diff --git a/README.md b/README.md index 41ce3fd96b73693a9957430499f96bbc626a8f72..0ccdfa1b9b123ba108b460279c7e68996d30f448 100644 --- a/README.md +++ b/README.md @@ -21,6 +21,8 @@ The ABI check can be activated by appending the `abicheck` bbclass to the bbclas The tool used for the ABI info serialization is [abidw](https://sourceware.org/libabigail/manual/abidw.html). +By default, the `abicheck` bbclass exits with an error if abidw exited with a non-zero exit code. Set `BINARY_AUDIT_WARN_ONLY` to "1" to warn out and continue instead. + ## ABI compatibility The serialized ABI representation will be integrated into the build history. Saving the build history will allow to compare the current build diff --git a/classes/abicheck.bbclass b/classes/abicheck.bbclass index f4519196cd7305a8df0ac37c7e0b5fe22e6b831e..7f1ccac04256546821a77b17eee2091526f5f94d 100644 --- a/classes/abicheck.bbclass +++ b/classes/abicheck.bbclass @@ -35,17 +35,17 @@ def binary_audit_gather_abixml(d): kv = d.getVar("KERNEL_VERSION") artifact_dir = d.getVar("IMG_DIR") ltree = os.path.join(artifact_dir, "usr", "lib", "modules") + warn = d.getVar("BINARY_AUDIT_WARN_ONLY") == "1" if kv and os.path.isdir(ltree): # XXX This vmlinux lookup method is very vague ptr = os.path.join(d.getVar("WORKDIR"), "..", "..", d.getVar("PREFERRED_PROVIDER_virtual/kernel"), "*", "*", "vmlinux") vmlinux = glob.glob(ptr)[0] - whitelist = None - out, out_fn = abicheck.serialize_kernel_artifacts(abixml_dir, ltree, vmlinux, whitelist) + out, out_fn = abicheck.serialize_kernel_artifacts(abixml_dir, ltree, vmlinux, whitelist, warn) with open(out_fn, "w") as f: f.write(out) f.close() else: - for out, out_fn in abicheck.serialize_artifacts(abixml_dir, artifact_dir): + for out, out_fn in abicheck.serialize_artifacts(abixml_dir, artifact_dir, warn): with open(out_fn, "w") as f: f.write(out) f.close() diff --git a/lib/binaryaudit/abicheck.py b/lib/binaryaudit/abicheck.py index dbacbc14409a96ab29397f3556e1b653ce0989be..da5bdc1f53d5288184f71f6d9a297e24262aa3c8 100644 --- a/lib/binaryaudit/abicheck.py +++ b/lib/binaryaudit/abicheck.py @@ -42,7 +42,7 @@ def serialize(fn): return status, out, cmd -def serialize_kernel_artifacts(abixml_dir, tree, vmlinux=None, whitelist=None): +def serialize_kernel_artifacts(abixml_dir, tree, vmlinux=None, whitelist=None, warn=False): cmd = ["abidw", "--no-corpus-path"] cmd.extend(["--linux-tree", tree]) if vmlinux: @@ -53,6 +53,9 @@ def serialize_kernel_artifacts(abixml_dir, tree, vmlinux=None, whitelist=None): util.note(" ".join(cmd)) ret, out = _serialize(cmd) if not 0 == ret: + if warn: + util.error(out if out else "abidw exited with non-zero code and empty output") + return util.error(out) return out, None if not out: @@ -86,7 +89,7 @@ def compare(ref, cur, suppr=[]): return process.returncode, out, cmd -def serialize_artifacts(adir, id): +def serialize_artifacts(adir, id, warn=False): ''' Recursively serialize binary artifacts starting at the given image directory(id), yields serialized output and filename Parameters: adir (str): path to abixml directory @@ -106,6 +109,9 @@ def serialize_artifacts(adir, id): ret, out, cmd = serialize(fn) util.note(" ".join(cmd)) if not 0 == ret: + if warn: + util.warn(out if out else "abidw exited with non-zero code and empty output") + continue util.error(out) return if not out: