1 files changed, 12 insertions, 11 deletions
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 9eb9a95574..c0d4e2a972 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -138,17 +138,18 @@ python do_cve_check () {
    """
    from oe.cve_check import get_patched_cves
-    if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
+    with bb.utils.fileslocked([d.getVar("CVE_CHECK_DB_FILE_LOCK")], shared=True):
-        try:
+        if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
-            patched_cves = get_patched_cves(d)
+            try:
-        except FileNotFoundError:
+                patched_cves = get_patched_cves(d)
-            bb.fatal("Failure in searching patches")
+            except FileNotFoundError:
-        whitelisted, patched, unpatched, status = check_cves(d, patched_cves)
+                bb.fatal("Failure in searching patches")
-        if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):
+            ignored, patched, unpatched, status = check_cves(d, patched_cves)
-            cve_data = get_cve_info(d, patched + unpatched + whitelisted)
+            if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):
-            cve_write_data(d, patched, unpatched, whitelisted, cve_data, status)
+                cve_data = get_cve_info(d, patched + unpatched + ignored)
-    else:
+                cve_write_data(d, patched, unpatched, ignored, cve_data, status)
-        bb.note("No CVE database found, skipping CVE check")
+        else:
+            bb.note("No CVE database found, skipping CVE check")
 }

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 9eb9a95574..c0d4e2a972 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass
@@ -138,17 +138,18 @@ python do_cve_check () {
138	"""	138	"""
139	from oe.cve_check import get_patched_cves	139	from oe.cve_check import get_patched_cves
140		140
141	if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):	141	with bb.utils.fileslocked([d.getVar("CVE_CHECK_DB_FILE_LOCK")], shared=True):
142	try:	142	if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
143	patched_cves = get_patched_cves(d)	143	try:
144	except FileNotFoundError:	144	patched_cves = get_patched_cves(d)
145	bb.fatal("Failure in searching patches")	145	except FileNotFoundError:
146	whitelisted, patched, unpatched, status = check_cves(d, patched_cves)	146	bb.fatal("Failure in searching patches")
147	if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):	147	ignored, patched, unpatched, status = check_cves(d, patched_cves)
148	cve_data = get_cve_info(d, patched + unpatched + whitelisted)	148	if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):
149	cve_write_data(d, patched, unpatched, whitelisted, cve_data, status)	149	cve_data = get_cve_info(d, patched + unpatched + ignored)
150	else:	150	cve_write_data(d, patched, unpatched, ignored, cve_data, status)
151	bb.note("No CVE database found, skipping CVE check")	151	else:
		152	bb.note("No CVE database found, skipping CVE check")
152		153
153	}	154	}
154		155