summaryrefslogtreecommitdiffstats
path: root/meta
diff options
context:
space:
mode:
authorSaul Wold <Saul.Wold@windriver.com>2022-03-09 09:40:52 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2022-03-10 08:00:28 +0000
commitd9e500f83d0223925ca2595c77c8fb45eab10f7c (patch)
tree5b8fc1787ced86daebd7a7e26dd3bd69f9d5551b /meta
parent8827a3ed80ec8f0adcf4b778f88cb8f9f051262b (diff)
downloadpoky-d9e500f83d0223925ca2595c77c8fb45eab10f7c.tar.gz
meta/scripts: Improve internal variable naming
Update internal variable names to improve the terms used. (From OE-Core rev: f408068e5d7998ae165f3002e51bc54b380b8099) Signed-off-by: Saul Wold <saul.wold@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r--meta/classes/base.bbclass4
-rw-r--r--meta/classes/cross-canadian.bbclass6
-rw-r--r--meta/classes/cve-check.bbclass31
-rw-r--r--meta/classes/insane.bbclass7
-rw-r--r--meta/classes/populate_sdk_ext.bbclass18
-rw-r--r--meta/classes/sstate.bbclass4
-rw-r--r--meta/conf/distro/include/cve-extra-exclusions.inc2
-rw-r--r--meta/conf/distro/include/security_flags.inc2
-rw-r--r--meta/lib/oe/utils.py4
-rw-r--r--meta/lib/oeqa/manual/bsp-hw.json2
-rw-r--r--meta/lib/oeqa/selftest/cases/containerimage.py2
11 files changed, 42 insertions, 40 deletions
diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index b7869da3b3..cc81461473 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -329,9 +329,9 @@ python base_eventhandler() {
329 source_mirror_fetch = d.getVar('SOURCE_MIRROR_FETCH', False) 329 source_mirror_fetch = d.getVar('SOURCE_MIRROR_FETCH', False)
330 if not source_mirror_fetch: 330 if not source_mirror_fetch:
331 provs = (d.getVar("PROVIDES") or "").split() 331 provs = (d.getVar("PROVIDES") or "").split()
332 multiwhitelist = (d.getVar("BB_MULTI_PROVIDER_ALLOWED") or "").split() 332 multiprovidersallowed = (d.getVar("BB_MULTI_PROVIDER_ALLOWED") or "").split()
333 for p in provs: 333 for p in provs:
334 if p.startswith("virtual/") and p not in multiwhitelist: 334 if p.startswith("virtual/") and p not in multiprovidersallowed:
335 profprov = d.getVar("PREFERRED_PROVIDER_" + p) 335 profprov = d.getVar("PREFERRED_PROVIDER_" + p)
336 if profprov and pn != profprov: 336 if profprov and pn != profprov:
337 raise bb.parse.SkipRecipe("PREFERRED_PROVIDER_%s set to %s, not %s" % (p, profprov, pn)) 337 raise bb.parse.SkipRecipe("PREFERRED_PROVIDER_%s set to %s, not %s" % (p, profprov, pn))
diff --git a/meta/classes/cross-canadian.bbclass b/meta/classes/cross-canadian.bbclass
index ac82e86356..a0e9d23836 100644
--- a/meta/classes/cross-canadian.bbclass
+++ b/meta/classes/cross-canadian.bbclass
@@ -36,7 +36,7 @@ python () {
36 return 36 return
37 37
38 tos = d.getVar("TARGET_OS") 38 tos = d.getVar("TARGET_OS")
39 whitelist = ["mingw32"] 39 tos_known = ["mingw32"]
40 extralibcs = [""] 40 extralibcs = [""]
41 if "musl" in d.getVar("BASECANADIANEXTRAOS"): 41 if "musl" in d.getVar("BASECANADIANEXTRAOS"):
42 extralibcs.append("musl") 42 extralibcs.append("musl")
@@ -51,8 +51,8 @@ python () {
51 entry = entry + "-gnu" + variant 51 entry = entry + "-gnu" + variant
52 elif libc: 52 elif libc:
53 entry = entry + "-" + libc 53 entry = entry + "-" + libc
54 whitelist.append(entry) 54 tos_known.append(entry)
55 if tos not in whitelist: 55 if tos not in tos_known:
56 bb.fatal("Building cross-candian for an unknown TARGET_SYS (%s), please update cross-canadian.bbclass" % d.getVar("TARGET_SYS")) 56 bb.fatal("Building cross-candian for an unknown TARGET_SYS (%s), please update cross-canadian.bbclass" % d.getVar("TARGET_SYS"))
57 57
58 for n in ["PROVIDES", "DEPENDS"]: 58 for n in ["PROVIDES", "DEPENDS"]:
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 079d09a76f..dfad10c22b 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -43,11 +43,12 @@ CVE_CHECK_CREATE_MANIFEST ??= "1"
