classes/sstate: don't use unsigned sstate when verification enabled

When signature verification of shared state objects is enabled (SSTATE_VERIFY_SIG) use of an unsigned object, even though it produces a warning, seems unexpected. Instead skip unsigned objects and force the non-accelerated task to be run. Signed-off-by: Joshua Lock <jlock@vmware.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Joshua Lock via Openembedded-core <openembedded-core@lists.openembedded.org> 2019-07-26 11:26:49 +0000
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2019-07-27 22:45:23 +0100
commit: 571235978d98552e3734bf382454dd51272db782 (patch)
tree: e82dec03b07277be39980890af717b9e6d60080e /meta
parent: 06559c1ed86dbce53505f9ed98111fe9d0b97ed7 (diff)
download: openembedded-core-contrib-571235978d98552e3734bf382454dd51272db782.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass
index d8fdcece6a..3342c5ef50 100644
--- a/meta/classes/sstate.bbclass
+++ b/meta/classes/sstate.bbclass
@@ -340,7 +340,8 @@ def sstate_installpkg(ss, d):
     if bb.utils.to_boolean(d.getVar("SSTATE_VERIFY_SIG"), False):
         signer = get_signer(d, 'local')
         if not signer.verify(sstatepkg + '.sig'):
-            bb.warn("Cannot verify signature on sstate package %s" % sstatepkg)
+            bb.warn("Cannot verify signature on sstate package %s, skipping acceleration..." % sstatepkg)
+            return False
 
     # Empty sstateinst directory, ensure its clean
     if os.path.exists(sstateinst):
author	Joshua Lock via Openembedded-core <openembedded-core@lists.openembedded.org>	2019-07-26 11:26:49 +0000
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2019-07-27 22:45:23 +0100
commit	571235978d98552e3734bf382454dd51272db782 (patch)
tree	e82dec03b07277be39980890af717b9e6d60080e /meta
parent	06559c1ed86dbce53505f9ed98111fe9d0b97ed7 (diff)
download	openembedded-core-contrib-571235978d98552e3734bf382454dd51272db782.tar.gz