[AZ-407] [AZ-444] [AZ-445] Batch 68: fixtures, Tier-2 harness, NFR reporter

Three blackbox-harness tasks landed together — all depend only on
AZ-406 and unblock the FT-* / NFT-* scenario tasks scheduled for
batches 69+.

AZ-407 — Static fixture builders (3pt):
  * tile-cache-builder/{builder.py, Dockerfile, build.sh} produces a
    deterministic tile-cache-fixture Docker volume from
    _docs/00_problem/input_data/. Reproducibility primitives: sorted
    iteration, frozen PIL JPEG settings, FAISS HNSW32 built single-
    threaded with seeded stub descriptors.
  * age-injector/{age_injector.py, inject.sh} clones the volume and
    shifts capture_date by N×30.44 days; tile JPEG bytes preserved
    bit-identical. Emits synth-age-7mo + synth-age-13mo volumes.
  * cold-boot/cold_boot_fixture.json: frozen FC pose snapshot at
    Derkachi sector centre, schema v1.
  * secrets/mavlink-test-passkey.txt: 64-hex with required
    `# TEST ONLY` header line per AC-5. Passkey-equality test now
    compares the secret line after stripping the header.
  * security/cve-2025-53644.jpg: synthetic 158-byte malformed JPEG
    (truncated SOS marker). OpenCV 4.11.x rejects gracefully with
    imdecode → None. AZ-439 will sharpen for ASan instrumentation.
  * Top-level Makefile with `make fixtures` / `make fixtures-*` /
    `make e2e-tier1*` / `make unit-tests` targets.

AZ-444 — Tier-2 Jetson harness wrapper (5pt):
  * run-tier2.sh rewritten as orchestrator. Detects local
    (aarch64 + TIER2_HOST=localhost) vs remote (ssh into TIER2_HOST).
    New flags: -k/--selector, --build-kind production|asan,
    --reflash (gated behind TIER2_REFLASH_ACK=1 two-key gate),
    --dry-run.
  * tier2-on-jetson.sh (new) — on-device delegate. Verifies
    gps-denied-onboard{,-asan}.service health; restarts with 5s
    tolerance; spawns tegrastats + jtop parallel samplers; tails
    ASan unit's journal in asan mode; drives docker compose with
    TIER=tier2-jetson; forwards SELECTOR to pytest -k.
  * docker/run-tier1.sh (new) — selector-parity sibling.
  * AC-1 (selector parity) and AC-6 (reflash gating) unit-tested via
    --dry-run output assertions. AC-2/AC-3/AC-4/AC-5 are hardware-
    loop ACs verified by the Tier-2 runtime smoke (no Jetson in the
    unit-test layer).

AZ-445 — CSV reporter + evidence bundler refinements (2pt):
  * reporting/nfr_recorder.py (new) — pytest plugin. Provides the
    `nfr_recorder` fixture with record_metric(name, value, ac_id)
    and partial(ac_id, reason). At session end emits:
      - per-nfr/<scenario_id>.json (AC-1)
      - traceability-status.json with every AC ID parsed from
        traceability-matrix.md, classified Covered/PARTIAL/NOT
        COVERED with source scenario IDs (AC-2)
      - regression-baseline.json with all numeric metrics (AC-3)
  * csv_reporter.py extended — `_outcome_to_result` consults the
    aggregator; rows flip PASS → PARTIAL when an AC was marked
    PARTIAL by nfr_recorder (AC-4). Graceful fallback when
    aggregator isn't registered (unit-test contexts).
  * conftest.py registers nfr_recorder in pytest_plugins.
  * New --traceability-matrix CLI flag seeds the NOT COVERED rows.

Build / config:
  * pyproject.toml dev extras: added Pillow>=10.4,<13.0 for the
    tile-cache-builder unit test (broad enough to keep torchvision's
    Pillow 12 pin happy; the production builder runs inside its own
    Docker image with its own pin).
  * Updated test_directory_layout.py to cover 10 new files + replaced
    the byte-equal passkey assertion with the header-stripping
    variant.