43 43
44CVE_CHECK_REPORT_PATCHED ??= "1" 44CVE_CHECK_REPORT_PATCHED ??= "1"
45 45
46# Whitelist for packages (PN) 46# Skip CVE Check for packages (PN)
47CVE_CHECK_SKIP_RECIPE ?= "" 47CVE_CHECK_SKIP_RECIPE ?= ""
48 48
49# Whitelist for CVE. If a CVE is found, then it is considered patched. 49# Ingore the check for a given list of CVEs. If a CVE is found,
50# The value is a string containing space separated CVE values: 50# then it is considered patched. The value is a string containing
51# space separated CVE values:
51# 52#
52# CVE_CHECK_IGNORE = 'CVE-2014-2524 CVE-2018-1234' 53# CVE_CHECK_IGNORE = 'CVE-2014-2524 CVE-2018-1234'
53# 54#
@@ -101,10 +102,10 @@ python do_cve_check () {
101 patched_cves = get_patched_cves(d) 102 patched_cves = get_patched_cves(d)
102 except FileNotFoundError: 103 except FileNotFoundError:
103 bb.fatal("Failure in searching patches") 104 bb.fatal("Failure in searching patches")
104 whitelisted, patched, unpatched = check_cves(d, patched_cves) 105 ignored, patched, unpatched = check_cves(d, patched_cves)
105 if patched or unpatched: 106 if patched or unpatched:
106 cve_data = get_cve_info(d, patched + unpatched) 107 cve_data = get_cve_info(d, patched + unpatched)
107 cve_write_data(d, patched, unpatched, whitelisted, cve_data) 108 cve_write_data(d, patched, unpatched, ignored, cve_data)
108 else: 109 else:
109 bb.note("No CVE database found, skipping CVE check") 110 bb.note("No CVE database found, skipping CVE check")
110 111
@@ -176,12 +177,12 @@ def check_cves(d, patched_cves):
176 return ([], [], []) 177 return ([], [], [])
177 pv = d.getVar("CVE_VERSION").split("+git")[0] 178 pv = d.getVar("CVE_VERSION").split("+git")[0]
178 179
179 # If the recipe has been whitelisted we return empty lists 180 # If the recipe has been skipped/ignored we return empty lists
180 if pn in d.getVar("CVE_CHECK_SKIP_RECIPE").split(): 181 if pn in d.getVar("CVE_CHECK_SKIP_RECIPE").split():
181 bb.note("Recipe has been whitelisted, skipping check") 182 bb.note("Recipe has been skipped by cve-check")
182 return ([], [], []) 183 return ([], [], [])
183 184
184 cve_whitelist = d.getVar("CVE_CHECK_IGNORE").split() 185 cve_ignore = d.getVar("CVE_CHECK_IGNORE").split()
185 186
186 import sqlite3 187 import sqlite3
187 db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro") 188 db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
@@ -198,9 +199,9 @@ def check_cves(d, patched_cves):
198 for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)): 199 for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)):
199 cve = cverow[0] 200 cve = cverow[0]
200 201
201 if cve in cve_whitelist: 202 if cve in cve_ignore:
202 bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve)) 203 bb.note("%s-%s has been ignored for %s" % (product, pv, cve))
203 # TODO: this should be in the report as 'whitelisted' 204 # TODO: this should be in the report as 'ignored'
204 patched_cves.add(cve) 205 patched_cves.add(cve)
205 continue 206 continue
206 elif cve in patched_cves: 207 elif cve in patched_cves:
@@ -254,7 +255,7 @@ def check_cves(d, patched_cves):
254 255
255 conn.close() 256 conn.close()
256 257
257 return (list(cve_whitelist), list(patched_cves), cves_unpatched) 258 return (list(cve_ignore), list(patched_cves), cves_unpatched)
258 259
259def get_cve_info(d, cves): 260def get_cve_info(d, cves):
260 """ 261 """
@@ -279,7 +280,7 @@ def get_cve_info(d, cves):
279 conn.close() 280 conn.close()
280 return cve_data 281 return cve_data
281 282
282def cve_write_data(d, patched, unpatched, whitelisted, cve_data): 283def cve_write_data(d, patched, unpatched, ignored, cve_data):
283 """ 284 """
284 Write CVE information in WORKDIR; and to CVE_CHECK_DIR, and 285 Write CVE information in WORKDIR; and to CVE_CHECK_DIR, and
