diff options
Diffstat (limited to 'meta/classes/cve-check.bbclass')
-rw-r--r-- | meta/classes/cve-check.bbclass | 23 |
1 files changed, 12 insertions, 11 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 9eb9a95574..c0d4e2a972 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass | |||
@@ -138,17 +138,18 @@ python do_cve_check () { | |||
138 | """ | 138 | """ |
139 | from oe.cve_check import get_patched_cves | 139 | from oe.cve_check import get_patched_cves |
140 | 140 | ||
141 | if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): | 141 | with bb.utils.fileslocked([d.getVar("CVE_CHECK_DB_FILE_LOCK")], shared=True): |
142 | try: | 142 | if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")): |
143 | patched_cves = get_patched_cves(d) | 143 | try: |
144 | except FileNotFoundError: | 144 | patched_cves = get_patched_cves(d) |
145 | bb.fatal("Failure in searching patches") | 145 | except FileNotFoundError: |
146 | whitelisted, patched, unpatched, status = check_cves(d, patched_cves) | 146 | bb.fatal("Failure in searching patches") |
147 | if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status): | 147 | ignored, patched, unpatched, status = check_cves(d, patched_cves) |
148 | cve_data = get_cve_info(d, patched + unpatched + whitelisted) | 148 | if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status): |
149 | cve_write_data(d, patched, unpatched, whitelisted, cve_data, status) | 149 | cve_data = get_cve_info(d, patched + unpatched + ignored) |
150 | else: | 150 | cve_write_data(d, patched, unpatched, ignored, cve_data, status) |
151 | bb.note("No CVE database found, skipping CVE check") | 151 | else: |
152 | bb.note("No CVE database found, skipping CVE check") | ||
152 | 153 | ||
153 | } | 154 | } |
154 | 155 | ||