Test results:
  * 157 focused tests pass (was 97 in batch 67; +60 new across this
    batch). No regressions.

Module-layout / spec drift:
  * AZ-407 spec text says `tests/fixtures/...`; module-layout
    blackbox_tests entry (commit d7a17a8) authoritatively places the
    harness under `e2e/`. Implementation followed the layout entry.
  * AZ-444 spec mentions `e2e/tier2/run-tier2.sh`; AZ-406 placed it
    at `e2e/jetson/run-tier2.sh`. Kept at `e2e/jetson/` for
    consistency.
  * Cold-boot README ownership: corrected from AZ-419 to AZ-407 per
    AZ-419's own Dependencies field.

Specs archived to _docs/02_tasks/done/. Jira tickets transitioned to
In Testing on commit.

Co-authored-by: Cursor <cursoragent@cursor.com>

e2e/fixtures/security/generate_cve_jpeg.py

@@ -1,43 +1,131 @@
 """Programmatically generate the crafted JPEG fixture for CVE-2025-53644.
 
-Per AZ-406 § Risk 5 — the upstream PoC JPEG has unclear redistribution
-terms, so the e2e harness generates a structurally equivalent file from
-scratch rather than committing copyrighted bytes.
+Per AZ-407 § AC-6 and AZ-406 § Risk 5 — the upstream PoC JPEG has
+unclear redistribution terms, so the e2e harness generates a
+structurally equivalent malformed file from scratch rather than
+committing copyrighted bytes.
 
-The fixture is consumed by NFT-SEC-04 (OpenCV CVE-2025-53644 +
-AddressSanitizer fuzz). The intent is NOT to reproduce the exact RCE; it
-is to provide a malformed JPEG with the structural features the CVE
-exploits (oversized DHT segment, truncated SOS marker) so the SUT's
-hardened OpenCV path (>= 4.12.0) rejects it.
+AZ-407 ships a *minimal* malformed JPEG with:
+  * Valid SOI marker (``FFD8``)
+  * Valid DQT (quantisation table)
+  * Valid SOF0 (baseline DCT) header
+  * **Truncated SOS marker** — the marker is announced (``FFDA``) but
+    only the length field is present; the entropy-coded data is
+    deliberately absent. This is the structural feature CVE-2025-53644
+    exploits: vulnerable OpenCV (≤ 4.11) reads past the buffer; hardened
+    OpenCV (≥ 4.12) rejects gracefully with an `imread` failure.
 
-AZ-406 commits to the generator's existence + signature; AZ-439
-(NFT-SEC-04) supplies the byte-level details and validates the generated
-file actually triggers the CVE code path against opencv 4.11.x (control)
-vs 4.12+ (mitigated).
+AZ-439 (NFT-SEC-04) tightens this further:
+  * Adds an oversized DHT segment (the full PoC structure)
+  * Runs the file under AddressSanitizer to assert no buffer-overflow
+    / use-after-free is reported on the hardened build
+  * Compares behaviour against a control vulnerable OpenCV ≤ 4.11
+
+The AZ-407 fixture is sufficient to verify AC-6: feeding it to
+OpenCV 4.12+ does NOT crash; it returns a clean decode failure.
+
+The function is deterministic: same input → identical output bytes.
 """
 