285 CVE manifest if enabled. 286 CVE manifest if enabled.
@@ -312,8 +313,8 @@ def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
312 write_string += "PACKAGE NAME: %s\n" % d.getVar("PN") 313 write_string += "PACKAGE NAME: %s\n" % d.getVar("PN")
313 write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV")) 314 write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV"))
314 write_string += "CVE: %s\n" % cve 315 write_string += "CVE: %s\n" % cve
315 if cve in whitelisted: 316 if cve in ignored:
316 write_string += "CVE STATUS: Whitelisted\n" 317 write_string += "CVE STATUS: Ignored\n"
317 elif is_patched: 318 elif is_patched:
318 write_string += "CVE STATUS: Patched\n" 319 write_string += "CVE STATUS: Patched\n"
319 else: 320 else:
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 270b7860c7..0deebdb148 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -441,7 +441,8 @@ def package_qa_hash_style(path, name, d, elf, messages):
441QAPATHTEST[buildpaths] = "package_qa_check_buildpaths" 441QAPATHTEST[buildpaths] = "package_qa_check_buildpaths"
442def package_qa_check_buildpaths(path, name, d, elf, messages): 442def package_qa_check_buildpaths(path, name, d, elf, messages):
443 """ 443 """
444 Check for build paths inside target files and error if not found in the whitelist 444 Check for build paths inside target files and error if paths are not
445 explicitly ignored.
445 """ 446 """
446 # Ignore .debug files, not interesting 447 # Ignore .debug files, not interesting
447 if path.find(".debug") != -1: 448 if path.find(".debug") != -1:
@@ -1283,8 +1284,8 @@ Rerun configure task after fixing this."""
1283 options = set() 1284 options = set()
1284 for line in output.splitlines(): 1285 for line in output.splitlines():
1285 options |= set(line.partition(flag)[2].split()) 1286 options |= set(line.partition(flag)[2].split())
1286 whitelist = set(d.getVar("UNKNOWN_CONFIGURE_OPT_IGNORE").split()) 1287 ignore_opts = set(d.getVar("UNKNOWN_CONFIGURE_OPT_IGNORE").split())
1287 options -= whitelist 1288 options -= ignore_opts
1288 if options: 1289 if options:
1289 pn = d.getVar('PN') 1290 pn = d.getVar('PN')
1290 error_msg = pn + ": configure was passed unrecognised options: " + " ".join(options) 1291 error_msg = pn + ": configure was passed unrecognised options: " + " ".join(options)
diff --git a/meta/classes/populate_sdk_ext.bbclass b/meta/classes/populate_sdk_ext.bbclass
index 9c9561c5c6..e2019f9bbf 100644
--- a/meta/classes/populate_sdk_ext.bbclass
+++ b/meta/classes/populate_sdk_ext.bbclass
@@ -282,8 +282,8 @@ python copy_buildsystem () {
282 bb.utils.mkdirhier(uninative_outdir) 282 bb.utils.mkdirhier(uninative_outdir)
283 shutil.copy(uninative_file, uninative_outdir) 283 shutil.copy(uninative_file, uninative_outdir)
284 284
285 env_whitelist = (d.getVar('BB_ENV_PASSTHROUGH_ADDITIONS') or '').split() 285 env_passthrough = (d.getVar('BB_ENV_PASSTHROUGH_ADDITIONS') or '').split()
286 env_whitelist_values = {} 286 env_passthrough_values = {}
287 287
288 # Create local.conf 288 # Create local.conf
289 builddir = d.getVar('TOPDIR') 289 builddir = d.getVar('TOPDIR')
@@ -294,15 +294,15 @@ python copy_buildsystem () {
294 if derivative: 294 if derivative:
295 shutil.copyfile(builddir + '/conf/local.conf', baseoutpath + '/conf/local.conf') 295 shutil.copyfile(builddir + '/conf/local.conf', baseoutpath + '/conf/local.conf')
296 else: 296 else:
297 local_conf_whitelist = (d.getVar('ESDK_LOCALCONF_ALLOW') or '').split() 297 local_conf_allowed = (d.getVar('ESDK_LOCALCONF_ALLOW') or '').split()
298 local_conf_blacklist = (d.getVar('ESDK_LOCALCONF_REMOVE') or '').split() 298 local_conf_remove = (d.getVar('ESDK_LOCALCONF_REMOVE') or '').split()
299 def handle_var(varname, origvalue, op, newlines): 299 def handle_var(varname, origvalue, op, newlines):
300 if varname in local_conf_blacklist or (origvalue.strip().startswith('/') and not varname in local_conf_whitelist): 300 if varname in local_conf_remove or (origvalue.strip().startswith('/') and not varname in local_conf_allowed):
