[4/4] trusted-firmware-a: set CVE_VERSION for mbedtls too

Message ID	20231019105552.3631582-5-mikko.rapeli@linaro.org
State	New
Headers	show Return-Path: <mikko.rapeli@linaro.org> ip: 91.232.154.25, mailfrom: mcfrisk@lakka.kapsi.fi) From: Mikko Rapeli <mikko.rapeli@linaro.org> To: meta-arm@lists.yoctoproject.org Cc: Marta Rybczynska <rybczynska@gmail.com>, Mikko Rapeli <mikko.rapeli@linaro.org> Subject: [PATCH 4/4] trusted-firmware-a: set CVE_VERSION for mbedtls too Date: Thu, 19 Oct 2023 13:55:52 +0300 Message-Id: <20231019105552.3631582-5-mikko.rapeli@linaro.org> In-Reply-To: <20231019105552.3631582-1-mikko.rapeli@linaro.org> References: <20231019105552.3631582-1-mikko.rapeli@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Symbol: FREEMAIL_ENVRCPT(0.00) Symbol: FREEMAIL_CC(0.00) Symbol: FROM_HAS_DN(0.00) Symbol: FROM_NEQ_ENVFROM(0.00) Symbol: BAYES_HAM(-3.00) Symbol: TO_MATCH_ENVRCPT_ALL(0.00) Symbol: RCVD_COUNT_TWO(0.00) Symbol: RCVD_TLS_LAST(0.00) Symbol: DMARC_POLICY_SOFTFAIL(0.10) Symbol: MIME_GOOD(-0.10) Symbol: MID_CONTAINS_FROM(1.00) Symbol: NEURAL_HAM(0.00) Symbol: R_DKIM_NA(0.00) Symbol: R_SPF_ALLOW(-0.20) Symbol: ARC_NA(0.00) Symbol: ASN(0.00) Symbol: MIME_TRACE(0.00) Symbol: TO_DN_SOME(0.00) Symbol: FORGED_SENDER(0.30) Symbol: RCPT_COUNT_THREE(0.00) Symbol: R_MISSING_CHARSET(0.50) Message-ID: 20231019105552.3631582-5-mikko.rapeli@linaro.org
Series	RFC: detect CVEs from embedded mbedtls \| expand [0/4] RFC: detect CVEs from embedded mbedtls [1/4] trusted-firmware-a: include BSD-2-Clause license [2/4] trusted-firmware-a: set version of mbed_tls for CVE check [3/4] trusted-firmware-m: set CVE product and version for mbedtls [4/4] trusted-firmware-a: set CVE_VERSION for mbedtls too

Message ID

20231019105552.3631582-5-mikko.rapeli@linaro.org

State

New

Headers

From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: meta-arm@lists.yoctoproject.org
Cc: Marta Rybczynska <rybczynska@gmail.com>,
	Mikko Rapeli <mikko.rapeli@linaro.org>
Subject: [PATCH 4/4] trusted-firmware-a: set CVE_VERSION for mbedtls too
Date: Thu, 19 Oct 2023 13:55:52 +0300
Message-Id: <20231019105552.3631582-5-mikko.rapeli@linaro.org>
In-Reply-To: <20231019105552.3631582-1-mikko.rapeli@linaro.org>
References: <20231019105552.3631582-1-mikko.rapeli@linaro.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

RFC: detect CVEs from embedded mbedtls | expand

Commit Message

Mikko Rapeli Oct. 19, 2023, 10:55 a.m. UTC

Set PV_mbedtls so that CVE_PRODUCT and CVE_VERSION get filled
correctly for embedded mbedtls. Result in

$ bitbake -c cve_check trusted-firmware-a
...
WARNING: trusted-firmware-a-2.8.6+gitff0bd5f9bb2ba2f31fb9cec96df917747af9e92d-r0 do_cve_check: Found unpatched CVE (CVE-2021-36647 CVE-2021-43666 CVE-2021-45451 CVE-2023-43615)

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
---
 .../recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb b/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb
index cffc6db1..bc13d0df 100644
--- a/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb
+++ b/meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb
@@ -8,7 +8,7 @@  SRC_URI += "file://rwx-segments.patch"
 
 LIC_FILES_CHKSUM += "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
 
-# mbed TLS v2.28.2
+PV_mbedtls = "2.28.2"
 SRC_URI_MBEDTLS = "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;destsuffix=git/mbedtls;branch=mbedtls-2.28"
 SRCREV_mbedtls = "89f040a5c938985c5f30728baed21e49d0846a53"

[4/4] trusted-firmware-a: set CVE_VERSION for mbedtls too

Commit Message

Patch