summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChris Laplante <chris.laplante@agilent.com>2020-09-09 16:51:07 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2020-09-10 13:48:26 +0100
commit9ba2f3b8c3937bb4a3376d5537774f1dbb321bef (patch)
treeea42009fce42ea85c7d1b1121fce5ca3ad7aac9d
parent1b836a17ec36819f602fcdc70987f1443a969893 (diff)
downloadpoky-9ba2f3b8c3937bb4a3376d5537774f1dbb321bef.tar.gz
cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig
Previously CVE_CHECK_DB_FILE / CVE_CHECK_DB_DIR was the same across multiconfigs which led to a race condition wherein multiple cve-update-db-native:do_populate_cve_db tasks could attempt to write to the same sqlite database. This led to the following task failure: Error executing a python function in exec_python_func() autogenerated: The stack trace of python calls that resulted in this exception/failure was: File: 'exec_python_func() autogenerated', lineno: 2, function: <module> 0001: *** 0002:do_populate_cve_db(d) 0003: File: '/mnt/data/agent/work/74f119cccb44f133/yocto/sources/poky/meta/recipes-core/meta/cve-update-db-native.bb', lineno: 103, function: do_populate_cve_db 0099: if year == date.today().year: 0100: cve_f.write('CVE database update : %s\n\n' % date.today()) 0101: 0102: cve_f.close() *** 0103: conn.commit() 0104: conn.close() 0105:} 0106: 0107:def initialize_db(c): Exception: sqlite3.OperationalError: disk I/O error Use a lockfile to ensure multiple tasks don't step over each other. (From OE-Core rev: 24e9380643a2ae3fcae193519cb64aedaf682153) Signed-off-by: Chris Laplante <chris.laplante@agilent.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/classes/cve-check.bbclass1
-rw-r--r--meta/recipes-core/meta/cve-update-db-native.bb5
2 files changed, 4 insertions, 2 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 0889e7544a..35b7d0f298 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -27,6 +27,7 @@ CVE_VERSION ??= "${PV}"
27 27
28CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" 28CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK"
29CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db" 29CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db"
30CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock"
30 31
31CVE_CHECK_LOG ?= "${T}/cve.log" 32CVE_CHECK_LOG ?= "${T}/cve.log"
32CVE_CHECK_TMP_FILE ?= "${TMPDIR}/cve_check" 33CVE_CHECK_TMP_FILE ?= "${TMPDIR}/cve_check"
diff --git a/meta/recipes-core/meta/cve-update-db-native.bb b/meta/recipes-core/meta/cve-update-db-native.bb
index 2221825bf8..d22b66f6c7 100644
--- a/meta/recipes-core/meta/cve-update-db-native.bb
+++ b/meta/recipes-core/meta/cve-update-db-native.bb
@@ -52,8 +52,7 @@ python do_populate_cve_db() {
52 52
53 cve_f = open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a') 53 cve_f = open(os.path.join(d.getVar("TMPDIR"), 'cve_check'), 'a')
54 54
55 if not os.path.isdir(db_dir): 55 bb.utils.mkdirhier(db_dir)
56 os.mkdir(db_dir)
57 56
58 # Connect to database 57 # Connect to database
59 conn = sqlite3.connect(db_file) 58 conn = sqlite3.connect(db_file)
@@ -114,6 +113,8 @@ python do_populate_cve_db() {
114 conn.close() 113 conn.close()
115} 114}
116 115
116do_populate_cve_db[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
117
117def initialize_db(c): 118def initialize_db(c):
118 c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)") 119 c.execute("CREATE TABLE IF NOT EXISTS META (YEAR INTEGER UNIQUE, DATE TEXT)")
119 120