301 newlines.append('# Removed original setting of %s\n' % varname) 301 newlines.append('# Removed original setting of %s\n' % varname)
302 return None, op, 0, True 302 return None, op, 0, True
303 else: 303 else:
304 if varname in env_whitelist: 304 if varname in env_passthrough:
305 env_whitelist_values[varname] = origvalue 305 env_passthrough_values[varname] = origvalue
306 return origvalue, op, 0, True 306 return origvalue, op, 0, True
307 varlist = ['[^#=+ ]*'] 307 varlist = ['[^#=+ ]*']
308 oldlines = [] 308 oldlines = []
@@ -356,7 +356,7 @@ python copy_buildsystem () {
356 # We want to be able to set this without a full reparse 356 # We want to be able to set this without a full reparse
357 f.write('BB_HASHCONFIG_IGNORE_VARS:append = " SIGGEN_UNLOCKED_RECIPES"\n\n') 357 f.write('BB_HASHCONFIG_IGNORE_VARS:append = " SIGGEN_UNLOCKED_RECIPES"\n\n')
358 358
359 # Set up whitelist for run on install 359 # Set up which tasks are ignored for run on install
360 f.write('BB_SETSCENE_ENFORCE_IGNORE_TASKS = "%:* *:do_shared_workdir *:do_rm_work wic-tools:* *:do_addto_recipe_sysroot"\n\n') 360 f.write('BB_SETSCENE_ENFORCE_IGNORE_TASKS = "%:* *:do_shared_workdir *:do_rm_work wic-tools:* *:do_addto_recipe_sysroot"\n\n')
361 361
362 # Hide the config information from bitbake output (since it's fixed within the SDK) 362 # Hide the config information from bitbake output (since it's fixed within the SDK)
@@ -438,7 +438,7 @@ python copy_buildsystem () {
438 # Ensure any variables set from the external environment (by way of 438 # Ensure any variables set from the external environment (by way of
439 # BB_ENV_PASSTHROUGH_ADDITIONS) are set in the SDK's configuration 439 # BB_ENV_PASSTHROUGH_ADDITIONS) are set in the SDK's configuration
440 extralines = [] 440 extralines = []
441 for name, value in env_whitelist_values.items(): 441 for name, value in env_passthrough_values.items():
442 actualvalue = d.getVar(name) or '' 442 actualvalue = d.getVar(name) or ''
443 if value != actualvalue: 443 if value != actualvalue:
444 extralines.append('%s = "%s"\n' % (name, actualvalue)) 444 extralines.append('%s = "%s"\n' % (name, actualvalue))
diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index 7aca415159..163bdf0b5f 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -259,13 +259,13 @@ def sstate_install(ss, d):
259 shareddirs.append(dstdir) 259 shareddirs.append(dstdir)
260 260
261 # Check the file list for conflicts against files which already exist 261 # Check the file list for conflicts against files which already exist
262 whitelist = (d.getVar("SSTATE_ALLOW_OVERLAP_FILES") or "").split() 262 overlap_allowed = (d.getVar("SSTATE_ALLOW_OVERLAP_FILES") or "").split()
263 match = [] 263 match = []
264 for f in sharedfiles: 264 for f in sharedfiles:
265 if os.path.exists(f) and not os.path.islink(f): 265 if os.path.exists(f) and not os.path.islink(f):
266 f = os.path.normpath(f) 266 f = os.path.normpath(f)
267 realmatch = True 267 realmatch = True
268 for w in whitelist: 268 for w in overlap_allowed:
269 w = os.path.normpath(w) 269 w = os.path.normpath(w)
270 if f.startswith(w): 270 if f.startswith(w):
271 realmatch = False 271 realmatch = False
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index 85b40207bf..6c19cd293d 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -26,7 +26,7 @@ CVE_CHECK_IGNORE += "CVE-2000-0006"
26# There has been much discussion amongst the epiphany and webkit developers and 26# There has been much discussion amongst the epiphany and webkit developers and
27# whilst there are improvements about how domains are handled and displayed to the user 27# whilst there are improvements about how domains are handled and displayed to the user
28# there is unlikely ever to be a single fix to webkit or epiphany which addresses this 28# there is unlikely ever to be a single fix to webkit or epiphany which addresses this
29# problem. Whitelisted as there isn't any mitigation or fix or way to progress this further 29# problem. Ignore this CVE as there isn't any mitigation or fix or way to progress this further
30# we can seem to take. 30# we can seem to take.
