This recipe is in charge of cloning and setting the Linux repository: https://git.kernel.org/pub/scm/linux/security/vulns.git/
If the build is online, it is recommanded to use SRCREV set to AUTOREV to use the latest available commit on the remote repository and stay up-to-date with the latest CVE information available. AUTOREV would make the build non-deterministic which would break offline, turned off by default. Signed-off-by: ValentinBoudevin <[email protected]> --- meta/conf/distro/include/maintainers.inc | 1 + .../vulns-native/vulns-native_git.bb | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 meta/recipes-kernel/vulns-native/vulns-native_git.bb diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc index 550ef0e0e7..f21a00749a 100644 --- a/meta/conf/distro/include/maintainers.inc +++ b/meta/conf/distro/include/maintainers.inc @@ -875,6 +875,7 @@ RECIPE_MAINTAINER:pn-vulkan-tools = "Unassigned <[email protected]>" RECIPE_MAINTAINER:pn-vulkan-utility-libraries = "Unassigned <[email protected]>" RECIPE_MAINTAINER:pn-vulkan-validation-layers = "Vincent Davis Jr <[email protected]>" RECIPE_MAINTAINER:pn-vulkan-volk = "Unassigned <[email protected]>" +RECIPE_MAINTAINER:pn-vulns-native = "Valentin Boudevin <[email protected]>" RECIPE_MAINTAINER:pn-waffle = "Ross Burton <[email protected]>" RECIPE_MAINTAINER:pn-watchdog = "Unassigned <[email protected]>" RECIPE_MAINTAINER:pn-watchdog-config = "Unassigned <[email protected]>" diff --git a/meta/recipes-kernel/vulns-native/vulns-native_git.bb b/meta/recipes-kernel/vulns-native/vulns-native_git.bb new file mode 100644 index 0000000000..7ea3f743d5 --- /dev/null +++ b/meta/recipes-kernel/vulns-native/vulns-native_git.bb @@ -0,0 +1,19 @@ +SUMMARY = "Linux Security Vulns Repo" +DESCRIPTION = "Repo for tracking and maintaining the CVE identifiers reserved and assigned to \ +the Linux kernel project." +HOMEPAGE = "https://git.kernel.org/pub/scm/linux/security/vulns.git/"; +LICENSE = "cve-tou" +LIC_FILES_CHKSUM = "file://LICENSES/cve-tou.txt;md5=0d1f8ff7666c210e0b0404fd9d7e6703" + +inherit allarch native + +SRC_URI = "git://git.kernel.org/pub/scm/linux/security/vulns.git;branch=master;protocol=https" + +# SRCREV is pinned to a fixed commit to ensure reproducible builds +# To get the latest commit available and stay up-to-date, set AUTOREV as SRCREV with SRCREV:pn-vulns-native = "${AUTOREV}" +SRCREV ?= "2c9b20d7a0699222b58c4824560b716b6096637b" + +do_install(){ + install -d ${D}${datadir}/vulns-native + cp -r ${UNPACKDIR}/vulns-git/* ${D}${datadir}/vulns-native/ +}
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230405): https://lists.openembedded.org/g/openembedded-core/message/230405 Mute This Topic: https://lists.openembedded.org/mt/117604723/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
