diff options
author | Alexander Kanavin <alex.kanavin@gmail.com> | 2019-10-10 13:18:48 +0200 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-10-15 14:16:10 +0100 |
commit | 25df405d4b019ba6444d03598e914ff2efdad4c9 (patch) | |
tree | 5c716fbd16cf71553014af461f6fc922aed01bcf | |
parent | f46b73658ee6697338d0431efa9cc33fd2c9b914 (diff) | |
download | poky-25df405d4b019ba6444d03598e914ff2efdad4c9.tar.gz |
license_image.bbclass: check and reject packages which have incompatible licenses
The use case is setting INCOMPATIBLE_LICENSE per image,
rather than as an awkward, and too strict global setting.
This for example would allow building development images with gplv3 tools,
but production images without them, and checking that nothing gpl3-licensed
gets into the latter.
Examples are provided via the selftest: four scenarios are tested:
- bash is added to the image, with a default gpl3 license; this is rejected
- bash is added to the image, with a "gpl3 & other" license; this is also rejected
- bash is added to the image, with a "gpl3 | other" license; this is accepted, but
only 'other' is added to the license manifest (this was already handled correctly
previously).
- bash is added to the image with a default gpl3 license, and is additionally
whitelisted for that image; this is accepted.
Eventually, this would allow deprecating the meta-gplv2 layer, while still
enforcing the no-gpl3 rule where possible and needed.
(From OE-Core rev: fd50395bc0783a3cce7b5b0d7398f22783ebbeca)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/classes/license_image.bbclass | 10 | ||||
-rw-r--r-- | meta/lib/oeqa/selftest/cases/incompatible_lic.py | 34 |
2 files changed, 43 insertions, 1 deletions
diff --git a/meta/classes/license_image.bbclass b/meta/classes/license_image.bbclass index 3f102d0fbc..b5399b6d96 100644 --- a/meta/classes/license_image.bbclass +++ b/meta/classes/license_image.bbclass | |||
@@ -43,10 +43,16 @@ def write_license_files(d, license_manifest, pkg_dic, rootfs=True): | |||
43 | bad_licenses = [canonical_license(d, l) for l in bad_licenses] | 43 | bad_licenses = [canonical_license(d, l) for l in bad_licenses] |
44 | bad_licenses = expand_wildcard_licenses(d, bad_licenses) | 44 | bad_licenses = expand_wildcard_licenses(d, bad_licenses) |
45 | 45 | ||
46 | whitelist = [] | ||
47 | for lic in bad_licenses: | ||
48 | whitelist.extend((d.getVar("WHITELIST_" + lic) or "").split()) | ||
49 | |||
46 | with open(license_manifest, "w") as license_file: | 50 | with open(license_manifest, "w") as license_file: |
47 | for pkg in sorted(pkg_dic): | 51 | for pkg in sorted(pkg_dic): |
48 | if bad_licenses: | 52 | if bad_licenses and pkg not in whitelist: |
49 | try: | 53 | try: |
54 | if incompatible_pkg_license(d, bad_licenses, pkg_dic[pkg]["LICENSE"]): | ||
55 | bb.fatal("Package %s has an incompatible license %s and cannot be installed into the image." %(pkg, pkg_dic[pkg]["LICENSE"])) | ||
50 | (pkg_dic[pkg]["LICENSE"], pkg_dic[pkg]["LICENSES"]) = \ | 56 | (pkg_dic[pkg]["LICENSE"], pkg_dic[pkg]["LICENSES"]) = \ |
51 | oe.license.manifest_licenses(pkg_dic[pkg]["LICENSE"], | 57 | oe.license.manifest_licenses(pkg_dic[pkg]["LICENSE"], |
52 | bad_licenses, canonical_license, d) | 58 | bad_licenses, canonical_license, d) |
