Hello Martin,
On 6/21/23 6:42 AM, Martin Jansa wrote:
There is new patch-status QA check in oe-core:
https://git.openembedded.org/openembedded-core/commit/?id=76a685bfcf927593eac67157762a53259089ea8a
This is temporary work around just to hide _many_ warnings from
optional patch-status (if you add it to WARN_QA).
This just added
Upstream-Status: Pending
everywhere without actually investigating what's the proper status.
This is just to hide current QA warnings and to catch new .patch files being
added without Upstream-Status, but the number of Pending patches is now
terrible:
0 (0%) meta-parsec
N/A (0%) meta-hardening
1 (100%) meta-integrity
15 (68%) meta-tpm
27 (61%) meta-security
Signed-off-by: Martin Jansa <martin.ja...@gmail.com>
---
...Do-not-get-generation-using-ioctl-when-evm_portable-.patch | 4 ++++
.../0001-create-tpm-key-support-well-known-key-option.patch | 2 ++
.../files/0002-libtpm-support-env-TPM_SRK_PW.patch | 2 ++
...tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch | 2 ++
...tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch | 2 ++
.../recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch | 2 ++
Those appear to be fine.
.../openscap/files/0002-openembedded-add-Poky-distro.patch | 2 ++
The openscap patches are being dropped as they got accepted upstream. I
sent a patch last night to reflect that.
I can drop this change.
recipes-perl/perl/files/libwhisker2.patch | 2 ++
recipes-scanners/clamav/files/test.patch | 2 ++
the "test.patch" isn't used anywhere so I can remove it later.
.../ecryptfs-utils/files/define_musl_sword_type.patch | 2 ++
This one is missing other standard patch information. Looks like a bit
more cleanup is in order on my part.
recipes-security/isic/files/configure_fix.patch | 2 ++
This patch contains "Inappropriate" to the Upstream-Status should
Inappropriate [reason] not pending.
recipes-security/isic/files/isic-0.07-make.patch | 2 ++
This patch contains "Backport" so the Upstream-Status should be Backport
not pending.
recipes-security/isic/files/isic-0.07-netinet.patch | 2 ++
This patch contains "Backport" so the Upstream-Status should be Backport
not pending.
I can take those last six as-is and send a follow up tweaking as needed
or you can send a V2. Your call.
thanks,
Armin
13 files changed, 28 insertions(+)
diff --git
a/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
b/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
index 3624576..f0d8975 100644
---
a/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
+++
b/meta-integrity/recipes-security/ima-evm-utils/ima-evm-utils/0001-Do-not-get-generation-using-ioctl-when-evm_portable-.patch
@@ -13,6 +13,8 @@ ioctl is not supported by the filesystem.
Signed-off-by: Stefan Berger <stef...@linux.ibm.com>
---
+Upstream-Status: Pending
+
src/evmctl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
@@ -30,6 +32,8 @@ index 6d2bb67..c35a28c 100644
int fd = open(file, 0);
---
+Upstream-Status: Pending
+
2.39.2
diff --git a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
index bed8b92..e6068af 100644
---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
+++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0001-create-tpm-key-support-well-known-key-option.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
commit 16dac0cb7b73b8a7088300e45b98ac20819b03ed
Author: Junxian.Xiao <junxian.x...@windriver.com>
Date: Wed Jun 19 18:57:13 2013 +0800
diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
index 2caaaf0..74def4f 100644
---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
+++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0002-libtpm-support-env-TPM_SRK_PW.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
commit 16dac0cb7b73b8a7088300e45b98ac20819b03ed
Author: Junxian.Xiao <junxian.x...@windriver.com>
Date: Wed Jun 19 18:57:13 2013 +0800
diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
index cc8772d..732961d 100644
---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
+++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0003-tpm-openssl-tpm-engine-parse-an-encrypted-tpm-SRK-pa.patch
@@ -17,6 +17,8 @@ export TPM_SRK_ENC_PW=xxxxxxxx
Signed-off-by: Meng Li <meng...@windriver.com>
---
+Upstream-Status: Pending
+
e_tpm.c | 157
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
e_tpm.h | 4 ++
e_tpm_err.c | 4 ++
diff --git
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
index 535472a..3cbfc3c 100644
---
a/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
+++
b/meta-tpm/recipes-tpm1/openssl-tpm-engine/files/0004-tpm-openssl-tpm-engine-change-variable-c-type-from-c.patch
@@ -12,6 +12,8 @@ wrong case.
