On 6/22/23 10:54 AM, Martin Jansa wrote:
I've checked the master-next now and somehow I've missed some of the
Upstream-Status issues earlier, so I've sent 4 more changes based on
master-next.
Thanks for help cleaning these up. Much appreciated.
BR,
Armin
Cheers,
On Wed, Jun 21, 2023 at 3:49 PM Martin Jansa via
lists.yoctoproject.org <http://lists.yoctoproject.org>
<[email protected]> wrote:
On Wed, Jun 21, 2023 at 3:42 PM akuster808 <[email protected]>
wrote:
Hello Martin,
Hello Armin,
On 6/21/23 6:42 AM, Martin Jansa wrote:
> There is new patch-status QA check in oe-core:
>
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a
>
> This is temporary work around just to hide _many_ warnings from
> optional patch-status (if you add it to WARN_QA).
>
> This just added
> Upstream-Status: Pending
> everywhere without actually investigating what's the proper
status.
>
> This is just to hide current QA warnings and to catch new
.patch files being
> added without Upstream-Status, but the number of Pending
patches is now terrible:
>
> 0 (0%) meta-parsec
> N/A (0%) meta-hardening
> 1 (100%) meta-integrity
> 15 (68%) meta-tpm
> 27 (61%) meta-security
>
> Signed-off-by: Martin Jansa <[email protected]>
> ---
>
...Do-not-get-generation-using-ioctl-when-evm_portable-.patch
| 4 ++++
> .../0001-create-tpm-key-support-well-known-key-option.patch
| 2 ++
> .../files/0002-libtpm-support-env-TPM_SRK_PW.patch | 2 ++
>
...tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
| 2 ++
>
...tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
| 2 ++
> .../recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
| 2 ++
Those appear to be fine.
> .../openscap/files/0002-openembedded-add-Poky-distro.patch
| 2 ++
The openscap patches are being dropped as they got accepted
upstream. I
sent a patch last night to reflect that.
I can drop this change.
> recipes-perl/perl/files/libwhisker2.patch | 2 ++
> recipes-scanners/clamav/files/test.patch | 2 ++
the "test.patch" isn't used anywhere so I can remove it later.
> .../ecryptfs-utils/files/define_musl_sword_type.patch
| 2 ++
This one is missing other standard patch information. Looks
like a bit
more cleanup is in order on my part.
> recipes-security/isic/files/configure_fix.patch
| 2 ++
This patch contains "Inappropriate" to the Upstream-Status should
Inappropriate [reason] not pending.
> recipes-security/isic/files/isic-0.07-make.patch
| 2 ++
This patch contains "Backport" so the Upstream-Status should
be Backport
not pending.
> recipes-security/isic/files/isic-0.07-netinet.patch
| 2 ++
This patch contains "Backport" so the Upstream-Status should
be Backport
not pending.
I can take those last six as-is and send a follow up tweaking
as needed
or you can send a V2. Your call.
I use only very small portion of meta-security (just selinux
recipe), so if you can do the fix-up yourself my CI&I will be
grateful.
Regards,
thanks,
Armin
> 13 files changed, 28 insertions(+)
>
> diff --git
a/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
b/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
> index 3624576..f0d8975 100644
> ---
a/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
> +++
b/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
> @@ -13,6 +13,8 @@ ioctl is not supported by the filesystem.
>
> Signed-off-by: Stefan Berger <[email protected]>
> ---
> +Upstream-Status: Pending
> +
> src/evmctl.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> @@ -30,6 +32,8 @@ index 6d2bb67..c35a28c 100644
> int fd = open(file, 0);
>
> ---
> +Upstream-Status: Pending
> +
> 2.39.2
>
>
> diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
> index bed8b92..e6068af 100644
> ---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
> +++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> commit 16dac0cb7b73b8a7088300e45b98ac20819b03ed
> Author: Junxian.Xiao <[email protected]>
> Date: Wed Jun 19 18:57:13 2013 +0800
> diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
> index 2caaaf0..74def4f 100644
> ---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
> +++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> commit 16dac0cb7b73b8a7088300e45b98ac20819b03ed
> Author: Junxian.Xiao <[email protected]>
> Date: Wed Jun 19 18:57:13 2013 +0800
> diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
> index cc8772d..732961d 100644
> ---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
> +++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
> @@ -17,6 +17,8 @@ export TPM_SRK_ENC_PW=xxxxxxxx
>
> Signed-off-by: Meng Li <[email protected]>
> ---
> +Upstream-Status: Pending
> +
> e_tpm.c | 157
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
> e_tpm.h | 4 ++
> e_tpm_err.c | 4 ++
> diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
> index 535472a..3cbfc3c 100644
> ---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
> +++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
> @@ -12,6 +12,8 @@ wrong case.
