diff mbox series

[walnascar,14/19] linux/generate-cve-exclusions: show the name and version of the data source

Message ID a06234b35977b9a2af2679d6c601a79acbde5f7c.1751425749.git.steve@sakoman.com
State New
Headers show
Series [walnascar,01/19] linux/generate-cve-exclusions: use data from CVEProject | expand

Commit Message

Steve Sakoman July 2, 2025, 3:11 a.m. UTC 
From: Ross Burton <ross.burton@arm.com>

Add another comment to state what the data source for the CVE data was,
specifically the basename of the repository and the "git describe" output
of HEAD.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5e66e2b79faec2285d249b16457ecc63c4042444)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
 meta/recipes-kernel/linux/generate-cve-exclusions.py | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)
diff mbox series

Patch

diff --git a/meta/recipes-kernel/linux/generate-cve-exclusions.py b/meta/recipes-kernel/linux/generate-cve-exclusions.py
index b45c2d5702..dfc16663a5 100755
--- a/meta/recipes-kernel/linux/generate-cve-exclusions.py
+++ b/meta/recipes-kernel/linux/generate-cve-exclusions.py
@@ -11,6 +11,7 @@  import json
 import pathlib
 import os
 import glob
+import subprocess
 
 from packaging.version import Version
 
@@ -92,13 +93,16 @@  def main(argp=None):
     parser.add_argument("version", type=Version, help="Kernel version number to generate data for, such as 6.1.38")
 
     args = parser.parse_args(argp)
-    datadir = args.datadir
+    datadir = args.datadir.resolve()
     version = args.version
     base_version = Version(f"{version.major}.{version.minor}")
 
+    data_version = subprocess.check_output(("git", "describe", "--tags", "HEAD"), cwd=datadir, text=True)
+
     print(f"""
 # Auto-generated CVE metadata, DO NOT EDIT BY HAND.
-# Generated at {datetime.datetime.now(datetime.timezone.utc)} for version {version}
+# Generated at {datetime.datetime.now(datetime.timezone.utc)} for kernel version {version}
+# From {datadir.name} {data_version}
 
 python check_kernel_cve_status_version() {{
     this_version = "{version}"