| Message ID | 20240210135259.563083-1-simone.p.weiss@posteo.com |
|---|---|
| State | Accepted, archived |
| Commit | dc6ebbbb94b162d8aa68e46d5a166606ace5e39c |
| Headers | show |
| Series | patchtest: Add selftest for test cve_check_ignore | expand |
Hi Simone, Is there a special reason, why you're adding already removed feature https://lists.openembedded.org/g/openembedded-core/message/189917 ? Regards, Andrej On 10.02.2024 14:52, Simone Weiß wrote: > From: Simone Weiß <simone.p.weiss@posteo.com> > > Add a selftest for the recently introduced check for CVE_CHECK_IGNORE. > > Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > --- > .../TestMetadata.test_cve_check_ignore.fail | 30 ++++++++++++++++++ > .../TestMetadata.test_cve_check_ignore.pass | 31 +++++++++++++++++++ > 2 files changed, 61 insertions(+) > create mode 100644 meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail > create mode 100644 meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass > > diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail > new file mode 100644 > index 0000000000..3574463ade > --- /dev/null > +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail > @@ -0,0 +1,30 @@ > +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 2001 > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > +Date: Sat, 10 Feb 2024 13:18:44 +0100 > +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > + > +This should fail the test_cve_tag_format selftest. > + > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > +--- > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 ++- > + 1 file changed, 2 insertions(+), 1 deletion(-) > + > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +index 547587bef4..3ef9b87c34 100644 > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +@@ -16,4 +16,5 @@ do_install() { > + install -m 0755 helloworld ${D}${bindir} > + } > + > +-BBCLASSEXTEND = "native nativesdk" > +\ No newline at end of file > ++CVE_CHECK_IGNORE = "CVE-2024-12345" > ++BBCLASSEXTEND = "native nativesdk" > +-- > +2.39.2 > + > diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass > new file mode 100644 > index 0000000000..10f942a6eb > --- /dev/null > +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass > @@ -0,0 +1,31 @@ > +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 2001 > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > +Date: Sat, 10 Feb 2024 13:23:56 +0100 > +Subject: [PATCH] selftest-hello: add CVE_STATUS > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > + > +This should pass the test_cve_tag_format selftest. > + > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > +--- > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 +++- > + 1 file changed, 3 insertions(+), 1 deletion(-) > + > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +index 547587bef4..9908b3b417 100644 > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +@@ -16,4 +16,6 @@ do_install() { > + install -m 0755 helloworld ${D}${bindir} > + } > + > +-BBCLASSEXTEND = "native nativesdk" > +\ No newline at end of file > ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only applies on Windows" > ++ > ++BBCLASSEXTEND = "native nativesdk" > +-- > +2.39.2 > + > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#195273): https://lists.openembedded.org/g/openembedded-core/message/195273 > Mute This Topic: https://lists.openembedded.org/mt/104277396/3619876 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [andrej.v@skyrain.eu] > -=-=-=-=-=-=-=-=-=-=-=- >
On Sun, 2024-02-11 at 12:45 +0100, Andrej Valek wrote: > Hi Simone, > > Is there a special reason, why you're adding already removed feature > https://lists.openembedded.org/g/openembedded-core/message/189917 ? > > Regards, > Andrej > Hi Andrej, I am not adding an already removed feature here:) - This is a selftest, so it is used to test patchtest itself and not patches with patchtest. - The test from patchtest tested is also not test_cve_presence_in_commit_message, which deals with the commit message of a patch, but one dealing with the use of CVE_STATUS in the meta data of a recipe test_cve_check_ignore. Cheers, Simone > On 10.02.2024 14:52, Simone Weiß wrote: > > From: Simone Weiß <simone.p.weiss@posteo.com> > > > > Add a selftest for the recently introduced check for CVE_CHECK_IGNORE. > > > > Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > --- > > .../TestMetadata.test_cve_check_ignore.fail | 30 > > ++++++++++++++++++ > > .../TestMetadata.test_cve_check_ignore.pass | 31 > > +++++++++++++++++++ > > 2 files changed, 61 insertions(+) > > create mode 100644 > > meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.f > > ail > > create mode 100644 > > meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.p > > ass > > > > diff --git > > a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .fail > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .fail > > new file mode 100644 > > index 0000000000..3574463ade > > --- /dev/null > > +++ > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .fail > > @@ -0,0 +1,30 @@ > > +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 > > 2001 > > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > > +Date: Sat, 10 Feb 2024 13:18:44 +0100 > > +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE > > +MIME-Version: 1.0 > > +Content-Type: text/plain; charset=UTF-8 > > +Content-Transfer-Encoding: 8bit > > + > > +This should fail the test_cve_tag_format selftest. > > + > > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > +--- > > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 > > ++- > > + 1 file changed, 2 insertions(+), 1 deletion(-) > > + > > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb > > +index 547587bef4..3ef9b87c34 100644 > > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > +@@ -16,4 +16,5 @@ do_install() { > > + install -m 0755 helloworld ${D}${bindir} > > + } > > + > > +-BBCLASSEXTEND = "native nativesdk" > > +\ No newline at end of file > > ++CVE_CHECK_IGNORE = "CVE-2024-12345" > > ++BBCLASSEXTEND = "native nativesdk" > > +-- > > +2.39.2 > > + > > diff --git > > a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .pass > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .pass > > new file mode 100644 > > index 0000000000..10f942a6eb > > --- /dev/null > > +++ > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .pass > > @@ -0,0 +1,31 @@ > > +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 > > 2001 > > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > > +Date: Sat, 10 Feb 2024 13:23:56 +0100 > > +Subject: [PATCH] selftest-hello: add CVE_STATUS > > +MIME-Version: 1.0 > > +Content-Type: text/plain; charset=UTF-8 > > +Content-Transfer-Encoding: 8bit > > + > > +This should pass the test_cve_tag_format selftest. > > + > > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > +--- > > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 > > +++- > > + 1 file changed, 3 insertions(+), 1 deletion(-) > > + > > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb > > +index 547587bef4..9908b3b417 100644 > > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > +@@ -16,4 +16,6 @@ do_install() { > > + install -m 0755 helloworld ${D}${bindir} > > + } > > + > > +-BBCLASSEXTEND = "native nativesdk" > > +\ No newline at end of file > > ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only > > applies on Windows" > > ++ > > ++BBCLASSEXTEND = "native nativesdk" > > +-- > > +2.39.2 > > + > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#195273): > > https://lists.openembedded.org/g/openembedded-core/message/195273 > > Mute This Topic: https://lists.openembedded.org/mt/104277396/3619876 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: > > https://lists.openembedded.org/g/openembedded-core/unsub [ > > andrej.v@skyrain.eu] > > -=-=-=-=-=-=-=-=-=-=-=- > > >
Hi Simone, OK, looks fine, but... what is the difference between https://github.com/openembedded/openembedded-core/blob/master/meta/lib/oeqa/selftest/cases/cve_check.py#L224 ? I added a small test there, while we were adding this feature. Does it mean, that is not sufficient? Regards, Andrej On 11.02.2024 13:33, Simone Weiß wrote: > On Sun, 2024-02-11 at 12:45 +0100, Andrej Valek wrote: >> Hi Simone, >> >> Is there a special reason, why you're adding already removed feature >> https://lists.openembedded.org/g/openembedded-core/message/189917 ? >> >> Regards, >> Andrej >> > Hi Andrej, > > I am not adding an already removed feature here:) > > - This is a selftest, so it is used to test patchtest itself and not > patches with patchtest. > - The test from patchtest tested is also not > test_cve_presence_in_commit_message, which deals with the commit message > of a patch, but one dealing with the use of CVE_STATUS in the meta data of > a recipe test_cve_check_ignore. > > Cheers, > Simone >> On 10.02.2024 14:52, Simone Weiß wrote: >>> From: Simone Weiß <simone.p.weiss@posteo.com> >>> >>> Add a selftest for the recently introduced check for CVE_CHECK_IGNORE. >>> >>> Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> >>> --- >>> .../TestMetadata.test_cve_check_ignore.fail | 30 >>> ++++++++++++++++++ >>> .../TestMetadata.test_cve_check_ignore.pass | 31 >>> +++++++++++++++++++ >>> 2 files changed, 61 insertions(+) >>> create mode 100644 >>> meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.f >>> ail >>> create mode 100644 >>> meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.p >>> ass >>> >>> diff --git >>> a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .fail >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .fail >>> new file mode 100644 >>> index 0000000000..3574463ade >>> --- /dev/null >>> +++ >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .fail >>> @@ -0,0 +1,30 @@ >>> +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 >>> 2001 >>> +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> >>> +Date: Sat, 10 Feb 2024 13:18:44 +0100 >>> +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE >>> +MIME-Version: 1.0 >>> +Content-Type: text/plain; charset=UTF-8 >>> +Content-Transfer-Encoding: 8bit >>> + >>> +This should fail the test_cve_tag_format selftest. >>> + >>> +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> >>> +--- >>> + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 >>> ++- >>> + 1 file changed, 2 insertions(+), 1 deletion(-) >>> + >>> +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb >>> +index 547587bef4..3ef9b87c34 100644 >>> +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> +@@ -16,4 +16,5 @@ do_install() { >>> + install -m 0755 helloworld ${D}${bindir} >>> + } >>> + >>> +-BBCLASSEXTEND = "native nativesdk" >>> +\ No newline at end of file >>> ++CVE_CHECK_IGNORE = "CVE-2024-12345" >>> ++BBCLASSEXTEND = "native nativesdk" >>> +-- >>> +2.39.2 >>> + >>> diff --git >>> a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .pass >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .pass >>> new file mode 100644 >>> index 0000000000..10f942a6eb >>> --- /dev/null >>> +++ >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .pass >>> @@ -0,0 +1,31 @@ >>> +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 >>> 2001 >>> +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> >>> +Date: Sat, 10 Feb 2024 13:23:56 +0100 >>> +Subject: [PATCH] selftest-hello: add CVE_STATUS >>> +MIME-Version: 1.0 >>> +Content-Type: text/plain; charset=UTF-8 >>> +Content-Transfer-Encoding: 8bit >>> + >>> +This should pass the test_cve_tag_format selftest. >>> + >>> +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> >>> +--- >>> + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 >>> +++- >>> + 1 file changed, 3 insertions(+), 1 deletion(-) >>> + >>> +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb >>> +index 547587bef4..9908b3b417 100644 >>> +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> +@@ -16,4 +16,6 @@ do_install() { >>> + install -m 0755 helloworld ${D}${bindir} >>> + } >>> + >>> +-BBCLASSEXTEND = "native nativesdk" >>> +\ No newline at end of file >>> ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only >>> applies on Windows" >>> ++ >>> ++BBCLASSEXTEND = "native nativesdk" >>> +-- >>> +2.39.2 >>> + >>> >>> -=-=-=-=-=-=-=-=-=-=-=- >>> Links: You receive all messages sent to this group. >>> View/Reply Online (#195273): >>> https://lists.openembedded.org/g/openembedded-core/message/195273 >>> Mute This Topic: https://lists.openembedded.org/mt/104277396/3619876 >>> Group Owner: openembedded-core+owner@lists.openembedded.org >>> Unsubscribe: >>> https://lists.openembedded.org/g/openembedded-core/unsub [ >>> andrej.v@skyrain.eu] >>> -=-=-=-=-=-=-=-=-=-=-=- >>>
On Mon, 2024-02-12 at 07:43 +0100, Andrej Valek wrote: > Hi Simone, > > OK, looks fine, but... what is the difference between > https://github.com/openembedded/openembedded-core/blob/master/meta/lib/oeqa/selftest/cases/cve_check.py#L224 > > ? I added a small test there, while we were adding this feature. Does it > mean, that is not sufficient? > > Regards, > Andrej Hi Andrej, It is just a very different thing. This tests checks if patches use CVE_STATUS correctly when handing in patches. Cheers Simone > > On 11.02.2024 13:33, Simone Weiß wrote: > > On Sun, 2024-02-11 at 12:45 +0100, Andrej Valek wrote: > > > Hi Simone, > > > > > > Is there a special reason, why you're adding already removed feature > > > https://lists.openembedded.org/g/openembedded-core/message/189917 ? > > > > > > Regards, > > > Andrej > > > > > Hi Andrej, > > > > I am not adding an already removed feature here:) > > > > - This is a selftest, so it is used to test patchtest itself and not > > patches with patchtest. > > - The test from patchtest tested is also not > > test_cve_presence_in_commit_message, which deals with the commit > > message > > of a patch, but one dealing with the use of CVE_STATUS in the meta > > data of > > a recipe test_cve_check_ignore. > > > > Cheers, > > Simone > > > On 10.02.2024 14:52, Simone Weiß wrote: > > > > From: Simone Weiß <simone.p.weiss@posteo.com> > > > > > > > > Add a selftest for the recently introduced