[PATCH v6 1/2] vulns: add a new recipe

All of lore.kernel.org
 help / color / mirror / Atom feed

From: ValentinBoudevin <valentin.boudevin@gmail.com>
To: openembedded-core@lists.openembedded.org
Cc: daniel.turull@ericsson.com, jerome.oufella@savoirfairelinux.com,
	ValentinBoudevin <valentin.boudevin@gmail.com>
Subject: [PATCH v6 1/2] vulns: add a new recipe
Date: Mon,  2 Feb 2026 16:08:10 -0500	[thread overview]
Message-ID: <20260202210811.2136027-2-valentin.boudevin@gmail.com> (raw)
In-Reply-To: <20260202210811.2136027-1-valentin.boudevin@gmail.com>

This recipe is in charge of cloning and setting the Linux repository:
https://git.kernel.org/pub/scm/linux/security/vulns.git/

If the build is online, it is recommanded to use SRCREV set to AUTOREV
to use the latest available commit on the remote repository and stay
up-to-date with the latest CVE information available.

AUTOREV would make the build non-deterministic which would break
offline, turned off by default.

Signed-off-by: ValentinBoudevin <valentin.boudevin@gmail.com>
---
 meta/conf/distro/include/maintainers.inc      |  1 +
 .../vulns-native/vulns-native_git.bb          | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 meta/recipes-kernel/vulns-native/vulns-native_git.bb

diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc
index 550ef0e0e7..f21a00749a 100644
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -875,6 +875,7 @@ RECIPE_MAINTAINER:pn-vulkan-tools = "Unassigned <unassigned@yoctoproject.org>"
 RECIPE_MAINTAINER:pn-vulkan-utility-libraries = "Unassigned <unassigned@yoctoproject.org>"
 RECIPE_MAINTAINER:pn-vulkan-validation-layers = "Vincent Davis Jr <vince@underview.tech>"
 RECIPE_MAINTAINER:pn-vulkan-volk = "Unassigned <unassigned@yoctoproject.org>"
+RECIPE_MAINTAINER:pn-vulns-native = "Valentin Boudevin <valentin.boudevin@savoirfairelinux.com>"
 RECIPE_MAINTAINER:pn-waffle = "Ross Burton <ross.burton@arm.com>"
 RECIPE_MAINTAINER:pn-watchdog = "Unassigned <unassigned@yoctoproject.org>"
 RECIPE_MAINTAINER:pn-watchdog-config = "Unassigned <unassigned@yoctoproject.org>"
diff --git a/meta/recipes-kernel/vulns-native/vulns-native_git.bb b/meta/recipes-kernel/vulns-native/vulns-native_git.bb
new file mode 100644
index 0000000000..7ea3f743d5
--- /dev/null
+++ b/meta/recipes-kernel/vulns-native/vulns-native_git.bb
@@ -0,0 +1,19 @@
+SUMMARY = "Linux Security Vulns Repo"
+DESCRIPTION = "Repo for tracking and maintaining the CVE identifiers reserved and assigned to \
+the Linux kernel project."
+HOMEPAGE = "https://git.kernel.org/pub/scm/linux/security/vulns.git/"
+LICENSE = "cve-tou"
+LIC_FILES_CHKSUM = "file://LICENSES/cve-tou.txt;md5=0d1f8ff7666c210e0b0404fd9d7e6703"
+
+inherit allarch native
+
+SRC_URI = "git://git.kernel.org/pub/scm/linux/security/vulns.git;branch=master;protocol=https"
+
+# SRCREV is pinned to a fixed commit to ensure reproducible builds
+# To get the latest commit available and stay up-to-date, set AUTOREV as SRCREV with SRCREV:pn-vulns-native = "${AUTOREV}"
+SRCREV ?= "2c9b20d7a0699222b58c4824560b716b6096637b"
+
+do_install(){
+	install -d ${D}${datadir}/vulns-native
+	cp -r ${UNPACKDIR}/vulns-git/* ${D}${datadir}/vulns-native/
+}

next prev parent reply	other threads:[~2026-02-02 21:08 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <188AFD4FCC1313A8.2683732@lists.openembedded.org>
2026-01-19 18:40 ` [PATCH v4 0/1] improve_kernel_cve_report: Add a bbclass support ValentinBoudevin
2026-01-19 18:40   ` [PATCH v4 1/1] " ValentinBoudevin
2026-01-20 15:00     ` Daniel Turull
2026-01-22 12:58     ` Benjamin ROBIN
2026-01-26 12:56     ` [OE-core] " Ross Burton
2026-01-28 16:38 ` [PATCH v5 0/2] " ValentinBoudevin
2026-01-28 16:38   ` [PATCH v5 1/2] vulns: add a new recipe ValentinBoudevin
2026-01-31 17:59     ` [OE-core] " Mathieu Dubois-Briand
2026-01-28 16:38   ` [PATCH v5 2/2] improve_kernel_cve_report: Add a bbclass support ValentinBoudevin
2026-01-29 11:01   ` [PATCH v5 0/2] " Daniel Turull
2026-01-29 16:34     ` vboudevin
2026-02-01 15:54       ` [OE-core] " Marta Rybczynska
2026-02-02 21:08 ` [PATCH v6 " ValentinBoudevin
2026-02-02 21:08   ` ValentinBoudevin [this message]
2026-02-02 21:08   ` [PATCH v6 2/2] " ValentinBoudevin
2026-02-04 14:58   ` [PATCH v6 0/2] " Daniel Turull

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:550ef0e0e dfblob:f21a00749 dfblob:7ea3f743d )
 OR (
bs:"[PATCH v6 1/2] vulns: add a new recipe" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260202210811.2136027-2-valentin.boudevin@gmail.com \
    --to=valentin.boudevin@gmail.com \
    --cc=daniel.turull@ericsson.com \
    --cc=jerome.oufella@savoirfairelinux.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.