Hi, The series works for me. For reference the issue that I had is that the qemuarm64 doesn't include the kernel in the cve report, since it is not part of the image, while the qemux86-64 does.
I have tested it locally and it seems to work fine, also filtering out the files not included in the kernel. Best regards, Daniel > -----Original Message----- > From: ValentinBoudevin <[email protected]> > Sent: Monday, 2 February 2026 22:08 > To: [email protected] > Cc: Daniel Turull <[email protected]>; > [email protected]; ValentinBoudevin > <[email protected]> > Subject: [PATCH v6 0/2] improve_kernel_cve_report: Add a bbclass support > > Changes since v5: > - Update the maintainers.inc file to add new maintainer for the > vulns-native recipe. > - Update vulns-native recipe to remove the variables > VULNS_NATIVE_DEFAULT_SRCREV and VULNS_NATIVE_USE_AUTOREV for a > fixed > SRCREV usage (AUTOREV will be recommended in the documentation if the user > wants to use the latest available commit). > - Update improve_kernel_cve_report-base.bbclass __anonymous function check > the provider based on IMPROVE_KERNEL_PREFERRED_PROVIDER corresponds > to the SPDX version used. It guarantees that the correct SPDX version is used > with > the improve_kernel_cve_report*.bbclass inherited. > > Changes since v4: > - Add a new commit which contains a new recipe "vulns-native" to clone the > Linux Security Vulns Repo. > - Remove the tasks do_clone_kernel_cve which is now done by the new vulns- > native recipe. > - Update the do_scout_extra_kernel_vulns task to use the new vulns-native > repository path. > - Remove variables IMPROVE_KERNEL_CVE_SRC_URI, > IMPROVE_KERNEL_CVE_SRCREV, IMPROVE_KERNEL_CVE_NETWORK, > IMPROVE_KERNEL_CVE_WORKDIR, and IMPROVE_KERNEL_CVE_DESTSUFFIX. > - Modify __anonymous function to not set SRC_URI and SRCREV. > - Update __anonymous function to use bb.data.inherits_class. > - Update the commit message to reflect these changes. > - Move improve_kernel_cve_report.bbclass to improve_kernel_cve_report-spdx- > 3.0.bbclass. > - New improve_kernel_cve_report.bbclass to include the appropriate spdx > version bbclass. > > Changes since v3: > -Avoid code duplication with a new bbclass "improve_kernel_cve_report- > base.bbclass". > -Remove direct set of SRC_URI and SRCREV for offline mode. > -Use new __anonymous function to set SRC_URI, SRCREV and task schedule > do_scout_extra_kernel_vulns based on SPDX version used. > -improve_kernel_cve_report-spdx-2.2.bbclass and improve_kernel_cve_report- > spdx.bbclass are only used to define IMPROVE_KERNEL_PREFERRED_PROVIDER > and IMPROVE_KERNEL_SPDX_FILE > > Changes since v2: > - Fixed SRC_URI:append syntax (a space was missing with the append operator). > - Removed unused variable debug_source_path > > Changes since v1: > - IMPROVE_KERNEL_CVE_SRC_URI and IMPROVE_KERNEL_CVE_SRCREV can be > used to set a different source repository or a deterministic revision. > - IMPROVE_KERNEL_CVE_NETWORK variable can be used to use this repo offline > based on existing fetch repo in DL_DIR. > - Add support for SPDX2.2 with a new bbclass improve_kernel_cve_report-spdx- > 2.2.bbclass. > > ValentinBoudevin (2): > vulns: add a new recipe > improve_kernel_cve_report: Add a bbclass support > > .../improve_kernel_cve_report-base.bbclass | 64 +++++++++++++++++++ > ...improve_kernel_cve_report-spdx-2.2.bbclass | 4 ++ > ...improve_kernel_cve_report-spdx-3.0.bbclass | 4 ++ > .../classes/improve_kernel_cve_report.bbclass | 3 + > meta/conf/distro/include/maintainers.inc | 1 + > .../vulns-native/vulns-native_git.bb | 19 ++++++ > 6 files changed, 95 insertions(+) > create mode 100644 meta/classes/improve_kernel_cve_report-base.bbclass > create mode 100644 meta/classes/improve_kernel_cve_report-spdx-2.2.bbclass > create mode 100644 meta/classes/improve_kernel_cve_report-spdx-3.0.bbclass > create mode 100644 meta/classes/improve_kernel_cve_report.bbclass > create mode 100644 meta/recipes-kernel/vulns-native/vulns-native_git.bb
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230539): https://lists.openembedded.org/g/openembedded-core/message/230539 Mute This Topic: https://lists.openembedded.org/mt/117604722/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
