support/scripts/pkg-stats: tweak infras field when running with -c

When we use the statistics output to generate a CVE/CPE customer report showing whether a product is affected by CVEs, we are primarily interested in whether they are relevant to the target system. Currently we cannot see if the package is configured for the build (infra==host) and/or the target system (infra==target). Therefore this commit extends the pkg-stats script to leverage the information available in "make show-info" output to tweak the list of package infrastructures for each package. Thanks to this commit, the script now has a more consistent behavior: * When pkg-stats is run without -c, i.e without a defined Buildroot configuration, it continues to operate as it did, i.e it lists all package infrastructures supported by the package (such as autotools host+target, or kconfig target, etc.) * When pkg-stats is run with -c, i.e with a defined Buildroot configuration which defines the list of packages that should be considered, then for each package it now lists only the package infrastructures used by the package in that current configuration. For example if you have a package with a host and target variant, but only the host variant is used in your configuration, now the pkg-stats output will only say that the host variant of this package is used; Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com> [Thomas: pretty much rework the entire implementation and how the result is presented.] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-06-24 14:57:03 +02:00 · 2021-06-24 14:57:03 +02:00 · 28973f28ac
commit 28973f28ac
parent 31a28d8906
1 changed files with 24 additions and 8 deletions
--- a/support/scripts/pkg-stats
+++ b/support/scripts/pkg-stats
@ -92,6 +92,11 @@ class Package:
        self.name = name
        self.path = path
        self.pkg_path = os.path.dirname(path)
+        # Contains a list of tuple (type, infra), such as ("target",
+        # "autotools"). When pkg-stats is run without -c, it contains
+        # the list of all infra/type supported by the package. When
+        # pkg-stats is run with -c, it contains the list of infra/type
+        # used by the current configuration.
        self.infras = None
        self.license = None
        self.has_license = False
@ -151,10 +156,20 @@ class Package:
            return False
        return True

-    def set_infra(self):
+    def set_infra(self, show_info_js):
        """
        Fills in the .infras field
        """
+        # If we're running pkg-stats for a given Buildroot
+        # configuration, keep only the type/infra that applies
+        if show_info_js:
+            keep_host = "host-%s" % self.name in show_info_js
+            keep_target = self.name in show_info_js
+        # Otherwise, keep all
+        else:
+            keep_host = True
+            keep_target = True
+
        self.infras = list()
        with open(os.path.join(brpath, self.path), 'r') as f:
            lines = f.readlines()
@ -163,9 +178,9 @@ class Package:
                if not match:
                    continue
                infra = match.group(1)
-                if infra.startswith("host-"):
+                if infra.startswith("host-") and keep_host:
                    self.infras.append(("host", infra[5:]))
-                else:
+                elif keep_target:
                    self.infras.append(("target", infra))

    def set_license(self):
@ -372,10 +387,9 @@ def get_pkglist(npackages, package_list):
    return packages


-def get_config_packages():
+def get_show_info_js():
    cmd = ["make", "--no-print-directory", "show-info"]
-    js = json.loads(subprocess.check_output(cmd))
-    return set([v["name"] for v in js.values() if 'name' in v])
+    return json.loads(subprocess.check_output(cmd))


 def package_init_make_info():
@ -1229,10 +1243,12 @@ def __main__():
    if args.nvd_path:
        import cve as cvecheck

+    show_info_js = None
    if args.packages:
        package_list = args.packages.split(",")
    elif args.configpackages:
-        package_list = get_config_packages()
+        show_info_js = get_show_info_js()
+        package_list = set([v["name"] for v in show_info_js.values() if 'name' in v])
    else:
        package_list = None
    date = datetime.datetime.utcnow()
@ -1251,7 +1267,7 @@ def __main__():
    package_init_make_info()
    print("Getting package details ...")
    for pkg in packages:
-        pkg.set_infra()
+        pkg.set_infra(show_info_js)
        pkg.set_license()
        pkg.set_hash_info()
        pkg.set_patch_count()