diff options
| author | Randy Witt <randy.e.witt@linux.intel.com> | 2016-04-07 16:34:49 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-04-09 23:00:43 +0100 |
| commit | 7e902807cb6c6d453972a3af4d632e627aa5e1fb (patch) | |
| tree | fb3c6d39285fc2d8b083ae13ff5da75f055ba0a6 /meta/lib/oeqa/selftest/signing.py | |
| parent | 7ce800c3a24bcbe14b6d204c177f89ba836cfd70 (diff) | |
| download | poky-7e902807cb6c6d453972a3af4d632e627aa5e1fb.tar.gz | |
sstatesig.py: Split single locked sigs check into multiple checks
Add the SIGGEN_LOCKEDSIGS_TASKSIG_CHECK and
SIGGEN_LOCKEDSIGS_SSTATE_EXISTS_CHECK variables to replace
SIGGEN_LOCKEDSIGS_CHECK_LEVEL.
SIGGEN_LOCKEDSIGS_TASKSIG_CHECK will no control whether there is a
warning or error if a task's hash in the locked signature file doesn't match
the computed hash from the current metadata.
SIGGEN_LOCKEDSIGS_SSTATE_EXISTS_CHECK will control whther there is a
warning or error if a task that supports sstate is in the locked
signature file, but no sstate exists for the task.
Previously you could only have warning/errors for both controlled by
SIGGEN_LOCKEDSIGS_CHECK_LEVEL. This was an issue in the extensible sdk,
because we know sstate won't exist for certain items in the reverse
dependencies list for tasks. However, we still want to error if task
signatures don't match.
[YOCTO #9195]
(From OE-Core rev: 0fe2a5e5ffd01e926d0f3d4c78ad9910296e2d1a)
Signed-off-by: Randy Witt <randy.e.witt@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/lib/oeqa/selftest/signing.py')
| -rw-r--r-- | meta/lib/oeqa/selftest/signing.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/meta/lib/oeqa/selftest/signing.py b/meta/lib/oeqa/selftest/signing.py index d2b3f0003c..1babca07df 100644 --- a/meta/lib/oeqa/selftest/signing.py +++ b/meta/lib/oeqa/selftest/signing.py | |||
| @@ -160,7 +160,7 @@ class LockedSignatures(oeSelfTest): | |||
| 160 | bitbake('-S none %s' % test_recipe) | 160 | bitbake('-S none %s' % test_recipe) |
| 161 | 161 | ||
| 162 | feature = 'require %s\n' % locked_sigs_file | 162 | feature = 'require %s\n' % locked_sigs_file |
| 163 | feature += 'SIGGEN_LOCKEDSIGS_CHECK_LEVEL = "warn"\n' | 163 | feature += 'SIGGEN_LOCKEDSIGS_TASKSIG_CHECK = "warn"\n' |
| 164 | self.write_config(feature) | 164 | self.write_config(feature) |
| 165 | 165 | ||
| 166 | # Build a locked recipe | 166 | # Build a locked recipe |
| @@ -180,7 +180,7 @@ class LockedSignatures(oeSelfTest): | |||
| 180 | ret = bitbake(test_recipe) | 180 | ret = bitbake(test_recipe) |
| 181 | 181 | ||
| 182 | # Verify you get the warning and that the real task *isn't* run (i.e. the locked signature has worked) | 182 | # Verify you get the warning and that the real task *isn't* run (i.e. the locked signature has worked) |
| 183 | patt = r'WARNING: The %s:do_package sig \S+ changed, use locked sig \S+ to instead' % test_recipe | 183 | patt = r'WARNING: The %s:do_package sig is computed to be \S+, but the sig is locked to \S+ in SIGGEN_LOCKEDSIGS\S+' % test_recipe |
| 184 | found_warn = re.search(patt, ret.output) | 184 | found_warn = re.search(patt, ret.output) |
| 185 | 185 | ||
| 186 | self.assertIsNotNone(found_warn, "Didn't find the expected warning message. Output: %s" % ret.output) | 186 | self.assertIsNotNone(found_warn, "Didn't find the expected warning message. Output: %s" % ret.output) |