31CVE_CHECK_IGNORE += "CVE-2005-0238" 31CVE_CHECK_IGNORE += "CVE-2005-0238"
32 32
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index e469eadca1..8374cb8544 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -1,6 +1,6 @@
1# Setup extra CFLAGS and LDFLAGS which have 'security' benefits. These 1# Setup extra CFLAGS and LDFLAGS which have 'security' benefits. These
2# don't work universally, there are recipes which can't use one, the other 2# don't work universally, there are recipes which can't use one, the other
3# or both so a blacklist is maintained here. The idea would be over 3# or both so an override is maintained here. The idea would be over
4# time to reduce this list to nothing. 4# time to reduce this list to nothing.
5# From a Yocto Project perspective, this file is included and tested 5# From a Yocto Project perspective, this file is included and tested
6# in the DISTRO="poky" configuration. 6# in the DISTRO="poky" configuration.
diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py
index 84790b7dff..46fc76c261 100644
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -221,12 +221,12 @@ def packages_filter_out_system(d):
221 PN-dbg PN-doc PN-locale-eb-gb removed. 221 PN-dbg PN-doc PN-locale-eb-gb removed.
222 """ 222 """
223 pn = d.getVar('PN') 223 pn = d.getVar('PN')
224 blacklist = [pn + suffix for suffix in ('', '-dbg', '-dev', '-doc', '-locale', '-staticdev', '-src')] 224 pkgfilter = [pn + suffix for suffix in ('', '-dbg', '-dev', '-doc', '-locale', '-staticdev', '-src')]
225 localepkg = pn + "-locale-" 225 localepkg = pn + "-locale-"
226 pkgs = [] 226 pkgs = []
227 227
228 for pkg in d.getVar('PACKAGES').split(): 228 for pkg in d.getVar('PACKAGES').split():
229 if pkg not in blacklist and localepkg not in pkg: 229 if pkg not in pkgfilter and localepkg not in pkg:
230 pkgs.append(pkg) 230 pkgs.append(pkg)
231 return pkgs 231 return pkgs
232 232
diff --git a/meta/lib/oeqa/manual/bsp-hw.json b/meta/lib/oeqa/manual/bsp-hw.json
index ca91987e31..308a0807f3 100644
--- a/meta/lib/oeqa/manual/bsp-hw.json
+++ b/meta/lib/oeqa/manual/bsp-hw.json
@@ -26,7 +26,7 @@
26 "expected_results": "" 26 "expected_results": ""
27 }, 27 },
28 "5": { 28 "5": {
29 "action": "Remove USB, and reboot into new installed system. \nNote: If installation was successfully completed and received this message \"\"(sdx): Volume was not properly unmounted...Please run fsck.\"\" ignore it because this was whitelisted according to bug 9652.", 29 "action": "Remove USB, and reboot into new installed system. \nNote: If installation was successfully completed and received this message \"\"(sdx): Volume was not properly unmounted...Please run fsck.\"\" ignore it because this was allowed according to bug 9652.",
30 "expected_results": "" 30 "expected_results": ""
31 } 31 }
32 }, 32 },
diff --git a/meta/lib/oeqa/selftest/cases/containerimage.py b/meta/lib/oeqa/selftest/cases/containerimage.py
index 3068c9ba26..e0aea1a1ef 100644
--- a/meta/lib/oeqa/selftest/cases/containerimage.py
+++ b/meta/lib/oeqa/selftest/cases/containerimage.py
@@ -13,7 +13,7 @@ from oeqa.utils.commands import bitbake, get_bb_vars, runCmd
13# The only package added to the image is container_image_testpkg, which 13# The only package added to the image is container_image_testpkg, which
14# contains one file. However, due to some other things not cleaning up during 14# contains one file. However, due to some other things not cleaning up during
15# rootfs creation, there is some cruft. Ideally bugs will be filed and the 15# rootfs creation, there is some cruft. Ideally bugs will be filed and the
16# cruft removed, but for now we whitelist some known set. 16# cruft removed, but for now we ignore some known set.
17# 17#
18# Also for performance reasons we're only checking the cruft when using ipk. 18# Also for performance reasons we're only checking the cruft when using ipk.
19# When using deb, and rpm it is a bit different and we could test all 19# When using deb, and rpm it is a bit different and we could test all