>
> Signed-off-by: Meng Li <[email protected]>
> ---
> +Upstream-Status: Pending
> +
> create_tpm_key.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git
a/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
b/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
> index 40150af..d427d67 100644
> ---
a/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
> +++
b/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> Index: git/include/tpm_tspi.h
>
===================================================================
> --- git.orig/include/tpm_tspi.h
> diff --git
a/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
b/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
> index 182d9ec..767b473 100644
> ---
a/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
> +++
b/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
> @@ -5,6 +5,8 @@ Subject: [PATCH 2/2] openembedded: add Poky
distro
>
> Signed-off-by: Armin Kuster <[email protected]>
> ---
> +Upstream-Status: Pending
> +
> cpe/openscap-cpe-dict.xml | 4 ++++
> cpe/openscap-cpe-oval.xml | 14 ++++++++++++++
> src/OVAL/probes/unix/runlevel_probe.c | 8 +++++++-
> diff --git a/recipes-perl/perl/files/libwhisker2.patch
b/recipes-perl/perl/files/libwhisker2.patch
> index c066366..4ea1ee5 100644
> --- a/recipes-perl/perl/files/libwhisker2.patch
> +++ b/recipes-perl/perl/files/libwhisker2.patch
> @@ -7,6 +7,8 @@ Subject: [PATCH] Mandir and perl install dir
were overwritten with faulty
>
> Signed-off-by: Andrei Dinu <[email protected]>
> ---
> +Upstream-Status: Pending
> +
> Makefile.pl | 12 +++++++-----
> 1 file changed, 7 insertions(+), 5 deletions(-)
>
> diff --git a/recipes-scanners/clamav/files/test.patch
b/recipes-scanners/clamav/files/test.patch
> index a22b45d..8d94863 100644
> --- a/recipes-scanners/clamav/files/test.patch
> +++ b/recipes-scanners/clamav/files/test.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> Index: clamav-0.103.0/Makefile.am
>
===================================================================
> --- clamav-0.103.0.orig/Makefile.am
> diff --git
a/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
b/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
> index 3b29be0..01b7dd8 100644
> ---
a/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
> +++
b/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> Index: ecryptfs-utils-111/src/utils/mount.ecryptfs_private.c
>
===================================================================
> --- ecryptfs-utils-111.orig/src/utils/mount.ecryptfs_private.c
> diff --git a/recipes-security/isic/files/configure_fix.patch
b/recipes-security/isic/files/configure_fix.patch
> index fc2a774..801fe0c 100644
> --- a/recipes-security/isic/files/configure_fix.patch
> +++ b/recipes-security/isic/files/configure_fix.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> isic: add with-libnet remove libnet test
>
> Inappropriate - builds fine on non-oe systems. We need to
exlude
> diff --git
a/recipes-security/isic/files/isic-0.07-make.patch
b/recipes-security/isic/files/isic-0.07-make.patch
> index 9cffa8a..838c873 100644
> --- a/recipes-security/isic/files/isic-0.07-make.patch
> +++ b/recipes-security/isic/files/isic-0.07-make.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> isic: Fixup makefile to support destination
>
> Backport:
> diff --git
a/recipes-security/isic/files/isic-0.07-netinet.patch
b/recipes-security/isic/files/isic-0.07-netinet.patch
> index c4ea74e..4b03880 100644
> --- a/recipes-security/isic/files/isic-0.07-netinet.patch
> +++ b/recipes-security/isic/files/isic-0.07-netinet.patch
> @@ -1,3 +1,5 @@
> +Upstream-Status: Pending
> +
> isic: add missing header file
>
> Backport:
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60412): https://lists.yoctoproject.org/g/yocto/message/60412
Mute This Topic: https://lists.yoctoproject.org/mt/99673661/21656
Group Owner: [email protected]
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