@@ -56,6 +62,8 @@ def write_license_files(d, license_manifest, pkg_dic, rootfs=True): | |||
56 | pkg_dic[pkg]["LICENSES"] = re.sub(r'[|&()*]', ' ', pkg_dic[pkg]["LICENSE"]) | 62 | pkg_dic[pkg]["LICENSES"] = re.sub(r'[|&()*]', ' ', pkg_dic[pkg]["LICENSE"]) |
57 | pkg_dic[pkg]["LICENSES"] = re.sub(r' *', ' ', pkg_dic[pkg]["LICENSES"]) | 63 | pkg_dic[pkg]["LICENSES"] = re.sub(r' *', ' ', pkg_dic[pkg]["LICENSES"]) |
58 | pkg_dic[pkg]["LICENSES"] = pkg_dic[pkg]["LICENSES"].split() | 64 | pkg_dic[pkg]["LICENSES"] = pkg_dic[pkg]["LICENSES"].split() |
65 | if pkg in whitelist: | ||
66 | bb.warn("Including %s with an incompatible license %s into the image, because it has been whitelisted." %(pkg, pkg_dic[pkg]["LICENSE"])) | ||
59 | 67 | ||
60 | if not "IMAGE_MANIFEST" in pkg_dic[pkg]: | 68 | if not "IMAGE_MANIFEST" in pkg_dic[pkg]: |
61 | # Rootfs manifest | 69 | # Rootfs manifest |
diff --git a/meta/lib/oeqa/selftest/cases/incompatible_lic.py b/meta/lib/oeqa/selftest/cases/incompatible_lic.py index 8fb93af8a8..424a9e69c3 100644 --- a/meta/lib/oeqa/selftest/cases/incompatible_lic.py +++ b/meta/lib/oeqa/selftest/cases/incompatible_lic.py | |||
@@ -39,3 +39,37 @@ class IncompatibleLicenseTests(OESelftestTestCase): | |||
39 | # INCOMPATIBLE_LICENSE contains this license | 39 | # INCOMPATIBLE_LICENSE contains this license |
40 | def test_incompatible_nonspdx_license(self): | 40 | def test_incompatible_nonspdx_license(self): |
41 | self.lic_test('incompatible-nonspdx-license', 'FooLicense', 'FooLicense') | 41 | self.lic_test('incompatible-nonspdx-license', 'FooLicense', 'FooLicense') |
42 | |||
43 | class IncompatibleLicensePerImageTests(OESelftestTestCase): | ||
44 | def default_config(self): | ||
45 | return """ | ||
46 | IMAGE_INSTALL_append = "bash" | ||
47 | INCOMPATIBLE_LICENSE_pn-core-image-minimal = "GPL-3.0 LGPL-3.0" | ||
48 | """ | ||
49 | |||
50 | def test_bash_default(self): | ||
51 | self.write_config(self.default_config()) | ||
52 | error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package bash has an incompatible license GPLv3+ and cannot be installed into the image." | ||
53 | |||
54 | result = bitbake('core-image-minimal', ignore_status=True) | ||
55 | if error_msg not in result.output: | ||
56 | raise AssertionError(result.output) | ||
57 | |||
58 | def test_bash_and_license(self): | ||
59 | self.write_config(self.default_config() + '\nLICENSE_append_pn-bash = " & SomeLicense"') | ||
60 | error_msg = "ERROR: core-image-minimal-1.0-r0 do_rootfs: Package bash has an incompatible license GPLv3+ & SomeLicense and cannot be installed into the image." | ||
61 | |||
62 | result = bitbake('core-image-minimal', ignore_status=True) | ||
63 | if error_msg not in result.output: | ||
64 | raise AssertionError(result.output) | ||
65 | |||
66 | def test_bash_or_license(self): | ||
67 | self.write_config(self.default_config() + '\nLICENSE_append_pn-bash = " | SomeLicense"') | ||
68 | |||
69 | bitbake('core-image-minimal') | ||
70 | |||
71 | def test_bash_whitelist(self): | ||
72 | self.write_config(self.default_config() + '\nWHITELIST_GPL-3.0_pn-core-image-minimal = "bash"') | ||
73 | |||
74 | bitbake('core-image-minimal') | ||
75 | |||