[hardknott,15/15] cve-check: add lockfile to task

Message ID	155c238d340fdc82420ba9f367cb23014c78b705.1642736951.git.anuj.mittal@intel.com
State	Accepted, archived
Commit	155c238d340fdc82420ba9f367cb23014c78b705
Headers	show Return-Path: <anuj.mittal@intel.com> ip: 192.55.52.115, mailfrom: anuj.mittal@intel.com) From: Anuj Mittal <anuj.mittal@intel.com> To: openembedded-core@lists.openembedded.org Subject: [hardknott][PATCH 15/15] cve-check: add lockfile to task Date: Fri, 21 Jan 2022 22:51:03 +0800 Message-Id: <155c238d340fdc82420ba9f367cb23014c78b705.1642736951.git.anuj.mittal@intel.com> In-Reply-To: <cover.1642736950.git.anuj.mittal@intel.com> References: <cover.1642736950.git.anuj.mittal@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[hardknott,01/15] go: upgrade 1.16.10 -> 1.16.13 \| expand [hardknott,01/15] go: upgrade 1.16.10 -> 1.16.13 [hardknott,02/15] libsndfile1: fix CVE-2021-4156 [hardknott,03/15] arch-armv8-5a.inc: Add tune include for armv8.5a [hardknott,04/15] armv9a/tune: Add the support for the Neoverse N2 core [hardknott,05/15] curl: Backport CVE fixes [hardknott,06/15] scripts: Update to use exec_module() instead of load_module() [hardknott,07/15] selftest: reproducible: Set maximum report size [hardknott,08/15] xserver-xorg: whitelist two CVEs [hardknott,09/15] populate_sdk_base: remove unneeded dirs such as /dev [hardknott,10/15] linux-yocto/5.10: update to v5.10.89 [hardknott,11/15] linux-yocto/5.10/cfg: add kcov feature fragment [hardknott,12/15] linux-yocto/5.10: update to v5.10.90 [hardknott,13/15] linux-yocto/5.10: amdgpu: updates for CVE-2021-42327 [hardknott,14/15] linux-yocto/5.10: update to v5.10.91 [hardknott,15/15] cve-check: add lockfile to task

Message ID

155c238d340fdc82420ba9f367cb23014c78b705.1642736951.git.anuj.mittal@intel.com

State

Accepted, archived

Commit

155c238d340fdc82420ba9f367cb23014c78b705

Headers

From: Anuj Mittal <anuj.mittal@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [hardknott][PATCH 15/15] cve-check: add lockfile to task
Date: Fri, 21 Jan 2022 22:51:03 +0800
Message-Id: 
 <155c238d340fdc82420ba9f367cb23014c78b705.1642736951.git.anuj.mittal@intel.com>
In-Reply-To: <cover.1642736950.git.anuj.mittal@intel.com>
References: <cover.1642736950.git.anuj.mittal@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[hardknott,01/15] go: upgrade 1.16.10 -> 1.16.13 | expand

Commit Message

Mittal, Anuj Jan. 21, 2022, 2:51 p.m. UTC

From: Konrad Weihmann <kweihmann@outlook.com>

this should prevent running into the very rare error
sqlite3.OperationalError: attempt to write a readonly database

As highlighted by https://www.sqlite.org/faq.html#q5
it is likely that the adapter won't allow use multiple exec calls
at the same time.

So it's best to prevent multiple accesses at a time, by reusing
the already in place CVE_CHECK_DB_FILE_LOCK

YOCTO #14110

Signed-off-by: Konrad Weihmann <kweihmann@outlook.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 677f5741bd265be49d4a5bb933b3e8d8c4eec653)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
---
 meta/classes/cve-check.bbclass | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 4fa1a64f85..3add826fca 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -110,6 +110,7 @@  python do_cve_check () {
 }
 
 addtask cve_check before do_build after do_fetch
+do_cve_check[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}"
 do_cve_check[depends] = "cve-update-db-native:do_fetch"
 do_cve_check[nostamp] = "1"

[hardknott,15/15] cve-check: add lockfile to task

Commit Message

Patch