Signed-off-by: Meng Li <meng...@windriver.com>
---
+Upstream-Status: Pending
+
create_tpm_key.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch b/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
index 40150af..d427d67 100644
--- a/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
+++ b/meta-tpm/recipes-tpm1/tpm-tools/files/tpm-tools-extendpcr.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
Index: git/include/tpm_tspi.h
===================================================================
--- git.orig/include/tpm_tspi.h
diff --git
a/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
b/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
index 182d9ec..767b473 100644
--- a/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
+++ b/recipes-compliance/openscap/files/0002-openembedded-add-Poky-distro.patch
@@ -5,6 +5,8 @@ Subject: [PATCH 2/2] openembedded: add Poky distro
Signed-off-by: Armin Kuster <akus...@mvista.com>
---
+Upstream-Status: Pending
+
cpe/openscap-cpe-dict.xml | 4 ++++
cpe/openscap-cpe-oval.xml | 14 ++++++++++++++
src/OVAL/probes/unix/runlevel_probe.c | 8 +++++++-
diff --git a/recipes-perl/perl/files/libwhisker2.patch
b/recipes-perl/perl/files/libwhisker2.patch
index c066366..4ea1ee5 100644
--- a/recipes-perl/perl/files/libwhisker2.patch
+++ b/recipes-perl/perl/files/libwhisker2.patch
@@ -7,6 +7,8 @@ Subject: [PATCH] Mandir and perl install dir were overwritten
with faulty
Signed-off-by: Andrei Dinu <andrei.adrianx.d...@intel.com>
---
+Upstream-Status: Pending
+
Makefile.pl | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/recipes-scanners/clamav/files/test.patch b/recipes-scanners/clamav/files/test.patch
index a22b45d..8d94863 100644
--- a/recipes-scanners/clamav/files/test.patch
+++ b/recipes-scanners/clamav/files/test.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
Index: clamav-0.103.0/Makefile.am
===================================================================
--- clamav-0.103.0.orig/Makefile.am
diff --git a/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
b/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
index 3b29be0..01b7dd8 100644
--- a/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
+++ b/recipes-security/ecryptfs-utils/files/define_musl_sword_type.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
Index: ecryptfs-utils-111/src/utils/mount.ecryptfs_private.c
===================================================================
--- ecryptfs-utils-111.orig/src/utils/mount.ecryptfs_private.c
diff --git a/recipes-security/isic/files/configure_fix.patch
b/recipes-security/isic/files/configure_fix.patch
index fc2a774..801fe0c 100644
--- a/recipes-security/isic/files/configure_fix.patch
+++ b/recipes-security/isic/files/configure_fix.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
isic: add with-libnet remove libnet test
Inappropriate - builds fine on non-oe systems. We need to exlude
diff --git a/recipes-security/isic/files/isic-0.07-make.patch
b/recipes-security/isic/files/isic-0.07-make.patch
index 9cffa8a..838c873 100644
--- a/recipes-security/isic/files/isic-0.07-make.patch
+++ b/recipes-security/isic/files/isic-0.07-make.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
isic: Fixup makefile to support destination
Backport:
diff --git a/recipes-security/isic/files/isic-0.07-netinet.patch
b/recipes-security/isic/files/isic-0.07-netinet.patch
index c4ea74e..4b03880 100644
--- a/recipes-security/isic/files/isic-0.07-netinet.patch
+++ b/recipes-security/isic/files/isic-0.07-netinet.patch
@@ -1,3 +1,5 @@
+Upstream-Status: Pending
+
isic: add missing header file
Backport:
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60375): https://lists.yoctoproject.org/g/yocto/message/60375
Mute This Topic: https://lists.yoctoproject.org/mt/99673661/21656
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-