[v2] Change internal variables

Message ID 20220309174052.1997478-1-saul.wold@windriver.com
State New
Headers show
Series [v2] Change internal variables | expand

Commit Message

Saul Wold March 9, 2022, 5:40 p.m. UTC
Signed-off-by: Saul Wold <saul.wold@windriver.com>
---
 meta/classes/base.bbclass                     |  4 +--
 meta/classes/cross-canadian.bbclass           |  6 ++--
 meta/classes/cve-check.bbclass                | 31 ++++++++++---------
 meta/classes/insane.bbclass                   |  7 +++--
 meta/classes/populate_sdk_ext.bbclass         | 18 +++++------
 meta/classes/sstate.bbclass                   |  4 +--
 .../distro/include/cve-extra-exclusions.inc   |  2 +-
 meta/conf/distro/include/security_flags.inc   |  2 +-
 meta/lib/oe/utils.py                          |  4 +--
 meta/lib/oeqa/manual/bsp-hw.json              |  2 +-
 .../lib/oeqa/selftest/cases/containerimage.py |  2 +-
 scripts/lib/checklayer/cases/bsp.py           |  2 +-
 scripts/verify-bashisms                       | 10 +++---
 13 files changed, 48 insertions(+), 46 deletions(-)

Patch

diff --git a/meta/classes/base.bbclass b/meta/classes/base.bbclass
index b7869da3b3..cc81461473 100644
--- a/meta/classes/base.bbclass
+++ b/meta/classes/base.bbclass
@@ -329,9 +329,9 @@  python base_eventhandler() {
         source_mirror_fetch = d.getVar('SOURCE_MIRROR_FETCH', False)
         if not source_mirror_fetch:
             provs = (d.getVar("PROVIDES") or "").split()
-            multiwhitelist = (d.getVar("BB_MULTI_PROVIDER_ALLOWED") or "").split()
+            multiprovidersallowed = (d.getVar("BB_MULTI_PROVIDER_ALLOWED") or "").split()
             for p in provs:
-                if p.startswith("virtual/") and p not in multiwhitelist:
+                if p.startswith("virtual/") and p not in multiprovidersallowed:
                     profprov = d.getVar("PREFERRED_PROVIDER_" + p)
                     if profprov and pn != profprov:
                         raise bb.parse.SkipRecipe("PREFERRED_PROVIDER_%s set to %s, not %s" % (p, profprov, pn))
diff --git a/meta/classes/cross-canadian.bbclass b/meta/classes/cross-canadian.bbclass
index ac82e86356..a0e9d23836 100644
--- a/meta/classes/cross-canadian.bbclass
+++ b/meta/classes/cross-canadian.bbclass
@@ -36,7 +36,7 @@  python () {
         return
 
     tos = d.getVar("TARGET_OS")
-    whitelist = ["mingw32"]
+    tos_known = ["mingw32"]
     extralibcs = [""]
     if "musl" in d.getVar("BASECANADIANEXTRAOS"):
         extralibcs.append("musl")
@@ -51,8 +51,8 @@  python () {
                 entry = entry + "-gnu" + variant
             elif libc:
                 entry = entry + "-" + libc
-            whitelist.append(entry)
-    if tos not in whitelist:
+            tos_known.append(entry)
+    if tos not in tos_known:
         bb.fatal("Building cross-candian for an unknown TARGET_SYS (%s), please update cross-canadian.bbclass" % d.getVar("TARGET_SYS"))
 
     for n in ["PROVIDES", "DEPENDS"]:
diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 079d09a76f..dfad10c22b 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -43,11 +43,12 @@  CVE_CHECK_CREATE_MANIFEST ??= "1"
 
 CVE_CHECK_REPORT_PATCHED ??= "1"
 
-# Whitelist for packages (PN)
+# Skip CVE Check for packages (PN)
 CVE_CHECK_SKIP_RECIPE ?= ""
 
