diff options
Diffstat (limited to 'poky/meta/classes')
-rw-r--r-- | poky/meta/classes/cve-check.bbclass | 42 | ||||
-rw-r--r-- | poky/meta/classes/go-mod.bbclass | 2 | ||||
-rw-r--r-- | poky/meta/classes/image-artifact-names.bbclass | 8 | ||||
-rw-r--r-- | poky/meta/classes/kernel-yocto.bbclass | 2 | ||||
-rw-r--r-- | poky/meta/classes/kernel.bbclass | 5 | ||||
-rw-r--r-- | poky/meta/classes/linuxloader.bbclass | 2 | ||||
-rw-r--r-- | poky/meta/classes/populate_sdk_ext.bbclass | 6 | ||||
-rw-r--r-- | poky/meta/classes/qemuboot.bbclass | 4 | ||||
-rw-r--r-- | poky/meta/classes/rootfs_rpm.bbclass | 2 | ||||
-rw-r--r-- | poky/meta/classes/sstate.bbclass | 4 | ||||
-rw-r--r-- | poky/meta/classes/staging.bbclass | 2 | ||||
-rw-r--r-- | poky/meta/classes/testexport.bbclass | 8 | ||||
-rw-r--r-- | poky/meta/classes/testimage.bbclass | 1 |
13 files changed, 54 insertions, 34 deletions
diff --git a/poky/meta/classes/cve-check.bbclass b/poky/meta/classes/cve-check.bbclass index 02fef7c205..25cefda92e 100644 --- a/poky/meta/classes/cve-check.bbclass +++ b/poky/meta/classes/cve-check.bbclass @@ -36,18 +36,21 @@ CVE_CHECK_SUMMARY_FILE_NAME ?= "cve-summary" CVE_CHECK_SUMMARY_FILE ?= "${CVE_CHECK_SUMMARY_DIR}/${CVE_CHECK_SUMMARY_FILE_NAME}" CVE_CHECK_DIR ??= "${DEPLOY_DIR}/cve" +CVE_CHECK_RECIPE_FILE ?= "${CVE_CHECK_DIR}/${PN}" CVE_CHECK_MANIFEST ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_NAME}${IMAGE_NAME_SUFFIX}.cve" CVE_CHECK_COPY_FILES ??= "1" CVE_CHECK_CREATE_MANIFEST ??= "1" +CVE_CHECK_REPORT_PATCHED ??= "1" + # Whitelist for packages (PN) CVE_CHECK_PN_WHITELIST ?= "" # Whitelist for CVE. If a CVE is found, then it is considered patched. # The value is a string containing space separated CVE values: -# +# # CVE_CHECK_WHITELIST = 'CVE-2014-2524 CVE-2018-1234' -# +# CVE_CHECK_WHITELIST ?= "" python cve_save_summary_handler () { @@ -118,7 +121,7 @@ python cve_check_write_rootfs_manifest () { import shutil if d.getVar("CVE_CHECK_COPY_FILES") == "1": - deploy_file = os.path.join(d.getVar("CVE_CHECK_DIR"), d.getVar("PN")) + deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE") if os.path.exists(deploy_file): bb.utils.remove(deploy_file) @@ -331,12 +334,15 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data): bb.utils.mkdirhier(os.path.dirname(cve_file)) for cve in sorted(cve_data): + is_patched = cve in patched + if is_patched and (d.getVar("CVE_CHECK_REPORT_PATCHED") != "1"): + continue write_string += "PACKAGE NAME: %s\n" % d.getVar("PN") write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV")) write_string += "CVE: %s\n" % cve if cve in whitelisted: write_string += "CVE STATUS: Whitelisted\n" - elif cve in patched: + elif is_patched: write_string += "CVE STATUS: Patched\n" else: unpatched_cves.append(cve) @@ -350,20 +356,20 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data): if unpatched_cves: bb.warn("Found unpatched CVE (%s), for more information check %s" % (" ".join(unpatched_cves),cve_file)) - with open(cve_file, "w") as f: - bb.note("Writing file %s with CVE information" % cve_file) - f.write(write_string) - - if d.getVar("CVE_CHECK_COPY_FILES") == "1": - cve_dir = d.getVar("CVE_CHECK_DIR") - bb.utils.mkdirhier(cve_dir) - deploy_file = os.path.join(cve_dir, d.getVar("PN")) - with open(deploy_file, "w") as f: + if write_string: + with open(cve_file, "w") as f: + bb.note("Writing file %s with CVE