Message ID | 20200616170341.45098-5-matthew.weber@rockwellcollins.com |
---|---|
State | RFC |
Headers | show |
Series | [RFC,v9,01/10] cpe-info: new make target | expand |
On Tue, 16 Jun 2020 12:03:36 -0500 Matt Weber <matthew.weber@rockwellcollins.com> wrote: > $(1)-cpe-info: PKG=$(2) > +ifeq ($(BR2_TOOLCHAIN_EXTERNAL),y) > +$(1)-cpe-info: toolchain > +endif > $(1)-cpe-info: > ifeq ($$($(2)_TYPE),target) > +ifneq ($$($(2)_NAME),toolchain-external) > +ifneq ($(findstring TOOLCHAIN_EXTERNAL, $(2)),) > +ifeq ($(BR2_TOOLCHAIN_EXTERNAL_GLIBC),y) > + $$(eval $(2)_VERSION = $$(shell $$(call TOOLCHAIN_CPE_INFO))) > + $$(eval $(2)_CPE_ID_VENDOR = gnu) > + $$(eval $(2)_CPE_ID_NAME = glibc) > + $$(eval $(2)_ACTUAL_SOURCE_SITE = https://github.com/bminor/glibc/releases) > + $$(eval $(2)_RAWNAME = glibc) It is absolutely atrocious to have this stuff directly in the middle of pkg-generic.mk, and even further only within the $(1)-cpe-info target. Why isn't this been done inside the external toolchain package itself, or the external toolchain package infrastructure ? I think this specific issue of having proper tracking of the target elements (C library, gcc runtime) of the toolchain is global, and not just for CPE/CVE tracking: we already do not properly track this in terms of legal-info for example. So rather than this one-off hack that solves just the specific case of CPE tracking for glibc in external toolchains, we need a more global solution. Thomas
diff --git a/package/pkg-generic.mk b/package/pkg-generic.mk index 3bc9567652..21e510365e 100644 --- a/package/pkg-generic.mk +++ b/package/pkg-generic.mk @@ -984,8 +984,22 @@ $(2)_CPE_PREFIX = $(CPE_PREFIX_APP) endif $(1)-cpe-info: PKG=$(2) +ifeq ($(BR2_TOOLCHAIN_EXTERNAL),y) +$(1)-cpe-info: toolchain +endif $(1)-cpe-info: ifeq ($$($(2)_TYPE),target) +ifneq ($$($(2)_NAME),toolchain-external) +ifneq ($(findstring TOOLCHAIN_EXTERNAL, $(2)),) +ifeq ($(BR2_TOOLCHAIN_EXTERNAL_GLIBC),y) + $$(eval $(2)_VERSION = $$(shell $$(call TOOLCHAIN_CPE_INFO))) + $$(eval $(2)_CPE_ID_VENDOR = gnu) + $$(eval $(2)_CPE_ID_NAME = glibc) + $$(eval $(2)_ACTUAL_SOURCE_SITE = https://github.com/bminor/glibc/releases) + $$(eval $(2)_RAWNAME = glibc) +endif # ifeq ($(BR2_TOOLCHAIN_EXTERNAL_CUSTOM_GLIBC),y) +endif # ifneq ($(findstring TOOLCHAIN_EXTERNAL, $(2)),) +endif # ifneq ($$($(2)_NAME),toolchain-external) ifneq ($$(call qstrip,$$($(2)_SOURCE)),) @$$(call MESSAGE,"Collecting cpe info") $(Q)$$(call cpe-manifest,$$($(2)_CPE_PREFIX):$$($(2)_CPE_ID):$(CPE_SUFFIX),$$($(2)_RAWNAME),$$($(2)_VERSION),$$($(2)_ACTUAL_SOURCE_SITE)) diff --git a/toolchain/toolchain-external/pkg-toolchain-external.mk b/toolchain/toolchain-external/pkg-toolchain-external.mk index 6d91cb5d1e..14065345d7 100644 --- a/toolchain/toolchain-external/pkg-toolchain-external.mk +++ b/toolchain/toolchain-external/pkg-toolchain-external.mk @@ -453,6 +453,13 @@ define TOOLCHAIN_EXTERNAL_INSTALL_SYSROOT_LIBS $(call copy_toolchain_sysroot,$${SYSROOT_DIR},$${ARCH_SYSROOT_DIR},$${ARCH_SUBDIR},$${ARCH_LIB_DIR},$${SUPPORT_LIB_DIR}) endef +define TOOLCHAIN_CPE_INFO + ARCH_SYSROOT_DIR="$(call toolchain_find_sysroot,$(TOOLCHAIN_EXTERNAL_CC) $(TOOLCHAIN_EXTERNAL_CFLAGS))" ; \ + MAJ=`awk '{ if ($$1 = /#define/ && ($$2= /__GLIBC__/)){printf $$3};}' $${ARCH_SYSROOT_DIR}/usr/include/features.h` ; \ + MIN=`awk '{ if ($$1 = /#define/ && ($$2 = /_GLIBC_MINOR/)){printf $$3};}' $${ARCH_SYSROOT_DIR}/usr/include/features.h` ; \ + echo $${MAJ}.$${MIN} +endef + # Create a symlink from (usr/)$(ARCH_LIB_DIR) to lib. # Note: the skeleton package additionally creates lib32->lib or lib64->lib # (as appropriate)