[OE-core] [PATCH 01/23] buildhistory.bbclass: add LICENSE and CVE_PRODUCT to recipe and package data
Mikko Rapeli
mikko.rapeli at bmw.de
Thu Jul 20 13:22:49 UTC 2017
LICENSE can be used in various checks after builds. Reading license data
from buildhistory is better than trying to parse recipes in a source tree.
CVE_PRODUCT can be used by scripts to e.g. check if it matches to the
CVE product names in CVE/NVD database.
It the two are combined, a CVE product name check can for example ignore
recipes with CLOSED license.
Note about sstate caching: recipe and package buildhistory data is
regenarated only when the recipe is rebuild from sources. New fields
like LICENSE and CVE_PRODUCT in buildhistory will be deployed only after
the recipes are recompiled.
Example:
$ bitbake -c cleanall busybox && bitbake busybox
$ egrep "LICENSE|CVE_PRODUCT" buildhistory/packages/i586-poky-linux/busybox/busybox/latest
LICENSE = GPLv2 & bzip2
CVE_PRODUCT = busybox
Signed-off-by: Mikko Rapeli <mikko.rapeli at bmw.de>
---
meta/classes/buildhistory.bbclass | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/meta/classes/buildhistory.bbclass b/meta/classes/buildhistory.bbclass
index 81784ee..cc3b144 100644
--- a/meta/classes/buildhistory.bbclass
+++ b/meta/classes/buildhistory.bbclass
@@ -92,6 +92,8 @@ python buildhistory_emit_pkghistory() {
self.packages = ""
self.srcrev = ""
self.layer = ""
+ self.license = ""
+ self.cve_product = ""
class PackageInfo:
@@ -105,6 +107,8 @@ python buildhistory_emit_pkghistory() {
self.pkge = ""
self.pkgv = ""
self.pkgr = ""
+ self.license = ""
+ self.cve_product = ""
self.size = 0
self.depends = ""
self.rprovides = ""
@@ -141,6 +145,10 @@ python buildhistory_emit_pkghistory() {
pkginfo.pkgv = value
elif name == "PKGR":
pkginfo.pkgr = value
+ elif name == "LICENSE":
+ pkginfo.license = value
+ elif name == "CVE_PRODUCT":
+ pkginfo.cve_product = value
elif name == "RPROVIDES":
pkginfo.rprovides = value
elif name == "RDEPENDS":
@@ -193,6 +201,9 @@ python buildhistory_emit_pkghistory() {
pv = d.getVar('PV')
pr = d.getVar('PR')
layer = bb.utils.get_file_layer(d.getVar('FILE', True), d)
+ license = d.getVar('LICENSE') or ''
+ # If recipe does not define CVE_PRODUCT, the default is pn
+ cve_product = d.getVar('CVE_PRODUCT') or pn
pkgdata_dir = d.getVar('PKGDATA_DIR')
packages = ""
@@ -233,6 +244,8 @@ python buildhistory_emit_pkghistory() {
rcpinfo.depends = sortlist(oe.utils.squashspaces(d.getVar('DEPENDS') or ""))
rcpinfo.packages = packages
rcpinfo.layer = layer
+ rcpinfo.license = license
+ rcpinfo.cve_product = cve_product
write_recipehistory(rcpinfo, d)
pkgdest = d.getVar('PKGDEST')
@@ -249,6 +262,8 @@ python buildhistory_emit_pkghistory() {
pkge = pkgdata.get('PKGE', '0')
pkgv = pkgdata['PKGV']
pkgr = pkgdata['PKGR']
+ pkg_license = d.getVar('LICENSE_%s' % (pkg,), True) or license
+ pkg_cve_product = d.getVar('CVE_PRODUCT_%s' % (pkg,), True) or cve_product
#
# Find out what the last version was
# Make sure the version did not decrease
@@ -272,6 +287,8 @@ python buildhistory_emit_pkghistory() {
pkginfo.pkge = pkge
pkginfo.pkgv = pkgv
pkginfo.pkgr = pkgr
+ pkginfo.license = pkg_license
+ pkginfo.cve_product = pkg_cve_product
pkginfo.rprovides = sortpkglist(oe.utils.squashspaces(pkgdata.get('RPROVIDES', "")))
pkginfo.rdepends = sortpkglist(oe.utils.squashspaces(pkgdata.get('RDEPENDS', "")))
pkginfo.rrecommends = sortpkglist(oe.utils.squashspaces(pkgdata.get('RRECOMMENDS', "")))
@@ -347,6 +364,8 @@ def write_recipehistory(rcpinfo, d):
f.write(u"DEPENDS = %s\n" % rcpinfo.depends)
f.write(u"PACKAGES = %s\n" % rcpinfo.packages)
f.write(u"LAYER = %s\n" % rcpinfo.layer)
+ f.write(u"LICENSE = %s\n" % rcpinfo.license)
+ f.write(u"CVE_PRODUCT = %s\n" % rcpinfo.cve_product)
write_latest_srcrev(d, pkghistdir)
@@ -374,6 +393,8 @@ def write_pkghistory(pkginfo, d):
f.write(u"PKGV = %s\n" % pkginfo.pkgv)
if pkginfo.pkgr != pkginfo.pr:
f.write(u"PKGR = %s\n" % pkginfo.pkgr)
+ f.write(u"LICENSE = %s\n" % pkginfo.license)
+ f.write(u"CVE_PRODUCT = %s\n" % pkginfo.cve_product)
f.write(u"RPROVIDES = %s\n" % pkginfo.rprovides)
f.write(u"RDEPENDS = %s\n" % pkginfo.rdepends)
f.write(u"RRECOMMENDS = %s\n" % pkginfo.rrecommends)
--
1.9.1
More information about the Openembedded-core
mailing list