check for > > > > CVE_CHECK_IGNORE. > > > > > > > > Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > > > --- > > > > .../TestMetadata.test_cve_check_ignore.fail | 30 > > > > ++++++++++++++++++ > > > > .../TestMetadata.test_cve_check_ignore.pass | 31 > > > > +++++++++++++++++++ > > > > 2 files changed, 61 insertions(+) > > > > create mode 100644 > > > > meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_igno > > > > re.f > > > > ail > > > > create mode 100644 > > > > meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_igno > > > > re.p > > > > ass > > > > > > > > diff --git > > > > a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ig > > > > nore > > > > .fail > > > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ig > > > > nore > > > > .fail > > > > new file mode 100644 > > > > index 0000000000..3574463ade > > > > --- /dev/null > > > > +++ > > > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ig > > > > nore > > > > .fail > > > > @@ -0,0 +1,30 @@ > > > > +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 > > > > 2001 > > > > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > > > > +Date: Sat, 10 Feb 2024 13:18:44 +0100 > > > > +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE > > > > +MIME-Version: 1.0 > > > > +Content-Type: text/plain; charset=UTF-8 > > > > +Content-Transfer-Encoding: 8bit > > > > + > > > > +This should fail the test_cve_tag_format selftest. > > > > + > > > > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > > > +--- > > > > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | > > > > 3 > > > > ++- > > > > + 1 file changed, 2 insertions(+), 1 deletion(-) > > > > + > > > > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb > > > > +index 547587bef4..3ef9b87c34 100644 > > > > +--- a/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb > > > > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb > > > > +@@ -16,4 +16,5 @@ do_install() { > > > > + install -m 0755 helloworld ${D}${bindir} > > > > + } > > > > + > > > > +-BBCLASSEXTEND = "native nativesdk" > > > > +\ No newline at end of file > > > > ++CVE_CHECK_IGNORE = "CVE-2024-12345" > > > > ++BBCLASSEXTEND = "native nativesdk" > > > > +-- > > > > +2.39.2 > > > > + > > > > diff --git > > > > a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ig > > > > nore > > > > .pass > > > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ig > > > > nore > > > > .pass > > > > new file mode 100644 > > > > index 0000000000..10f942a6eb > > > > --- /dev/null > > > > +++ > > > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ig > > > > nore > > > > .pass > > > > @@ -0,0 +1,31 @@ > > > > +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 > > > > 2001 > > > > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > > > > +Date: Sat, 10 Feb 2024 13:23:56 +0100 > > > > +Subject: [PATCH] selftest-hello: add CVE_STATUS > > > > +MIME-Version: 1.0 > > > > +Content-Type: text/plain; charset=UTF-8 > > > > +Content-Transfer-Encoding: 8bit > > > > + > > > > +This should pass the test_cve_tag_format selftest. > > > > + > > > > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > > > +--- > > > > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | > > > > 4 > > > > +++- > > > > + 1 file changed, 3 insertions(+), 1 deletion(-) > > > > + > > > > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb > > > > +index 547587bef4..9908b3b417 100644 > > > > +--- a/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb > > > > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest- > > > > hello_1.0.bb > > > > +@@ -16,4 +16,6 @@ do_install() { > > > > + install -m 0755 helloworld ${D}${bindir} > > > > + } > > > > + > > > > +-BBCLASSEXTEND = "native nativesdk" > > > > +\ No newline at end of file > > > > ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue > > > > only > > > > applies on Windows" > > > > ++ > > > > ++BBCLASSEXTEND = "native nativesdk" > > > > +-- > > > > +2.39.2 > > > > + > > > > > > > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#195300): > https://lists.openembedded.org/g/openembedded-core/message/195300 > Mute This Topic: https://lists.openembedded.org/mt/104277396/8052774 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: > https://lists.openembedded.org/g/openembedded-core/unsub [simone.p.weiss@posteo.com > ] > -=-=-=-=-=-=-=-=-=-=-=- >
