[honister,03/12] cve-check: add lockfile to task

Message ID	53dc9b10eb5f064c68120337126f1542c1e0c832.1642385249.git.anuj.mittal@intel.com
State	Accepted, archived
Commit	53dc9b10eb5f064c68120337126f1542c1e0c832
Headers	show Return-Path: <anuj.mittal@intel.com> ip: 192.55.52.93, mailfrom: anuj.mittal@intel.com) From: Anuj Mittal <anuj.mittal@intel.com> To: openembedded-core@lists.openembedded.org Subject: [honister][PATCH 03/12] cve-check: add lockfile to task Date: Mon, 17 Jan 2022 10:10:23 +0800 Message-Id: <53dc9b10eb5f064c68120337126f1542c1e0c832.1642385249.git.anuj.mittal@intel.com> In-Reply-To: <cover.1642385249.git.anuj.mittal@intel.com> References: <cover.1642385249.git.anuj.mittal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[honister,01/12] epiphany: Update 40.3 -> 40.6 \| expand [honister,01/12] epiphany: Update 40.3 -> 40.6 [honister,02/12] lib/oe/reproducible: correctly set .git location when recursively looking for git … [honister,03/12] cve-check: add lockfile to task [honister,04/12] xserver-xorg: whitelist two CVEs [honister,05/12] rootfs-postcommands.bbclass: Make two comments use the new variable syntax [honister,06/12] oeqa/sstate: Fix allarch samesigs test [honister,07/12] linux-yocto/5.10: update to v5.10.89 [honister,08/12] linux-yocto/5.14: fix arm 32bit -rt warnings [honister,09/12] linux-yocto/5.10/cfg: add kcov feature fragment [honister,10/12] linux-yocto/5.10: update to v5.10.90 [honister,11/12] libsndfile1: fix CVE-2021-4156 [honister,12/12] go: upgrade 1.16.10 -> 1.16.13

Message ID

53dc9b10eb5f064c68120337126f1542c1e0c832.1642385249.git.anuj.mittal@intel.com

State

Accepted, archived

Commit

53dc9b10eb5f064c68120337126f1542c1e0c832

Headers

From: Anuj Mittal <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [honister][PATCH 03/12] cve-check: add lockfile to task
Date: Mon, 17 Jan 2022 10:10:23 +0800
Message-Id: 
 <53dc9b10eb5f064c68120337126f1542c1e0c832.1642385249.git.anuj.mittal@intel.com>
In-Reply-To: <cover.1642385249.git.anuj.mittal@intel.com>
References: <cover.1642385249.git.anuj.mittal@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[honister,01/12] epiphany: Update 40.3 -> 40.6 | expand

Commit Message

Mittal, Anuj Jan. 17, 2022, 2:10 a.m. UTC

From: Konrad Weihmann <kweihmann@outlook.com>

this should prevent running into the very rare error
sqlite3.OperationalError: attempt to write a readonly database

As highlighted by https://www.sqlite.org/faq.html#q5
it is likely that the adapter won't allow use multiple exec calls
at the same time.

So it's best to prevent multiple accesses at a time, by reusing
the already in place CVE_CHECK_DB_FILE_LOCK

YOCTO #14110

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 677f5741bd265be49d4a5bb933b3e8d8c4eec653)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/cve-check.bbclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 70d1988a70..6c04ff9f09 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -111,6 +111,7 @@  python do_cve_check () {
 }
 
 addtask cve_check before do_build after do_fetch
+do_cve_check[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
 do_cve_check[depends] = "cve-update-db-native:do_fetch"
 do_cve_check[nostamp] = "1"

[honister,03/12] cve-check: add lockfile to task

Commit Message

Patch