]> code.ossystems Code Review - openembedded-core.git/commitdiff
Code Review / openembedded-core.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 06559c1)
classes/sstate: don't use unsigned sstate when verification enabled
authorJoshua Lock via Openembedded-core <openembedded-core@lists.openembedded.org>
Fri, 26 Jul 2019 11:26:49 +0000 (11:26 +0000)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Sat, 27 Jul 2019 21:45:23 +0000 (22:45 +0100)
When signature verification of shared state objects is enabled
(SSTATE_VERIFY_SIG) use of an unsigned object, even though it produces a
warning, seems unexpected. Instead skip unsigned objects and force the
non-accelerated task to be run.

Signed-off-by: Joshua Lock <jlock@vmware.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/classes/sstate.bbclass patch | blob | history

diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index d8fdcece6afabcc2f2e01a6020affdf1d8319a2f..3342c5ef50965a18b8a08b0d062e429d8ba2b5be 100644 (file)
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -340,7 +340,8 @@ def sstate_installpkg(ss, d):
     if bb.utils.to_boolean(d.getVar("SSTATE_VERIFY_SIG"), False):
         signer = get_signer(d, 'local')
         if not signer.verify(sstatepkg + '.sig'):
-            bb.warn("Cannot verify signature on sstate package %s" % sstatepkg)
+            bb.warn("Cannot verify signature on sstate package %s, skipping acceleration..." % sstatepkg)
+            return False
 
     # Empty sstateinst directory, ensure its clean
     if os.path.exists(sstateinst):
Mirror of the official openembedded-core repository