On 2024-02-10 08:52, Simone Weiß wrote: > From: Simone Weiß <simone.p.weiss@posteo.com> > > Add a selftest for the recently introduced check for CVE_CHECK_IGNORE. Hi, sorry for the late reply. Were you able to test this successfully using the patchtest selftest run (or by manually running patchtest on the test patches)? I am seeing both cases skip on my end. > > Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > --- > .../TestMetadata.test_cve_check_ignore.fail | 30 ++++++++++++++++++ > .../TestMetadata.test_cve_check_ignore.pass | 31 +++++++++++++++++++ > 2 files changed, 61 insertions(+) > create mode 100644 meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail > create mode 100644 meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass > > diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail > new file mode 100644 > index 0000000000..3574463ade > --- /dev/null > +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail > @@ -0,0 +1,30 @@ > +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 2001 > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > +Date: Sat, 10 Feb 2024 13:18:44 +0100 > +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > + > +This should fail the test_cve_tag_format selftest. > + > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > +--- > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 ++- > + 1 file changed, 2 insertions(+), 1 deletion(-) > + > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +index 547587bef4..3ef9b87c34 100644 > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +@@ -16,4 +16,5 @@ do_install() { > + install -m 0755 helloworld ${D}${bindir} > + } > + > +-BBCLASSEXTEND = "native nativesdk" > +\ No newline at end of file > ++CVE_CHECK_IGNORE = "CVE-2024-12345" > ++BBCLASSEXTEND = "native nativesdk" > +-- > +2.39.2 > + > diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass > new file mode 100644 > index 0000000000..10f942a6eb > --- /dev/null > +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass > @@ -0,0 +1,31 @@ > +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 2001 > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > +Date: Sat, 10 Feb 2024 13:23:56 +0100 > +Subject: [PATCH] selftest-hello: add CVE_STATUS > +MIME-Version: 1.0 > +Content-Type: text/plain; charset=UTF-8 > +Content-Transfer-Encoding: 8bit > + > +This should pass the test_cve_tag_format selftest. > + > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > +--- > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 +++- > + 1 file changed, 3 insertions(+), 1 deletion(-) > + > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +index 547587bef4..9908b3b417 100644 > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > +@@ -16,4 +16,6 @@ do_install() { > + install -m 0755 helloworld ${D}${bindir} > + } > + > +-BBCLASSEXTEND = "native nativesdk" > +\ No newline at end of file > ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only applies on Windows" > ++ > ++BBCLASSEXTEND = "native nativesdk" > +-- > +2.39.2 > + > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#195273): https://lists.openembedded.org/g/openembedded-core/message/195273 > Mute This Topic: https://lists.openembedded.org/mt/104277396/7611679 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [tgamblin@baylibre.com] > -=-=-=-=-=-=-=-=-=-=-=- >
On Tue, 2024-02-13 at 09:55 -0500, Trevor Gamblin wrote: > > On 2024-02-10 08:52, Simone Weiß wrote: > > From: Simone Weiß <simone.p.weiss@posteo.com> > > > > Add a selftest for the recently introduced check for CVE_CHECK_IGNORE. > Hi, sorry for the late reply. Were you able to test this successfully > using the patchtest selftest run (or by manually running patchtest on > the test patches)? I am seeing both cases skip on my end. Hi Trevor, Yes both were fine e.g. FAIL: test CVE check ignore: CVE_CHECK_IGNORE is deprecated and should be replaced by CVE_STATUS (test_metadata.TestMetadata.test_cve_check_ignore). As data for checking for modified files is constructed based on the included layers, a quick suspicion did you nor add meta-selftest before you tried? Cheers, Simone > > > > Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > --- > > .../TestMetadata.test_cve_check_ignore.fail | 30 > > ++++++++++++++++++ > > .../TestMetadata.test_cve_check_ignore.pass | 31 > > +++++++++++++++++++ > > 2 files changed, 61 insertions(+) > > create mode 100644 > > meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.f > > ail > > create mode 100644 > > meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.p > > ass > > > > diff --git > > a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .fail > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .fail > > new file mode 100644 > > index 0000000000..3574463ade > > --- /dev/null > > +++ > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .fail > > @@ -0,0 +1,30 @@ > > +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 > > 2001 > > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > > +Date: Sat, 10 Feb 2024 13:18:44 +0100 > > +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE > > +MIME-Version: 1.0 > > +Content-Type: text/plain; charset=UTF-8 > > +Content-Transfer-Encoding: 8bit > > + > > +This should fail the test_cve_tag_format selftest. > > + > > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > +--- > > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 > > ++- > > + 1 file changed, 2 insertions(+), 1 deletion(-) > > + > > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb > > +index 547587bef4..3ef9b87c34 100644 > > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > +@@ -16,4 +16,5 @@ do_install() { > > + install -m 0755 helloworld ${D}${bindir} > > + } > > + > > +-BBCLASSEXTEND = "native nativesdk" > > +\ No newline at end of file > > ++CVE_CHECK_IGNORE = "CVE-2024-12345" > > ++BBCLASSEXTEND = "native nativesdk" > > +-- > > +2.39.2 > > + > > diff --git > > a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .pass > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .pass > > new file mode 100644 > > index 0000000000..10f942a6eb > > --- /dev/null > > +++ > > b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore > > .pass > > @@ -0,0 +1,31 @@ > > +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 > > 2001 > > +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> > > +Date: Sat, 10 Feb 2024 13:23:56 +0100 > > +Subject: [PATCH] selftest-hello: add CVE_STATUS > > +MIME-Version: 1.0 > > +Content-Type: text/plain; charset=UTF-8 > > +Content-Transfer-Encoding: 8bit > > + > > +This should pass the test_cve_tag_format selftest. > > + > > +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> > > +--- > > + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 > > +++- > > + 1 file changed, 3 insertions(+), 1 deletion(-) > > + > > +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- > > hello_1.0.bb > > +index 547587bef4..9908b3b417 100644 > > +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb > > +@@ -16,4 +16,6 @@ do_install() { > > + install -m 0755 helloworld ${D}${bindir} > > + } > > + > > +-BBCLASSEXTEND = "native nativesdk" > > +\ No newline at end of file > > ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only > > applies on Windows" > > ++ > > ++BBCLASSEXTEND = "native nativesdk" > > +-- > > +2.39.2 > > + > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#195273): > > https://lists.openembedded.org/g/openembedded-core/message/195273 > > Mute This Topic: https://lists.openembedded.org/mt/104277396/7611679 > > Group Owner: openembedded-core+owner@lists.openembedded.org > > Unsubscribe: > > https://lists.openembedded.org/g/openembedded-core/unsub [ > > tgamblin@baylibre.com] > > -=-=-=-=-=-=-=-=-=-=-=- > >
On 2024-02-13 11:49, Simone Weiß wrote: > On Tue, 2024-02-13 at 09:55 -0500, Trevor Gamblin wrote: >> On 2024-02-10 08:52, Simone Weiß wrote: >>> From: Simone Weiß <simone.p.weiss@posteo.com> >>> >>> Add a selftest for the recently introduced check for CVE_CHECK_IGNORE. >> Hi, sorry for the late reply. Were you able to test this successfully >> using the patchtest selftest run (or by manually running patchtest on >> the test patches)? I am seeing both cases skip on my end. > Hi Trevor, > > Yes both were fine e.g. > > FAIL: test CVE check ignore: CVE_CHECK_IGNORE is deprecated and should be > replaced by CVE_STATUS (test_metadata.TestMetadata.test_cve_check_ignore). > > As data for checking for modified files is constructed based on the > included layers, a quick suspicion did you nor add meta-selftest before > you tried? Aha, thanks for the reminder :) The patch looks good to me. > > Cheers, > Simone >>> Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> >>> --- >>> .../TestMetadata.test_cve_check_ignore.fail | 30 >>> ++++++++++++++++++ >>> .../TestMetadata.test_cve_check_ignore.pass | 31 >>> +++++++++++++++++++ >>> 2 files changed, 61 insertions(+) >>> create mode 100644 >>> meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.f >>> ail >>> create mode 100644 >>> meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.p >>> ass >>> >>> diff --git >>> a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .fail >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .fail >>> new file mode 100644 >>> index 0000000000..3574463ade >>> --- /dev/null >>> +++ >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .fail >>> @@ -0,0 +1,30 @@ >>> +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 >>> 2001 >>> +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> >>> +Date: Sat, 10 Feb 2024 13:18:44 +0100 >>> +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE >>> +MIME-Version: 1.0 >>> +Content-Type: text/plain; charset=UTF-8 >>> +Content-Transfer-Encoding: 8bit >>> + >>> +This should