|
|
@@ -145,17 +145,18 @@ python do_cve_check () {
|
|
|
"""
|
|
|
from oe.cve_check import get_patched_cves
|
|
|
|
|
|
- if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
|
|
|
- try:
|
|
|
- patched_cves = get_patched_cves(d)
|
|
|
- except FileNotFoundError:
|
|
|
- bb.fatal("Failure in searching patches")
|
|
|
- ignored, patched, unpatched, status = check_cves(d, patched_cves)
|
|
|
- if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):
|
|
|
- cve_data = get_cve_info(d, patched + unpatched + ignored)
|
|
|
- cve_write_data(d, patched, unpatched, ignored, cve_data, status)
|
|
|
- else:
|
|
|
- bb.note("No CVE database found, skipping CVE check")
|
|
|
+ with bb.utils.fileslocked([d.getVar("CVE_CHECK_DB_FILE_LOCK")], shared=True):
|
|
|
+ if os.path.exists(d.getVar("CVE_CHECK_DB_FILE")):
|
|
|
+ try:
|
|
|
+ patched_cves = get_patched_cves(d)
|
|
|
+ except FileNotFoundError:
|
|
|
+ bb.fatal("Failure in searching patches")
|
|
|
+ ignored, patched, unpatched, status = check_cves(d, patched_cves)
|
|
|
+ if patched or unpatched or (d.getVar("CVE_CHECK_COVERAGE") == "1" and status):
|
|
|
+ cve_data = get_cve_info(d, patched + unpatched + ignored)
|
|
|
+ cve_write_data(d, patched, unpatched, ignored, cve_data, status)
|
|
|
+ else:
|
|
|
+ bb.note("No CVE database found, skipping CVE check")
|
|
|
|
|
|
}
|
|
|
|
Joshua Watt