mirror of
https://git.yoctoproject.org/poky
synced 2026-06-03 01:40:07 +00:00
Ross Burton
471e51b18a
Instead of manually looking up new CVEs and determining what point releases the fixes are incorporated into, add a script to generate the CVE_CHECK_WHITELIST data automatically. First, note that this is very much an interim solution until the cve-check class fetches data from www.linuxkernelcves.com directly. The script should be passed the path to a local clone of the linuxkernelcves repository[1] and the kernel version number. It will then write to standard output the CVE_STATUS entries for every known kernel CVE. The script should be periodically reran as CVEs are backported and kernels upgraded frequently. [1] https://github.com/nluedtke/linux_kernel_cves Note: for the Dunfell backport this is not a cherry-pick of the commit in master as the variable names are different. This incorporates the following commits: linux/generate-cve-exclusions: add version check warning linux/generate-cve-exclusions.py: fix comparison linux-yocto: add script to generate kernel CVE_STATUS entries (From OE-Core rev: 496c0b8fab5dd87102c3a63656debdb3aa214ae7) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
QEMU Emulation Targets ====================== To simplify development, the build system supports building images to work with the QEMU emulator in system emulation mode. Several architectures are currently supported in 32 and 64 bit variants: * ARM (qemuarm + qemuarm64) * x86 (qemux86 + qemux86-64) * PowerPC (qemuppc only) * MIPS (qemumips + qemumips64) Use of the QEMU images is covered in the Yocto Project Reference Manual. The appropriate MACHINE variable value corresponding to the target is given in brackets.