writing the banner to /dev/console instead of /dev/tty0. In many
cases, /dev/console is an alias for /dev/tty0, but sometimes it is not
(if for example the default console is changed on the kernel command
line). Writing the banner to /dev/tty0 can have some undesirable side
effects if /dev/console has been redirected, such as writing on top of a
kernel splash screen being displayed as a boot logo.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
The diffoscope tool was devlop by debian folks to make build
comparisions to provide a tool for test reproducible builds.
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
The python-magic module is used by diffoscope tool to make
build comparisions.
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
The libarchive python module is used by diffoscope tool to
make build comparisions.
Signed-off-by: Aníbal Limón <anibal.limon@linux.intel.com>
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
Some commands like to look for libraries at runtime manually (e.g.
Python's ctype.utils.find_library() function). For this to work
properly, the libraries in the native sysroot must be findable. To
accomplish this, set LD_LIBRARY_PATH to search library paths in the
native sysroot.
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
|
|
(From OE-Core rev: cb5e746a2398d70b14a14ada7cef82bfd5e80d0e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This avoids a directory not present error.
Fix a comment typo whilst here.
(From OE-Core rev: 1360d8d7d99b70a80c8cdbc1fc6d9e6752483139)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: bf6ee2b39e2294f7f3719f7d373af9e0ec2979e9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The previous patches meant the mkdir might no longer match the final target
directory. Fix this.
(From OE-Core rev: 0af4dae84099e8632a9ea6a4afdbea2f232bb170)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 76e84ce1815ff273647657eeafb5149d6016730b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
STATE_PKG may have been changed by sstate_report_unihash so don't
cache the variable's value.
(From OE-Core rev: be29a25400c4ea285ab3f588c5831f00ba5d4f63)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 093a1971f2ae12e1f514598da984f268607e550b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This reverts commit dad8cd50bcc4203a65d153dc2445502c1e728975.
It is causing performance problems in ptest, taking hours (~18) to parse the ptest runner logs.
Log output increased from ~4MB to ~65MB. Revert until we can deal with the performance issue.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 42719edc86ac2013280a34f1c58ca83726cec04a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Its rather antisocial to overwrite SSTATE_PKG with an expanded form for the variable
and it stops the value of BB_UNIHASH being changed when the package is written out.
Instead of expanding the variable, append to it instead to avoid this rather
hard to figure out behaviour and allow the siggen code to behave as expected.
(From OE-Core rev: 62eca02024b4c44d618ab9bcf87a3166c886dadb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: 85b7a3d5ec553ef71fa6060b99afbdccdc87dd37)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Its possible the new unihash may not exist in sstate. Currently the code
would create an sstate object with the old hash however this updates it to
create the object with the new unihash.
(Bitbake rev: abcaa1398031fa5338a43859c661e6d4a9ce863d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: efc1945a95897539a491f9e833ba07e653fdb1d4)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Switch to recently released version 1.1 of NVD CVE JSON feed, as in
https://nvd.nist.gov/General/News/JSON-1-1-Vulnerability-Feed-Release
it is mentioned that
Due to changes required to support CVSS v3.1 scoring, the JSON
vulnerability feeds must be modified. This will require the consumers
of this data to update their internal processes. We will be providing
the JSON 1.1 schema on the data feeds page and the information below
to prepare for this transition.
...
The JSON 1.1 data feeds will be available on September 9th, 2019. At
that time the current JSON 1.0 data feeds will no longer available.
This change was tested briefly by issuing 'bitbake core-image-minimal'
with 'cve-check.bbclass' inherited via local.conf, and then comparing
the content between the resulting two
'DEPLOY_DIR_IMAGE/core-image-minimal-qemux86.cve' files, which did not
seem to contain any other change, except total of 167 entries like
CVSS v3 BASE SCORE: 0.0
were replaced with similar 'CVSS v3 BASE SCORE:' entries which had
scores that were greater than '0.0' (up to '9.8').
(From OE-Core rev: cc20e4d8ff2f3aa52a2658404af9a0ff358cc323)
Signed-off-by: Niko Mauno <niko.mauno@iki.fi>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* Updates to poky.ent
* Updates to mega-manual.sed
* Updates to all <manual>.xml files for date
(From yocto-docs rev: 5f752ef0193cb60cd5d46a63e99ffcd02107e0c2)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From yocto-docs rev: d22e9762cc26b5f5454b446022ee308ffe90e1ef)
Signed-off-by: Scott Rifenbark <srifenbark@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
(From OE-Core rev: b45c967a8324c10642f2ef445f4c8c1a82947e1f)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop 0001-Unset-need_charset_alias-when-building-for-musl.patch
as the problematic code is gone.
Rebase the other patches.
License-Update: http links changed to https
(From OE-Core rev: b234a4ed4d6a9c2e00f5fa38cf04867c7ada24a0)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The Makefile used for flex-ptest can pick up the path to the uninative
loader through BUILD_LDFLAGS. This includes the full path to the
uninative loader, which is not reproducible. Replace it with /bin/false.
It doesn't appear as if these native programs are used in the test
suites and if there are likely to be other problems related to building
them using the BUILD_* flags.
(From OE-Core rev: 3cce2d1c36b0859186139d650fd50d2a56e91abd)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
For ptest only RDEPENDS is needed, and packaging glibc-locale
slowed down builds with ptest disabled.
(From OE-Core rev: 53f61ca73e69508bff6ea75da666d6873b5384f5)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This should help debug which part of this selftest is failing.
We can not tell which outloop is failing so split the tests into
systemd and sysvinit.
[YOCTO #13650]
(From OE-Core rev: 5f49ac73ca38ae711e093b35ae0feb5a0674198a)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Drop CVE patches which are already available on binutils-2_33-branch
Forward port rest of the patches
(From OE-Core rev: 7bcfce05045fb7e10456aa1f5301e70c178f20d7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch also helps to build with EXTERNALSRC.
(From OE-Core rev: e63dc57f0950dbfc594efe8570333a16baadf51a)
Signed-off-by: Daisuke Yamane <yamane07ynct@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Version 9.50 incorporates previously-backported fixes for
CVE-2019-14811 and CVE-2019-14817.
CVE: CVE-2019-14811
CVE: CVE-2019-14817
(From OE-Core rev: 8c626421840da9441be03587a57e9cf1ebd3d6f0)
Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Joshua Watt
Ross Burton
Nathan Rossi
Aníbal Limón
Richard Purdie
Niko Mauno
Scott Rifenbark
Alexander Kanavin
Adrian Bunk
Armin Kuster
Khem Raj
Daisuke Yamane
Trevor Gamblin