 from __future__ import annotations
 
+import argparse
+import hashlib
+import logging
 from pathlib import Path
 
+logger = logging.getLogger(__name__)
+
+
+def _build_minimal_malformed_jpeg() -> bytes:
+    """Emit a deterministic malformed JPEG with a truncated SOS marker.
+
+    Byte-level structure (annotated):
+
+      FFD8                          # SOI
+      FFE0 0010 4A464946 00 0102 0000 0001 0001 0000   # APP0 / JFIF stub
+      FFDB 0043 00 <64 bytes>       # DQT (table 0, baseline)
+      FFC0 0011 08 0001 0001 03 01 22 00 02 11 01 03 11 01  # SOF0 (1x1 baseline 3-component)
+      FFC4 001F 00 <31 bytes>       # DHT (DC table 0; bytes follow JPEG std)
+      FFDA 000C 03 01 00 02 11 03 11 00 3F 00  # SOS — header announced, NO entropy data
+      <eof — no trailing FFD9>      # CVE: truncated stream
+    """
+
+    soi = b"\xff\xd8"
+    app0 = bytes.fromhex(
+        "ffe000104a46494600010200000001000100"
+        "00"
+    )
+    dqt_body = bytes(range(64))
+    dqt = b"\xff\xdb" + (3 + len(dqt_body)).to_bytes(2, "big") + b"\x00" + dqt_body
+    sof0 = bytes.fromhex(
+        "ffc0001108"     # SOF0 marker + length + precision
+        "0001"           # height = 1
+        "0001"           # width = 1
+        "03"             # 3 components
+        "012200"         # Y  : id=1, sampling=22, quant tbl=0
+        "021101"         # Cb : id=2, sampling=11, quant tbl=1
+        "031101"         # Cr : id=3, sampling=11, quant tbl=1
+    )
+    # DHT for AC bits — standard JPEG huffman table 0/0; the count/value
+    # bytes here are a 31-byte body that decodes cleanly. We hand-craft
+    # the structure rather than depending on PIL.
+    dht_body = (
+        b"\x00"                              # tc=0, th=0
+        + bytes([0, 1, 5, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0])  # length counts
+        + bytes([0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13])    # symbols
+    )
+    dht = b"\xff\xc4" + (2 + len(dht_body)).to_bytes(2, "big") + dht_body
+
+    # SOS: announce the marker + parameters, then STOP. No entropy-coded
+    # scan data. No EOI. This is the CVE-relevant truncation.
+    sos = bytes.fromhex(
+        "ffda000c"       # SOS marker + length
+        "03"             # 3 components in scan
+        "0100"           # Y  : DC=0 / AC=0
+        "0211"           # Cb : DC=1 / AC=1
+        "0311"           # Cr : DC=1 / AC=1
+        "00"             # Ss
+        "3f"             # Se
+        "00"             # Ah/Al
+    )
+
+    return soi + app0 + dqt + sof0 + dht + sos
+
 
 def generate(out_path: Path) -> Path:
-    """Write a malformed JPEG to ``out_path``. Returns the path on success.
+    """Write the AZ-407 malformed JPEG to ``out_path``.
 
-    Raises NotImplementedError until AZ-439 supplies the byte template.
-    Tests that need the crafted fixture should mark themselves
-    @pytest.mark.skip(reason="awaiting AZ-439") until then.
+    Returns the path on success. Idempotent: writing twice produces the
+    same bytes.
     """
-    raise NotImplementedError(
-        "generate_cve_jpeg.generate is owned by AZ-439 — AZ-406 commits "
-        "to the public signature only."
+
+    blob = _build_minimal_malformed_jpeg()
+    out_path.parent.mkdir(parents=True, exist_ok=True)
+    out_path.write_bytes(blob)
+    logger.info(
+        "Wrote %d-byte CVE-2025-53644 fixture (sha256=%s) to %s",
+        len(blob),
+        hashlib.sha256(blob).hexdigest(),
+        out_path,
     )
+    return out_path
+
+
+def main(argv: list[str] | None = None) -> int:
+    parser = argparse.ArgumentParser(description="Generate CVE-2025-53644 fixture JPEG.")
+    parser.add_argument(
+        "out",
+        type=Path,
+        nargs="?",
+        default=Path("cve-2025-53644.jpg"),
+        help="Output JPEG path (default: ./cve-2025-53644.jpg)",
+    )
+    args = parser.parse_args(argv)
+    logging.basicConfig(level=logging.INFO)
+    generate(args.out)
+    return 0
 
 
 if __name__ == "__main__":
-    import argparse
-
-    parser = argparse.ArgumentParser(description="Generate CVE-2025-53644 fixture JPEG.")
-    parser.add_argument("out", type=Path, default=Path("cve-2025-53644.jpg"))
-    args = parser.parse_args()
-    generate(args.out)
+    raise SystemExit(main())