From 9ba2f3b8c3937bb4a3376d5537774f1dbb321bef Mon Sep 17 00:00:00 2001 From: Chris Laplante Date: Wed, 9 Sep 2020 16:51:07 -0400 Subject: cve-check/cve-update-db-native: use lockfile to fix usage under multiconfig Previously CVE_CHECK_DB_FILE / CVE_CHECK_DB_DIR was the same across multiconfigs which led to a race condition wherein multiple cve-update-db-native:do_populate_cve_db tasks could attempt to write to the same sqlite database. This led to the following task failure: Error executing a python function in exec_python_func() autogenerated: The stack trace of python calls that resulted in this exception/failure was: File: 'exec_python_func() autogenerated', lineno: 2, function: 0001: *** 0002:do_populate_cve_db(d) 0003: File: '/mnt/data/agent/work/74f119cccb44f133/yocto/sources/poky/meta/recipes-core/meta/cve-update-db-native.bb', lineno: 103, function: do_populate_cve_db 0099: if year == date.today().year: 0100: cve_f.write('CVE database update : %s\n\n' % date.today()) 0101: 0102: cve_f.close() *** 0103: conn.commit() 0104: conn.close() 0105:} 0106: 0107:def initialize_db(c): Exception: sqlite3.OperationalError: disk I/O error Use a lockfile to ensure multiple tasks don't step over each other. (From OE-Core rev: 24e9380643a2ae3fcae193519cb64aedaf682153) Signed-off-by: Chris Laplante Signed-off-by: Richard Purdie --- meta/classes/cve-check.bbclass | 1 + 1 file changed, 1 insertion(+) (limited to 'meta/classes') diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 0889e7544a..35b7d0f298 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -27,6 +27,7 @@ CVE_VERSION ??= "${PV}" CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK" CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db" +CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock" CVE_CHECK_LOG ?= "${T}/cve.log" CVE_CHECK_TMP_FILE ?= "${TMPDIR}/cve_check" -- cgit v1.2.3-54-g00ecf