information" % cve_file) f.write(write_string) - if d.getVar("CVE_CHECK_CREATE_MANIFEST") == "1": - cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR") - bb.utils.mkdirhier(cvelogpath) + if d.getVar("CVE_CHECK_COPY_FILES") == "1": + deploy_file = d.getVar("CVE_CHECK_RECIPE_FILE") + bb.utils.mkdirhier(os.path.dirname(deploy_file)) + with open(deploy_file, "w") as f: + f.write(write_string) + + if d.getVar("CVE_CHECK_CREATE_MANIFEST") == "1": + cvelogpath = d.getVar("CVE_CHECK_SUMMARY_DIR") + bb.utils.mkdirhier(cvelogpath) - with open(d.getVar("CVE_CHECK_TMP_FILE"), "a") as f: - f.write("%s" % write_string) + with open(d.getVar("CVE_CHECK_TMP_FILE"), "a") as f: + f.write("%s" % write_string) diff --git a/poky/meta/classes/go-mod.bbclass b/poky/meta/classes/go-mod.bbclass index 5871d02506..cabb04d0ec 100644 --- a/poky/meta/classes/go-mod.bbclass +++ b/poky/meta/classes/go-mod.bbclass @@ -12,7 +12,7 @@ # The '-modcacherw' option ensures we have write access to the cached objects so # we avoid errors during clean task as well as when removing the TMPDIR. -export GOBUILDFLAGS ?= "-v ${GO_LDFLAGS} -modcacherw" +GOBUILDFLAGS_append = " -modcacherw" inherit go diff --git a/poky/meta/classes/image-artifact-names.bbclass b/poky/meta/classes/image-artifact-names.bbclass index 5ab8f1b7aa..3ac8dd731a 100644 --- a/poky/meta/classes/image-artifact-names.bbclass +++ b/poky/meta/classes/image-artifact-names.bbclass @@ -2,11 +2,11 @@ # Specific image creation and rootfs population info. ################################################################## -IMAGE_BASENAME = "${PN}" -IMAGE_VERSION_SUFFIX = "-${DATETIME}" +IMAGE_BASENAME ?= "${PN}" +IMAGE_VERSION_SUFFIX ?= "-${DATETIME}" IMAGE_VERSION_SUFFIX[vardepsexclude] += "DATETIME" -IMAGE_NAME = "${IMAGE_BASENAME}-${MACHINE}${IMAGE_VERSION_SUFFIX}" -IMAGE_LINK_NAME = "${IMAGE_BASENAME}-${MACHINE}" +IMAGE_NAME ?= "${IMAGE_BASENAME}-${MACHINE}${IMAGE_VERSION_SUFFIX}" +IMAGE_LINK_NAME ?= "${IMAGE_BASENAME}-${MACHINE}" # IMAGE_NAME is the base name for everything produced when building images. # The actual image that contains the rootfs has an additional suffix (.rootfs diff --git a/poky/meta/classes/kernel-yocto.bbclass b/poky/meta/classes/kernel-yocto.bbclass index a35c5923df..35587dd564 100644 --- a/poky/meta/classes/kernel-yocto.bbclass +++ b/poky/meta/classes/kernel-yocto.bbclass @@ -155,7 +155,7 @@ do_kernel_metadata() { fi in_tree_defconfig="${WORKDIR}/defconfig" else - bbfatal "A KBUILD_DEFCONFIG '${KBUILD_DEFCONFIG}' was specified, but not present in the source tree" + bbfatal "A KBUILD_DEFCONFIG '${KBUILD_DEFCONFIG}' was specified, but not present in the source tree (${S}/arch/${ARCH}/configs/)" fi fi diff --git a/poky/meta/classes/kernel.bbclass b/poky/meta/classes/kernel.bbclass index 48135b3d41..78def5bbc1 100644 --- a/poky/meta/classes/kernel.bbclass +++ b/poky/meta/classes/kernel.bbclass @@ -172,7 +172,10 @@ python do_symlink_kernsrc () { shutil.move(s, kernsrc) os.symlink(kernsrc, s) } -addtask symlink_kernsrc before do_patch after do_unpack +# do_patch is normally ordered before do_configure, but +# externalsrc.bbclass deletes do_patch, breaking the dependency of +# do_configure on do_symlink_kernsrc. +addtask symlink_kernsrc before do_patch do_configure after do_unpack inherit kernel-arch deploy diff --git a/poky/meta/classes/linuxloader.bbclass b/poky/meta/classes/linuxloader.bbclass