Re: [OE-core] [PATCH] base/patch: Disable network for unpack/patch/configure/compile/install

Thu, 23 Dec 2021 03:31:35 -0800 


On 23.12.21 11:49, Peter Kjellerstedt wrote:

-----Original Message-----
From: openembedded-core@lists.openembedded.org 
<openembedded-core@lists.openembedded.org> On Behalf Of Richard Purdie
Sent: den 23 december 2021 00:21
To: openembedded-core@lists.openembedded.org
Subject: [OE-core] [PATCH] base/patch: Disable network for 
unpack/patch/configure/compile/install

Use the newly added nonetwork task flag to disable network access where
possible in unpack/patch/configure/compile/install tasks.

We can't disable networking in sstate tasks due to sstate downloads and
also so we can report hash equivalence to the server.


Since no tasks except fetch (and apparently the sstate tasks) are expected
to use the network, wouldn't it make more sense to reverse this flag? I.e.,
add do_fetch[network] = "1" instead. That way you don't get away with
adding some random task and using the network from it unless you explicitly
state that you will.



This is actually a brilliant idea, which would also make it easier to 
control this behavior from a user's perspective






Signed-off-by: Richard Purdie <richard.pur...@linuxfoundation.org>
---
  meta/classes/base.bbclass  | 4 ++++
  meta/classes/patch.bbclass | 1 +
  2 files changed, 5 insertions(+)

diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index b709777f243..e4c6c983b59 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -214,6 +214,7 @@ python create_source_date_epoch_stamp() {
      oe.reproducible.epochfile_write(source_date_epoch, d.getVar('SDE_FILE'), 
d)
  }
  do_unpack[postfuncs] += "create_source_date_epoch_stamp"
+do_unpack[nonetwork] = "1"

  def get_source_date_epoch_value(d):
      return oe.reproducible.epochfile_read(d.getVar('SDE_FILE'), d)
@@ -358,6 +359,7 @@ base_do_configure() {
                echo ${BB_TASKHASH} > ${CONFIGURESTAMPFILE}
        fi
  }
+do_configure[nonetwork] = "1"

  addtask compile after do_configure
  do_compile[dirs] = "${B}"
@@ -368,11 +370,13 @@ base_do_compile() {
                bbnote "nothing to compile"
        fi
  }
+do_compile[nonetwork] = "1"

  addtask install after do_compile
  do_install[dirs] = "${B}"
  # Remove and re-create ${D} so that is it guaranteed to be empty
  do_install[cleandirs] = "${D}"
+do_install[nonetwork] = "1"

  base_do_install() {
        :
diff --git a/meta/classes/patch.bbclass b/meta/classes/patch.bbclass
index 8de70254919..57aaf7c31d1 100644
--- a/meta/classes/patch.bbclass
+++ b/meta/classes/patch.bbclass
@@ -164,6 +164,7 @@ patch_do_patch[vardepsexclude] = "PATCHRESOLVE"

  addtask patch after do_unpack
  do_patch[dirs] = "${WORKDIR}"
+do_patch[nonetwork] = "1"
  do_patch[depends] = "${PATCHDEPENDENCY}"

  EXPORT_FUNCTIONS do_patch
--
2.32.0


//Peter






-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#159976): 
https://lists.openembedded.org/g/openembedded-core/message/159976
Mute This Topic: https://lists.openembedded.org/mt/87909311/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-























					Reply via email to