-# Whitelist for CVE. If a CVE is found, then it is considered patched.
-# The value is a string containing space separated CVE values:
+# Ingore the check for a given list of CVEs. If a CVE is found,
+# then it is considered patched. The value is a string containing
+# space separated CVE values:
 #
 # CVE_CHECK_IGNORE = 'CVE-2014-2524 CVE-2018-1234'
 #
@@ -101,10 +102,10 @@  python do_cve_check () {
             patched_cves = get_patched_cves(d)
         except FileNotFoundError:
             bb.fatal("Failure in searching patches")
-        whitelisted, patched, unpatched = check_cves(d, patched_cves)
+        ignored, patched, unpatched = check_cves(d, patched_cves)
         if patched or unpatched:
             cve_data = get_cve_info(d, patched + unpatched)
-            cve_write_data(d, patched, unpatched, whitelisted, cve_data)
+            cve_write_data(d, patched, unpatched, ignored, cve_data)
     else:
         bb.note("No CVE database found, skipping CVE check")
 
@@ -176,12 +177,12 @@  def check_cves(d, patched_cves):
         return ([], [], [])
     pv = d.getVar("CVE_VERSION").split("+git")[0]
 
-    # If the recipe has been whitelisted we return empty lists
+    # If the recipe has been skipped/ignored we return empty lists
     if pn in d.getVar("CVE_CHECK_SKIP_RECIPE").split():
-        bb.note("Recipe has been whitelisted, skipping check")
+        bb.note("Recipe has been skipped by cve-check")
         return ([], [], [])
 
-    cve_whitelist = d.getVar("CVE_CHECK_IGNORE").split()
+    cve_ignore = d.getVar("CVE_CHECK_IGNORE").split()
 
     import sqlite3
     db_file = d.expand("file:${CVE_CHECK_DB_FILE}?mode=ro")
@@ -198,9 +199,9 @@  def check_cves(d, patched_cves):
         for cverow in conn.execute("SELECT DISTINCT ID FROM PRODUCTS WHERE PRODUCT IS ? AND VENDOR LIKE ?", (product, vendor)):
             cve = cverow[0]
 
-            if cve in cve_whitelist:
-                bb.note("%s-%s has been whitelisted for %s" % (product, pv, cve))
-                # TODO: this should be in the report as 'whitelisted'
+            if cve in cve_ignore:
+                bb.note("%s-%s has been ignored for %s" % (product, pv, cve))
+                # TODO: this should be in the report as 'ignored'
                 patched_cves.add(cve)
                 continue
             elif cve in patched_cves:
@@ -254,7 +255,7 @@  def check_cves(d, patched_cves):
 
     conn.close()
 
-    return (list(cve_whitelist), list(patched_cves), cves_unpatched)
+    return (list(cve_ignore), list(patched_cves), cves_unpatched)
 
 def get_cve_info(d, cves):
     """
@@ -279,7 +280,7 @@  def get_cve_info(d, cves):
     conn.close()
     return cve_data
 
