@@ -56,7 +56,7 @@ ima_evm_sign_rootfs () {
#
# Deduplicates iversion in case that this gets called more than once.
if [ -f etc/fstab ]; then
- perl -pi -e 's;(\S+)(\s+)(${@"|".join((d.getVar("IMA_EVM_ROOTFS_IVERSION", True) or "no-such-mount-point").split())})(\s+)(\S+)(\s+)(\S+);\1\2\3\4\5\6\7,iversion;; s/(,iversion)+/,iversion/;' etc/fstab
+ perl -pi -e 's;(\S+)(\s+)(${@"|".join((d.getVar("IMA_EVM_ROOTFS_IVERSION") or "no-such-mount-point").split())})(\s+)(\S+)(\s+)(\S+);\1\2\3\4\5\6\7,iversion;; s/(,iversion)+/,iversion/;' etc/fstab
fi
# Sign file with private IMA key. EVM not supported at the moment.
@@ -22,7 +22,7 @@ PACKAGECONFIG[MBED-CRYPTO] = "mbed-crypto-provider,"
PACKAGECONFIG[CRYPTOAUTHLIB] = "cryptoauthlib-provider,"
PACKAGECONFIG[TS] = "trusted-service-provider,,libts,libts"
-PARSEC_FEATURES = "${@d.getVar('PACKAGECONFIG_CONFARGS',True).strip().replace(' ', ',')}"
+PARSEC_FEATURES = "${@d.getVar('PACKAGECONFIG_CONFARGS').strip().replace(' ', ',')}"
CARGO_BUILD_FLAGS += " --features ${PARSEC_FEATURES}"
export BINDGEN_EXTRA_CLANG_ARGS
@@ -31,19 +31,19 @@ python do_analysesource() {
imageSecurityAnalyser = isafw_init(isafw, d)
- if not d.getVar('SRC_URI', True):
+ if not d.getVar('SRC_URI'):
# Recipe didn't fetch any sources, nothing to do here I assume?
return
recipe = isafw.ISA_package()
- recipe.name = d.getVar('BPN', True)
- recipe.version = d.getVar('PV', True)
+ recipe.name = d.getVar('BPN')
+ recipe.version = d.getVar('PV')
recipe.version = recipe.version.split('+git', 1)[0]
- for p in d.getVar('PACKAGES', True).split():
- license = str(d.getVar('LICENSE:' + p, True))
+ for p in d.getVar('PACKAGES').split():
+ license = str(d.getVar('LICENSE:' + p))
if license == "None":
- license = d.getVar('LICENSE', True)
+ license = d.getVar('LICENSE')
license = license.replace("(", "")
license = license.replace(")", "")
licenses = license.split()
@@ -54,7 +54,7 @@ python do_analysesource() {
for l in licenses:
recipe.licenses.append(p + ":" + canonical_license(d, l))
- aliases = d.getVar('DISTRO_PN_ALIAS', True)
+ aliases = d.getVar('DISTRO_PN_ALIAS')
if aliases:
recipe.aliases = aliases.split()
faliases = []
@@ -72,7 +72,7 @@ python do_analysesource() {
recipe.patch_files.append("None")
# Pass the recipe object to the security framework
- bb.debug(1, '%s: analyse sources' % (d.getVar('PN', True)))
+ bb.debug(1, '%s: analyse sources' % (d.getVar('PN')))
imageSecurityAnalyser.process_package(recipe)
return
@@ -96,7 +96,7 @@ python process_reports_handler() {
dd.setVar("STAGING_DIR_NATIVE", native_sysroot)
savedenv = os.environ.copy()
- os.environ["PATH"] = dd.getVar("PATH", True)
+ os.environ["PATH"] = dd.getVar("PATH")
imageSecurityAnalyser = isafw_init(isafw, dd)
bb.debug(1, 'isafw: process reports')
@@ -145,11 +145,11 @@ fakeroot python do_analyse_image() {
imageSecurityAnalyser = isafw_init(isafw, d)
# Directory where the image's entire contents can be examined
- rootfsdir = d.getVar('IMAGE_ROOTFS', True)
+ rootfsdir = d.getVar('IMAGE_ROOTFS')
- imagebasename = d.getVar('IMAGE_BASENAME', True)
+ imagebasename = d.getVar('IMAGE_BASENAME')
- kernelconf = d.getVar('STAGING_KERNEL_BUILDDIR', True) + "/.config"
+ kernelconf = d.getVar('STAGING_KERNEL_BUILDDIR') + "/.config"
if os.path.exists(kernelconf):
kernel = isafw.ISA_kernel()
kernel.img_name = imagebasename
@@ -161,7 +161,7 @@ fakeroot python do_analyse_image() {
pkglist = manifest2pkglist(d)
- imagebasename = d.getVar('IMAGE_BASENAME', True)
+ imagebasename = d.getVar('IMAGE_BASENAME')
if (pkglist):
pkg_list = isafw.ISA_pkg_list()
@@ -198,9 +198,9 @@ def isafw_init(isafw, d):
bb.utils.export_proxies(d)
- isafw_config.machine = d.getVar('MACHINE', True)
- isafw_config.timestamp = d.getVar('DATETIME', True)
- isafw_config.reportdir = d.getVar('ISAFW_REPORTDIR', True) + "_" + isafw_config.timestamp
+ isafw_config.machine = d.getVar('MACHINE')
+ isafw_config.timestamp = d.getVar('DATETIME')
+ isafw_config.reportdir = d.getVar('ISAFW_REPORTDIR') + "_" + isafw_config.timestamp
if not os.path.exists(os.path.dirname(isafw_config.reportdir + "/test")):
try:
os.makedirs(os.path.dirname(isafw_config.reportdir + "/test"))
@@ -208,22 +208,22 @@ def isafw_init(isafw, d):
if exc.errno == errno.EEXIST and os.path.isdir(isafw_config.reportdir):
pass
else: raise
- isafw_config.logdir = d.getVar('ISAFW_LOGDIR', True)
+ isafw_config.logdir = d.getVar('ISAFW_LOGDIR')
# Adding support for arm
# TODO: Add support for other platforms
- isafw_config.arch = d.getVar('TARGET_ARCH', True)
+ isafw_config.arch = d.getVar('TARGET_ARCH')
if ( isafw_config.arch != "arm" ):
isafw_config.arch = "x86"
- whitelist = d.getVar('ISAFW_PLUGINS_WHITELIST', True)
- blacklist = d.getVar('ISAFW_PLUGINS_BLACKLIST', True)
+ whitelist = d.getVar('ISAFW_PLUGINS_WHITELIST')
+ blacklist = d.getVar('ISAFW_PLUGINS_BLACKLIST')
if whitelist:
isafw_config.plugin_whitelist = re.split(r'[,\s]*', whitelist)
if blacklist:
isafw_config.plugin_blacklist = re.split(r'[,\s]*', blacklist)
- la_image_whitelist = d.getVar('ISAFW_LA_PLUGIN_IMAGE_WHITELIST', True)
- la_image_blacklist = d.getVar('ISAFW_LA_PLUGIN_IMAGE_BLACKLIST', True)
+ la_image_whitelist = d.getVar('ISAFW_LA_PLUGIN_IMAGE_WHITELIST')
+ la_image_blacklist = d.getVar('ISAFW_LA_PLUGIN_IMAGE_BLACKLIST')
if la_image_whitelist:
isafw_config.la_plugin_image_whitelist = re.split(r'[,\s]*', la_image_whitelist)
if la_image_blacklist:
@@ -252,10 +252,10 @@ manifest2pkglist[vardepsexclude] = "DATETIME"
def manifest2pkglist(d):
import glob
- manifest_file = d.getVar('IMAGE_MANIFEST', True)
- imagebasename = d.getVar('IMAGE_BASENAME', True)
- reportdir = d.getVar('ISAFW_REPORTDIR', True) + "_" + d.getVar('DATETIME', True)
- pkgdata_dir = d.getVar("PKGDATA_DIR", True)
+ manifest_file = d.getVar('IMAGE_MANIFEST')
+ imagebasename = d.getVar('IMAGE_BASENAME')
+ reportdir = d.getVar('ISAFW_REPORTDIR') + "_" + d.getVar('DATETIME')
+ pkgdata_dir = d.getVar("PKGDATA_DIR")
rr_dir = "%s/runtime-reverse/" % pkgdata_dir
pkglist = reportdir + "/pkglist"
getVar() now defaults to expanding by default, thus remove the True option from getVar() calls with a regex search and replace. Signed-off-by: Akash Hadke <akash.hadke27@gmail.com> --- meta-integrity/classes/ima-evm-rootfs.bbclass | 2 +- .../parsec-service/parsec-service_1.0.0.bb | 2 +- meta-security-isafw/classes/isafw.bbclass | 52 +++++++++---------- 3 files changed, 28 insertions(+), 28 deletions(-)