index 176fd89fdb..720e5dfad4 100644 --- a/poky/meta/classes/linuxloader.bbclass +++ b/poky/meta/classes/linuxloader.bbclass @@ -4,7 +4,7 @@ def get_musl_loader_arch(d): targetarch = d.getVar("TARGET_ARCH") if targetarch.startswith("microblaze"): - ldso_arch = "microblaze${@bb.utils.contains('TUNE_FEATURES', 'bigendian', '', 'el' ,d)}" + ldso_arch = "microblaze${@bb.utils.contains('TUNE_FEATURES', 'bigendian', '', 'el', d)}" elif targetarch.startswith("mips"): ldso_arch = "mips${ABIEXTENSION}${MIPSPKGSFX_BYTE}${MIPSPKGSFX_R6}${MIPSPKGSFX_ENDIAN}${@['', '-sf'][d.getVar('TARGET_FPU') == 'soft']}" elif targetarch == "powerpc": diff --git a/poky/meta/classes/populate_sdk_ext.bbclass b/poky/meta/classes/populate_sdk_ext.bbclass index d659b6940a..6f35b612c2 100644 --- a/poky/meta/classes/populate_sdk_ext.bbclass +++ b/poky/meta/classes/populate_sdk_ext.bbclass @@ -522,12 +522,18 @@ python copy_buildsystem () { # sdk_ext_postinst() below) thus the checksum we take here would always # be different. manifest_file_list = ['conf/*'] + esdk_manifest_excludes = (d.getVar('ESDK_MANIFEST_EXCLUDES') or '').split() + esdk_manifest_excludes_list = [] + for exclude_item in esdk_manifest_excludes: + esdk_manifest_excludes_list += glob.glob(os.path.join(baseoutpath, exclude_item)) manifest_file = os.path.join(baseoutpath, 'conf', 'sdk-conf-manifest') with open(manifest_file, 'w') as f: for item in manifest_file_list: for fn in glob.glob(os.path.join(baseoutpath, item)): if fn == manifest_file: continue + if fn in esdk_manifest_excludes_list: + continue chksum = bb.utils.sha256_file(fn) f.write('%s\t%s\n' % (chksum, os.path.relpath(fn, baseoutpath))) } diff --git a/poky/meta/classes/qemuboot.bbclass b/poky/meta/classes/qemuboot.bbclass index d8f62ef6ea..824676216e 100644 --- a/poky/meta/classes/qemuboot.bbclass +++ b/poky/meta/classes/qemuboot.bbclass @@ -29,6 +29,9 @@ # QB_AUDIO_OPT: qemu audio option, e.g., "-soundhw ac97,es1370", used # when QB_AUDIO_DRV is set. # +# QB_RNG: Pass-through for host random number generator, it can speedup boot +# in system mode, where system is experiencing entropy starvation +# # QB_KERNEL_ROOT: kernel's root, e.g., /dev/vda # # QB_NETWORK_DEVICE: network device, e.g., "-device virtio-net-pci,netdev=net0,mac=@MAC@", @@ -77,6 +80,7 @@ QB_MEM ?= "-m 256" QB_SERIAL_OPT ?= "-serial mon:stdio -serial null" QB_DEFAULT_KERNEL ?= "${KERNEL_IMAGETYPE}" QB_DEFAULT_FSTYPE ?= "ext4" +QB_RNG ?= "-object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0" QB_OPT_APPEND ?= "" QB_NETWORK_DEVICE ?= "-device virtio-net-pci,netdev=net0,mac=@MAC@" QB_CMDLINE_IP_SLIRP ?= "ip=dhcp" diff --git a/poky/meta/classes/rootfs_rpm.bbclass b/poky/meta/classes/rootfs_rpm.bbclass index 51f89ea990..82584f386c 100644 --- a/poky/meta/classes/rootfs_rpm.bbclass +++ b/poky/meta/classes/rootfs_rpm.bbclass @@ -9,7 +9,7 @@ export STAGING_INCDIR export STAGING_LIBDIR # Add 100Meg of extra space for dnf -IMAGE_ROOTFS_EXTRA_SPACE_append = "${@bb.utils.contains("PACKAGE_INSTALL", "dnf", " + 102400", "" ,d)}" +IMAGE_ROOTFS_EXTRA_SPACE_append = "${@bb.utils.contains("PACKAGE_INSTALL", "dnf", " + 102400", "", d)}" # Dnf is python based, so be sure python3-native is available to us. EXTRANATIVEPATH += "python3-native" diff --git a/poky/meta/classes/sstate.bbclass b/poky/meta/classes/sstate.bbclass index 375196ef21..a8ae75101d 100644 --- a/poky/meta/classes/sstate.bbclass +++ b/poky/meta/classes/sstate.bbclass @@ -787,7 +787,7 @@ sstate_create_package () { return fi - mkdir -p `dirname ${SSTATE_PKG}` + mkdir --mode=0775 -p `dirname ${SSTATE_PKG}` TFILE=`mktemp ${SSTATE_PKG}.XXXXXXXX` # Use pigz if available @@ -847,7 +847,7 @@ python sstate_report_unihash() { sstate_unpack_package () { tar -xvzf ${SSTATE_PKG} # update .siginfo atime on local/NFS mirror - [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo + [ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo # Use "! -w ||" to return true for read only files [ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG} [ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig diff --git a/poky/meta/classes/staging.bbclass b/poky/meta/classes/staging.bbclass index de3a19815a..f0a619b35b 100644 --- a/poky/meta/classes/staging.bbclass +++ b/poky/meta/classes/staging.bbclass @@ -614,7 +614,7 @@ python staging_taskhandler() { bbtasks = e.tasklist for task in bbtasks: deps = d.getVarFlag(task, "depends") - if deps and "populate_sysroot" in deps: + if task == "do_configure" or (deps and "populate_sysroot" in deps): d.appendVarFlag(task, "prefuncs", " extend_recipe_sysroot") } staging_taskhandler[eventmask] = "bb.event.RecipeTaskPreProcess" diff --git a/poky/meta/classes/testexport.bbclass b/poky/meta/classes/testexport.bbclass index 59cbaefbf9..1b0fb44a4a 100644 --- a/poky/meta/classes/testexport.bbclass +++ b/poky/meta/classes/testexport.bbclass @@ -137,7 +137,7 @@ def copy_needed_files(d, tc): shutil.rmtree(os.path.join(subdir, dir)) # Create tar file for common parts of testexport - create_tarball(d, "testexport.tar.gz", d.getVar("TEST_EXPORT_DIR")) + testexport_create_tarball(d, "testexport.tar.gz", d.getVar("TEST_EXPORT_DIR")) # Copy packages needed for runtime testing package_extraction(d, tc.suites) @@ -146,7 +146,7 @@ def copy_needed_files(d, tc): export_pkg_dir = os.path.join(d.getVar("TEST_EXPORT_DIR"), "packages") oe.path.copytree(test_pkg_dir, export_pkg_dir) # Create tar file for packages needed by the DUT - create_tarball(d, "testexport_packages_%s.tar.gz" % d.getVar("MACHINE"), export_pkg_dir) + testexport_create_tarball(d, "testexport_packages_%s.tar.gz" % d.getVar("MACHINE"), export_pkg_dir) # Copy SDK if d.getVar("TEST_EXPORT_SDK_ENABLED") == "1": @@ -159,11 +159,11 @@ def copy_needed_files(d, tc): shutil.copy2(tarball_path, export_sdk_dir) # Create tar file for the sdk - create_tarball(d, "testexport_sdk_%s.tar.gz" % d.getVar("SDK_ARCH"), export_sdk_dir) + testexport_create_tarball(d, "testexport_sdk_%s.tar.gz" % d.getVar("SDK_ARCH"), export_sdk_dir) bb.plain("Exported tests to: %s" % export_path) -def create_tarball(d, tar_name, src_dir): +def testexport_create_tarball(d, tar_name, src_dir): import tarfile diff --git a/poky/meta/classes/testimage.bbclass b/poky/meta/classes/testimage.bbclass index 6c8bedcd65..e3feef02f8 100644 --- a/poky/meta/classes/testimage.bbclass +++ b/poky/meta/classes/testimage.bbclass @@ -319,6 +319,7 @@ def testimage_main(d): target_kwargs['powercontrol_extra_args'] = d.getVar("TEST_POWERCONTROL_EXTRA_ARGS") or "" target_kwargs['serialcontrol_cmd'] = d.getVar("TEST_SERIALCONTROL_CMD") or None target_kwargs['serialcontrol_extra_args'] = d.getVar("TEST_SERIALCONTROL_EXTRA_ARGS") or "" + target_kwargs['testimage_dump_target'] = d.getVar("testimage_dump_target") or "" def export_ssh_agent(d): import os |