-def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
+def cve_write_data(d, patched, unpatched, ignored, cve_data):
     """
     Write CVE information in WORKDIR; and to CVE_CHECK_DIR, and
     CVE manifest if enabled.
@@ -312,8 +313,8 @@  def cve_write_data(d, patched, unpatched, whitelisted, cve_data):
         write_string += "PACKAGE NAME: %s\n" % d.getVar("PN")
         write_string += "PACKAGE VERSION: %s%s\n" % (d.getVar("EXTENDPE"), d.getVar("PV"))
         write_string += "CVE: %s\n" % cve
-        if cve in whitelisted:
-            write_string += "CVE STATUS: Whitelisted\n"
+        if cve in ignored:
+            write_string += "CVE STATUS: Ignored\n"
         elif is_patched:
             write_string += "CVE STATUS: Patched\n"
         else:
diff --git a/meta/classes/insane.bbclass b/meta/classes/insane.bbclass
index 270b7860c7..0deebdb148 100644
--- a/meta/classes/insane.bbclass
+++ b/meta/classes/insane.bbclass
@@ -441,7 +441,8 @@  def package_qa_hash_style(path, name, d, elf, messages):
 QAPATHTEST[buildpaths] = "package_qa_check_buildpaths"
 def package_qa_check_buildpaths(path, name, d, elf, messages):
     """
-    Check for build paths inside target files and error if not found in the whitelist
+    Check for build paths inside target files and error if paths are not
+    explicitly ignored.
     """
     # Ignore .debug files, not interesting
     if path.find(".debug") != -1:
@@ -1283,8 +1284,8 @@  Rerun configure task after fixing this."""
             options = set()
             for line in output.splitlines():
                 options |= set(line.partition(flag)[2].split())
-            whitelist = set(d.getVar("UNKNOWN_CONFIGURE_OPT_IGNORE").split())
-            options -= whitelist
+            ignore_opts = set(d.getVar("UNKNOWN_CONFIGURE_OPT_IGNORE").split())
+            options -= ignore_opts
             if options:
                 pn = d.getVar('PN')
                 error_msg = pn + ": configure was passed unrecognised options: " + " ".join(options)
diff --git a/meta/classes/populate_sdk_ext.bbclass b/meta/classes/populate_sdk_ext.bbclass
index 9c9561c5c6..e2019f9bbf 100644
--- a/meta/classes/populate_sdk_ext.bbclass
+++ b/meta/classes/populate_sdk_ext.bbclass
@@ -282,8 +282,8 @@  python copy_buildsystem () {
         bb.utils.mkdirhier(uninative_outdir)
         shutil.copy(uninative_file, uninative_outdir)
 
-    env_whitelist = (d.getVar('BB_ENV_PASSTHROUGH_ADDITIONS') or '').split()
-    env_whitelist_values = {}
+    env_passthrough = (d.getVar('BB_ENV_PASSTHROUGH_ADDITIONS') or '').split()
+    env_passthrough_values = {}
 
     # Create local.conf
     builddir = d.getVar('TOPDIR')
@@ -294,15 +294,15 @@  python copy_buildsystem () {
     if derivative:
         shutil.copyfile(builddir + '/conf/local.conf', baseoutpath + '/conf/local.conf')
     else:
-        local_conf_whitelist = (d.getVar('ESDK_LOCALCONF_ALLOW') or '').split()
-        local_conf_blacklist = (d.getVar('ESDK_LOCALCONF_REMOVE') or '').split()
+        local_conf_allowed = (d.getVar('ESDK_LOCALCONF_ALLOW') or '').split()
+        local_conf_remove = (d.getVar('ESDK_LOCALCONF_REMOVE') or '').split()
         def handle_var(varname, origvalue, op, newlines):
-            if varname in local_conf_blacklist or (origvalue.strip().startswith('/') and not varname in local_conf_whitelist):
+            if varname in local_conf_remove or (origvalue.strip().startswith('/') and not varname in local_conf_allowed):
                 newlines.append('# Removed original setting of %s\n' % varname)
                 return None, op, 0, True
             else:
-                if varname in env_whitelist:
-                    env_whitelist_values[varname] = origvalue
+                if varname in env_passthrough:
+                    env_passthrough_values[varname] = origvalue
                 return origvalue, op, 0, True
         varlist = ['[^#=+ ]*']
         oldlines = []
@@ -356,7 +356,7 @@  python copy_buildsystem () {
             # We want to be able to set this without a full reparse
             f.write('BB_HASHCONFIG_IGNORE_VARS:append = " SIGGEN_UNLOCKED_RECIPES"\n\n')
 
-            # Set up whitelist for run on install
+            # Set up which tasks are ignored for run on install
             f.write('BB_SETSCENE_ENFORCE_IGNORE_TASKS = "%:* *:do_shared_workdir *:do_rm_work wic-tools:* *:do_addto_recipe_sysroot"\n\n')
 
