Use the script generate-cve-exclusions.py in a class to generate kernel CVE
exclusion from cvelistV5 and integrates it into linux-yocto.
Changes since v2:
- Patch 4/4: Inherit the new bbclass in linux-yocto.inc instead of
individual recipes.
Changes since v1:
- Patch 2/4: Removed the mandatory execution of the
generate-cve-exclusions class on every build. It now needs to be
manually run using:
bitbake -c generate-cve-exclusions <kernel-recipe>
ValentinBoudevin (4):
generate-cve-exclusions: Add --output-json option
generate-cve-exclusions: Add a .bbclass
generate-cve-exclusions: Move python script
linux: Add inherit on generate-cve-exclusions
meta/classes/generate-cve-exclusions.bbclass | 67 +++++++++++++++++++
meta/recipes-kernel/linux/linux-yocto.inc | 3 +
.../contrib}/generate-cve-exclusions.py | 64 ++++++++++++++----
3 files changed, 120 insertions(+), 14 deletions(-)
create mode 100644 meta/classes/generate-cve-exclusions.bbclass
rename {meta/recipes-kernel/linux =>
scripts/contrib}/generate-cve-exclusions.py (71%)
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#228924):
https://lists.openembedded.org/g/openembedded-core/message/228924
Mute This Topic: https://lists.openembedded.org/mt/117112768/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
