@@ -150,6 +150,7 @@ do_fetch[dirs] = "${DL_DIR}"
do_fetch[file-checksums] = "${@bb.fetch.get_checksum_file_list(d)}"
do_fetch[file-checksums] += " ${@get_lic_checksum_file_list(d)}"
do_fetch[vardeps] += "SRCREV"
+do_fetch[network] = "1"
python base_do_fetch() {
src_uri = (d.getVar('SRC_URI') or "").split()
@@ -158,6 +158,8 @@ python () {
for task in unique_tasks:
d.prependVarFlag(task, 'prefuncs', "sstate_task_prefunc ")
d.appendVarFlag(task, 'postfuncs', " sstate_task_postfunc")
+ d.setVarFlag(task, 'network', '1')
+ d.setVarFlag(task + "_setscene", 'network', '1')
}
def sstate_init(task, d):
@@ -139,6 +139,7 @@ python do_testimage() {
addtask testimage
do_testimage[nostamp] = "1"
+do_testimage[network] = "1"
do_testimage[depends] += "${TESTIMAGEDEPENDS}"
do_testimage[lockfiles] += "${TESTIMAGELOCK}"
@@ -36,12 +36,14 @@ python do_testsdk() {
}
addtask testsdk
do_testsdk[nostamp] = "1"
+do_testsdk[network] = "1"
python do_testsdkext() {
import_and_run('TESTSDKEXT_CLASS_NAME', d)
}
addtask testsdkext
do_testsdkext[nostamp] = "1"
+do_testsdkext[network] = "1"
python () {
if oe.types.boolean(d.getVar("TESTIMAGE_AUTO") or "False"):
@@ -38,6 +38,7 @@ python do_clean() {
addtask checkuri
do_checkuri[nostamp] = "1"
+do_checkuri[network] = "1"
python do_checkuri() {
src_uri = (d.getVar('SRC_URI') or "").split()
if len(src_uri) == 0:
@@ -109,6 +109,8 @@ fakeroot do_populate_poky_src () {
}
IMAGE_PREPROCESS_COMMAND += "do_populate_poky_src; "
+# For pip usage above
+do_image[network] = "1"
addtask rootfs after do_unpack
Use the newly added network task flag against tasks where network access is expected. This is do_fetch, do_checkuri, do_testimage, do_testsdk and do_testsdkext. We can't disable networking in sstate tasks due to sstate downloads and also so we can report hash equivalence to the server so network access is enabled in sstate tasks. Access within build-appliance do_image is also allowed due to the use of pip, this is a poor example made rather obvious now and needs to be reworked. Network access anywhere else in any other task isn't allowed. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> --- meta/classes/base.bbclass | 1 + meta/classes/sstate.bbclass | 2 ++ meta/classes/testimage.bbclass | 1 + meta/classes/testsdk.bbclass | 2 ++ meta/classes/utility-tasks.bbclass | 1 + meta/recipes-core/images/build-appliance-image_15.0.0.bb | 2 ++ 6 files changed, 9 insertions(+)