             # Hide the config information from bitbake output (since it's fixed within the SDK)
@@ -438,7 +438,7 @@  python copy_buildsystem () {
     # Ensure any variables set from the external environment (by way of
     # BB_ENV_PASSTHROUGH_ADDITIONS) are set in the SDK's configuration
     extralines = []
-    for name, value in env_whitelist_values.items():
+    for name, value in env_passthrough_values.items():
         actualvalue = d.getVar(name) or ''
         if value != actualvalue:
             extralines.append('%s = "%s"\n' % (name, actualvalue))
diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index 7aca415159..163bdf0b5f 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -259,13 +259,13 @@  def sstate_install(ss, d):
                 shareddirs.append(dstdir)
 
     # Check the file list for conflicts against files which already exist
-    whitelist = (d.getVar("SSTATE_ALLOW_OVERLAP_FILES") or "").split()
+    overlap_allowed = (d.getVar("SSTATE_ALLOW_OVERLAP_FILES") or "").split()
     match = []
     for f in sharedfiles:
         if os.path.exists(f) and not os.path.islink(f):
             f = os.path.normpath(f)
             realmatch = True
-            for w in whitelist:
+            for w in overlap_allowed:
                 w = os.path.normpath(w)
                 if f.startswith(w):
                     realmatch = False
diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc
index 85b40207bf..6c19cd293d 100644
--- a/meta/conf/distro/include/cve-extra-exclusions.inc
+++ b/meta/conf/distro/include/cve-extra-exclusions.inc
@@ -26,7 +26,7 @@  CVE_CHECK_IGNORE += "CVE-2000-0006"
 # There has been much discussion amongst the epiphany and webkit developers and
 # whilst there are improvements about how domains are handled and displayed to the user
 # there is unlikely ever to be a single fix to webkit or epiphany which addresses this
-# problem. Whitelisted as there isn't any mitigation or fix or way to progress this further
+# problem. Ignore this CVE as there isn't any mitigation or fix or way to progress this further
 # we can seem to take.
 CVE_CHECK_IGNORE += "CVE-2005-0238"
 
diff --git a/meta/conf/distro/include/security_flags.inc b/meta/conf/distro/include/security_flags.inc
index e469eadca1..8374cb8544 100644
--- a/meta/conf/distro/include/security_flags.inc
+++ b/meta/conf/distro/include/security_flags.inc
@@ -1,6 +1,6 @@ 
 # Setup extra CFLAGS and LDFLAGS which have 'security' benefits. These
 # don't work universally, there are recipes which can't use one, the other
-# or both so a blacklist is maintained here. The idea would be over
+# or both so an override is maintained here. The idea would be over
 # time to reduce this list to nothing.
 # From a Yocto Project perspective, this file is included and tested
 # in the DISTRO="poky" configuration.
diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py
index 84790b7dff..46fc76c261 100644
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -221,12 +221,12 @@  def packages_filter_out_system(d):
     PN-dbg PN-doc PN-locale-eb-gb removed.
     """
     pn = d.getVar('PN')
-    blacklist = [pn + suffix for suffix in ('', '-dbg', '-dev', '-doc', '-locale', '-staticdev', '-src')]
+    pkgfilter = [pn + suffix for suffix in ('', '-dbg', '-dev', '-doc', '-locale', '-staticdev', '-src')]
     localepkg = pn + "-locale-"
     pkgs = []
 
     for pkg in d.getVar('PACKAGES').split():
-        if pkg not in blacklist and localepkg not in pkg:
+        if pkg not in pkgfilter and localepkg not in pkg:
             pkgs.append(pkg)
     return pkgs
 
diff --git a/meta/lib/oeqa/manual/bsp-hw.json b/meta/lib/oeqa/manual/bsp-hw.json
index ca91987e31..308a0807f3 100644
--- a/meta/lib/oeqa/manual/bsp-hw.json
+++ b/meta/lib/oeqa/manual/bsp-hw.json
@@ -26,7 +26,7 @@ 
                     "expected_results": ""
                 },
                 "5": {
-                    "action": "Remove USB, and reboot into new installed system. \nNote:   If installation was successfully completed and received this message \"\"(sdx): Volume was not properly unmounted...Please run fsck.\"\" ignore it because this was whitelisted according to bug 9652.",
+                    "action": "Remove USB, and reboot into new installed system. \nNote:   If installation was successfully completed and received this message \"\"(sdx): Volume was not properly unmounted...Please run fsck.\"\" ignore it because this was allowed according to bug 9652.",
                     "expected_results": ""
                 }
             },
diff --git a/meta/lib/oeqa/selftest/cases/containerimage.py b/meta/lib/oeqa/selftest/cases/containerimage.py
index 3068c9ba26..e0aea1a1ef 100644
--- a/meta/lib/oeqa/selftest/cases/containerimage.py
+++ b/meta/lib/oeqa/selftest/cases/containerimage.py
@@ -13,7 +13,7 @@  from oeqa.utils.commands import bitbake, get_bb_vars, runCmd
 # The only package added to the image is container_image_testpkg, which
 # contains one file. However, due to some other things not cleaning up during
 # rootfs creation, there is some cruft. Ideally bugs will be filed and the
-# cruft removed, but for now we whitelist some known set.
+# cruft removed, but for now we ignore some known set.
 #
 # Also for performance reasons we're only checking the cruft when using ipk.
 # When using deb, and rpm it is a bit different and we could test all
diff --git a/scripts/lib/checklayer/cases/bsp.py b/scripts/lib/checklayer/cases/bsp.py
index 7fd56f5d36..a80a5844da 100644
--- a/scripts/lib/checklayer/cases/bsp.py
+++ b/scripts/lib/checklayer/cases/bsp.py
@@ -153,7 +153,7 @@  class BSPCheckLayer(OECheckLayerTestCase):
                 # do_build can be ignored: it is know to have
                 # different signatures in some cases, for example in
                 # the allarch ca-certificates due to RDEPENDS=openssl.
-                # That particular dependency is whitelisted via
+                # That particular dependency is marked via
                 # SIGGEN_EXCLUDE_SAFE_RECIPE_DEPS, but still shows up
                 # in the sstate signature hash because filtering it
                 # out would be hard and running do_build multiple
diff --git a/scripts/verify-bashisms b/scripts/verify-bashisms
index 14d8c298e9..ec2374f183 100755
--- a/scripts/verify-bashisms
+++ b/scripts/verify-bashisms
@@ -5,7 +5,7 @@ 
 
 import sys, os, subprocess, re, shutil
 
-whitelist = (
+allowed = (
     # type is supported by dash
     'if type systemctl >/dev/null 2>/dev/null; then',
     'if type systemd-tmpfiles >/dev/null 2>/dev/null; then',
@@ -19,8 +19,8 @@  whitelist = (
     '. $target_sdk_dir/${oe_init_build_env_path} $target_sdk_dir >> $LOGFILE'
     )
 
-def is_whitelisted(s):
-    for w in whitelist:
+def is_allowed(s):
+    for w in allowed:
         if w in s:
             return True
     return False
@@ -49,7 +49,7 @@  def process(filename, function, lineno, script):
         output = e.output.replace(fn.name, function)
         if not output or not output.startswith('possible bashism'):
             # Probably starts with or contains only warnings. Dump verbatim
-            # with one space indention. Can't do the splitting and whitelist
+            # with one space indention. Can't do the splitting and allowed
             # checking below.
             return '\n'.join([filename,
                               ' Unexpected output from checkbashisms.pl'] +
@@ -65,7 +65,7 @@  def process(filename, function, lineno, script):
         #  ...
         #   ...
         result = []
-        # Check the results against the whitelist
+        # Check the results against the allowed list
         for message, source in zip(output[0::2], output[1::2]):
             if not is_whitelisted(source):
                 if lineno is not None: