| Message ID | 20250507082719.1220303-2-mikko.rapeli@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | [meta-security,1/3] systemd-boot: whitespace fix | expand |
Hi, On Wed, May 07, 2025 at 11:27:18AM +0300, Mikko Rapeli wrote: > If measured-uki support is not enabled or build is continuing > from previous stages, then the matching file list can be empty. > Fixes build failure where sed says no input files. > > Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> > --- > meta-tpm/recipes-core/systemd/systemd_%.bbappend | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/meta-tpm/recipes-core/systemd/systemd_%.bbappend b/meta-tpm/recipes-core/systemd/systemd_%.bbappend > index 82b79ba..c53b1e8 100644 > --- a/meta-tpm/recipes-core/systemd/systemd_%.bbappend > +++ b/meta-tpm/recipes-core/systemd/systemd_%.bbappend > @@ -11,7 +11,10 @@ PACKAGECONFIG:append = " \ > # TODO: use swtpm-native to calculate TPM measurements > do_install:append() { > if "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', 'true', 'false', d)}"; then > - sed -i -e "s/^ConditionSecurity=measured-uki/ConditionSecurity=tpm2/g" \ > - $( grep -rl ^ConditionSecurity=measured-uki ${D} ) > + FILES=$( grep -rl ^ConditionSecurity=measured-uki ${D} || true ) > + if [ "$FILES" != "" ]; then > + sed -i -e "s/^ConditionSecurity=measured-uki/ConditionSecurity=tpm2/g" \ > + "$FILES" This is wrong and breaks builds. Need to unquote the variable to get files seprately and not as a single argument. It is a bit odd that I did not always see the failures but only after rebase. I'll send a v2. Cheers, -Mikko
diff --git a/meta-tpm/recipes-core/systemd/systemd_%.bbappend b/meta-tpm/recipes-core/systemd/systemd_%.bbappend index 82b79ba..c53b1e8 100644 --- a/meta-tpm/recipes-core/systemd/systemd_%.bbappend +++ b/meta-tpm/recipes-core/systemd/systemd_%.bbappend @@ -11,7 +11,10 @@ PACKAGECONFIG:append = " \ # TODO: use swtpm-native to calculate TPM measurements do_install:append() { if "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', 'true', 'false', d)}"; then - sed -i -e "s/^ConditionSecurity=measured-uki/ConditionSecurity=tpm2/g" \ - $( grep -rl ^ConditionSecurity=measured-uki ${D} ) + FILES=$( grep -rl ^ConditionSecurity=measured-uki ${D} || true ) + if [ "$FILES" != "" ]; then + sed -i -e "s/^ConditionSecurity=measured-uki/ConditionSecurity=tpm2/g" \ + "$FILES" + fi fi }
If measured-uki support is not enabled or build is continuing from previous stages, then the matching file list can be empty. Fixes build failure where sed says no input files. Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> --- meta-tpm/recipes-core/systemd/systemd_%.bbappend | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-)