From f8ea9ac3a06f543bd3dc259ffc1b60eb197a132d Mon Sep 17 00:00:00 2001
From: Ralph Siemsen <ralph.siemsen@linaro.org>
Date: Thu, 28 May 2020 10:07:37 -0400
Subject: [PATCH] arm-toolchain: set CVE_VERSION to fix cve-check warnings

Yocto cve-check currently produces numerous warnings like:
    WARNING: gcc-cross-arm-arm-8.3-r2019.03 do_cve_check: gcc:
    Failed to compare arm-8.3 < 10.0 for CVE-2019-15847
In turn this means that some potential CVEs are not reported.

This occurs because PV has been prefixed with "arm-", to allow for
multiple gcc implementations.

Fix this by setting CVE_VERSION to the non-prefixed version.

Signed-off-by: Ralph Siemsen <ralph.siemsen@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jon Mason <jon.mason@arm.com>
---
 meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.2.inc | 1 +
 meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.3.inc | 1 +
 meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-9.2.inc | 1 +
 3 files changed, 3 insertions(+)

diff --git a/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.2.inc b/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.2.inc
index c47c3206..65fbeffb 100644
--- a/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.2.inc
+++ b/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.2.inc
@@ -2,6 +2,7 @@ require recipes-devtools/gcc/gcc-common.inc
 
 BASEPV = "8.2"
 PV = "arm-${BASEPV}"
+CVE_VERSION = "${BASEPV}"
 
 MMYY = "19.01"
 RELEASE = "20${MMYY}"
diff --git a/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.3.inc b/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.3.inc
index 65eb0dfd..3fb87bb5 100644
--- a/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.3.inc
+++ b/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-8.3.inc
@@ -2,6 +2,7 @@ require recipes-devtools/gcc/gcc-common.inc
 
 BASEPV = "8.3"
 PV = "arm-${BASEPV}"
+CVE_VERSION = "${BASEPV}"
 
 MMYY = "19.03"
 RELEASE = "20${MMYY}"
diff --git a/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-9.2.inc b/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-9.2.inc
index 08e8f7f4..08ad796a 100644
--- a/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-9.2.inc
+++ b/meta-arm-toolchain/recipes-devtools/gcc/gcc-arm-9.2.inc
@@ -3,6 +3,7 @@ require recipes-devtools/gcc/gcc-common.inc
 # Third digit in PV should be incremented after a minor release
 
 PV = "arm-9.2"
+CVE_VERSION = "9.2"
 
 # BINV should be incremented to a revision after a minor gcc release