fail the test_cve_tag_format selftest. >>> + >>> +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> >>> +--- >>> + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 >>> ++- >>> + 1 file changed, 2 insertions(+), 1 deletion(-) >>> + >>> +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb >>> +index 547587bef4..3ef9b87c34 100644 >>> +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> +@@ -16,4 +16,5 @@ do_install() { >>> + install -m 0755 helloworld ${D}${bindir} >>> + } >>> + >>> +-BBCLASSEXTEND = "native nativesdk" >>> +\ No newline at end of file >>> ++CVE_CHECK_IGNORE = "CVE-2024-12345" >>> ++BBCLASSEXTEND = "native nativesdk" >>> +-- >>> +2.39.2 >>> + >>> diff --git >>> a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .pass >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .pass >>> new file mode 100644 >>> index 0000000000..10f942a6eb >>> --- /dev/null >>> +++ >>> b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore >>> .pass >>> @@ -0,0 +1,31 @@ >>> +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 >>> 2001 >>> +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> >>> +Date: Sat, 10 Feb 2024 13:23:56 +0100 >>> +Subject: [PATCH] selftest-hello: add CVE_STATUS >>> +MIME-Version: 1.0 >>> +Content-Type: text/plain; charset=UTF-8 >>> +Content-Transfer-Encoding: 8bit >>> + >>> +This should pass the test_cve_tag_format selftest. >>> + >>> +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> >>> +--- >>> + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 >>> +++- >>> + 1 file changed, 3 insertions(+), 1 deletion(-) >>> + >>> +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest- >>> hello_1.0.bb >>> +index 547587bef4..9908b3b417 100644 >>> +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb >>> +@@ -16,4 +16,6 @@ do_install() { >>> + install -m 0755 helloworld ${D}${bindir} >>> + } >>> + >>> +-BBCLASSEXTEND = "native nativesdk" >>> +\ No newline at end of file >>> ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only >>> applies on Windows" >>> ++ >>> ++BBCLASSEXTEND = "native nativesdk" >>> +-- >>> +2.39.2 >>> + >>> >>> -=-=-=-=-=-=-=-=-=-=-=- >>> Links: You receive all messages sent to this group. >>> View/Reply Online (#195273): >>> https://lists.openembedded.org/g/openembedded-core/message/195273 >>> Mute This Topic: https://lists.openembedded.org/mt/104277396/7611679 >>> Group Owner: openembedded-core+owner@lists.openembedded.org >>> Unsubscribe: >>> https://lists.openembedded.org/g/openembedded-core/unsub [ >>> tgamblin@baylibre.com] >>> -=-=-=-=-=-=-=-=-=-=-=- >>>
diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail new file mode 100644 index 0000000000..3574463ade --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.fail @@ -0,0 +1,30 @@ +From c4ca86b9cca3643097db0328e2f34dccffbba309 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> +Date: Sat, 10 Feb 2024 13:18:44 +0100 +Subject: [PATCH] selftest-hello: add CVE_CHECK_IGNORE +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This should fail the test_cve_tag_format selftest. + +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> +--- + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 547587bef4..3ef9b87c34 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -16,4 +16,5 @@ do_install() { + install -m 0755 helloworld ${D}${bindir} + } + +-BBCLASSEXTEND = "native nativesdk" +\ No newline at end of file ++CVE_CHECK_IGNORE = "CVE-2024-12345" ++BBCLASSEXTEND = "native nativesdk" +-- +2.39.2 + diff --git a/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass new file mode 100644 index 0000000000..10f942a6eb --- /dev/null +++ b/meta/lib/patchtest/selftest/files/TestMetadata.test_cve_check_ignore.pass @@ -0,0 +1,31 @@ +From 7d4d3fee0c7111830ee9b2b049ae3ce265b26030 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Simone=20Wei=C3=9F?= <simone.p.weiss@posteo.com> +Date: Sat, 10 Feb 2024 13:23:56 +0100 +Subject: [PATCH] selftest-hello: add CVE_STATUS +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This should pass the test_cve_tag_format selftest. + +Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> +--- + .../recipes-test/selftest-hello/selftest-hello_1.0.bb | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +index 547587bef4..9908b3b417 100644 +--- a/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb ++++ b/meta-selftest/recipes-test/selftest-hello/selftest-hello_1.0.bb +@@ -16,4 +16,6 @@ do_install() { + install -m 0755 helloworld ${D}${bindir} + } + +-BBCLASSEXTEND = "native nativesdk" +\ No newline at end of file ++CVE_STATUS[CVE-2024-12345] = "not-applicable-platform: Issue only applies on Windows" ++ ++BBCLASSEXTEND = "native nativesdk" +-- +2.39.2 +