1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
|
# Populates LICENSE_DIRECTORY as set in distro config with the license files as set by
# LIC_FILES_CHKSUM.
# TODO:
# - There is a real issue revolving around license naming standards.
LICENSE_DIRECTORY ??= "${DEPLOY_DIR}/licenses"
LICSSTATEDIR = "${WORKDIR}/license-destdir/"
addtask populate_lic after do_patch before do_package
do_populate_lic[dirs] = "${LICSSTATEDIR}/${PN}"
do_populate_lic[cleandirs] = "${LICSSTATEDIR}"
# Standards are great! Everyone has their own. In an effort to standardize licensing
# names, common-licenses will use the SPDX standard license names. In order to not
# break the non-standardized license names that we find in LICENSE, we'll set
# up a bunch of VarFlags to accomodate non-SPDX license names.
#
# We should really discuss standardizing this field, but that's a longer term goal.
# For now, we can do this and it should grab the most common LICENSE naming variations.
#
# Changing GPL mapping to GPL-2 as it's not very likely to be GPL-1
# We should NEVER have a GPL/LGPL without a version!!!!
# Any mapping to MPL/LGPL/GPL should be fixed
# see: https://wiki.yoctoproject.org/wiki/License_Audit
# GPL variations
SPDXLICENSEMAP[GPL-2] = "GPL-2.0"
SPDXLICENSEMAP[GPLv2] = "GPL-2.0"
SPDXLICENSEMAP[GPLv2.0] = "GPL-2.0"
SPDXLICENSEMAP[GPL-3] = "GPL-3.0"
SPDXLICENSEMAP[GPLv3] = "GPL-3.0"
SPDXLICENSEMAP[GPLv3.0] = "GPL-3.0"
#LGPL variations
SPDXLICENSEMAP[LGPLv2] = "LGPL-2.0"
SPDXLICENSEMAP[LGPL2.1] = "LGPL-2.1"
SPDXLICENSEMAP[LGPLv2.1] = "LGPL-2.1"
SPDXLICENSEMAP[LGPLv3] = "LGPL-3.0"
#MPL variations
SPDXLICENSEMAP[MPL-1] = "MPL-1.0"
SPDXLICENSEMAP[MPLv1] = "MPL-1.0"
SPDXLICENSEMAP[MPLv1.1] = "MPL-1.1"
#MIT variations
SPDXLICENSEMAP[MIT-X] = "MIT"
SPDXLICENSEMAP[MIT-style] = "MIT"
#Openssl variations
SPDXLICENSEMAP[openssl] = "OpenSSL"
#Python variations
SPDXLICENSEMAP[PSF] = "Python-2.0"
SPDXLICENSEMAP[PSFv2] = "Python-2.0"
SPDXLICENSEMAP[Python-2] = "Python-2.0"
#Apache variations
SPDXLICENSEMAP[Apachev2] = "Apache-2.0"
SPDXLICENSEMAP[Apache-2] = "Apache-2.0"
#Artistic variations
SPDXLICENSEMAP[Artisticv1] = "Artistic-1.0"
SPDXLICENSEMAP[Artistic-1] = "Artistic-1.0"
#Academic variations
SPDXLICENSEMAP[AFL-2] = "AFL-2.0"
SPDXLICENSEMAP[AFL-1] = "AFL-1.2"
SPDXLICENSEMAP[AFLv2] = "AFL-2.0"
SPDXLICENSEMAP[AFLv1] = "AFL-1.2"
#Other variations
SPDXLICENSEMAP[EPLv1.0] = "EPL-1.0"
license_create_manifest() {
mkdir -p ${LICENSE_DIRECTORY}/${IMAGE_NAME}
# Get list of installed packages
list_installed_packages | grep -v "locale" |sort > ${LICENSE_DIRECTORY}/${IMAGE_NAME}/package.manifest
INSTALLED_PKGS=`cat ${LICENSE_DIRECTORY}/${IMAGE_NAME}/package.manifest`
# list of installed packages is broken for deb
for pkg in ${INSTALLED_PKGS}; do
# not the best way to do this but licenses are not arch dependant iirc
files=`find ${TMPDIR}/pkgdata/*/runtime -name ${pkg}| head -1`
for filename in $files; do
pkged_pn="$(sed -n 's/^PN: //p' ${filename})"
pkged_lic="$(sed -n '/^LICENSE: /{ s/^LICENSE: //; s/[+|&()*]/ /g; s/ */ /g; p }' ${filename})"
# check to see if the package name exists in the manifest. if so, bail.
if ! grep -q "PACKAGE NAME: ${pkg}" ${filename}; then
# exclude local recipes
if [ ! "${pkged_pn}" = "*locale*" ]; then
echo "PACKAGE NAME:" ${pkg} >> ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest
echo "RECIPE NAME:" ${pkged_pn} >> ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest
echo "LICENSE: " >> ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest
for lic in ${pkged_lic}; do
if [ -e "${LICENSE_DIRECTORY}/${pkged_pn}/generic_${lic}" ]; then
echo ${lic}|sed s'/generic_//'g >> ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest
else
echo "WARNING: The license listed, " ${lic} " was not in the licenses collected for " ${pkged_pn}>> ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest
fi
done
echo "" >> ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest
fi
fi
done
done
# Two options here:
# - Just copy the manifest
# - Copy the manifest and the license directories
# With both options set we see a .5 M increase in core-image-minimal
if [ -n "${COPY_LIC_MANIFEST}" ]; then
mkdir -p ${IMAGE_ROOTFS}/usr/share/common-licenses/
cp ${LICENSE_DIRECTORY}/${IMAGE_NAME}/license.manifest ${IMAGE_ROOTFS}/usr/share/common-licenses/license.manifest
if [ -n "${COPY_LIC_DIRS}" ]; then
for pkg in ${INSTALLED_PKGS}; do
mkdir -p ${IMAGE_ROOTFS}/usr/share/common-licenses/${pkg}
for lic in `ls ${LICENSE_DIRECTORY}/${pkg}`; do
# Really don't need to copy the generics as they're
# represented in the manifest and in the actual pkg licenses
# Doing so would make your image quite a bit larger
if [[ "${lic}" != "generic_"* ]]; then
cp ${LICENSE_DIRECTORY}/${pkg}/${lic} ${IMAGE_ROOTFS}/usr/share/common-licenses/${pkg}/${lic}
elif [[ "${lic}" == "generic_"* ]]; then
if [ ! -f ${IMAGE_ROOTFS}/usr/share/common-licenses/${lic} ]; then
cp ${LICENSE_DIRECTORY}/${pkg}/${lic} ${IMAGE_ROOTFS}/usr/share/common-licenses/
fi
ln -s ../${lic} ${IMAGE_ROOTFS}/usr/share/common-licenses/${pkg}/${lic}
fi
done
done
fi
fi
}
python do_populate_lic() {
"""
Populate LICENSE_DIRECTORY with licenses.
"""
import os
import bb
import shutil
import oe.license
pn = d.getVar('PN', True)
for package in d.getVar('PACKAGES', True):
if d.getVar('LICENSE_' + pn + '-' + package, True):
license_types = license_types + ' & ' + \
d.getVar('LICENSE_' + pn + '-' + package, True)
#If we get here with no license types, then that means we have a recipe
#level license. If so, we grab only those.
try:
license_types
except NameError:
# All the license types at the recipe level
license_types = d.getVar('LICENSE', True)
# All the license files for the package
lic_files = d.getVar('LIC_FILES_CHKSUM', True)
pn = d.getVar('PN', True)
# The base directory we wrangle licenses to
destdir = os.path.join(d.getVar('LICSSTATEDIR', True), pn)
# The license files are located in S/LIC_FILE_CHECKSUM.
srcdir = d.getVar('S', True)
# Directory we store the generic licenses as set in the distro configuration
generic_directory = d.getVar('COMMON_LICENSE_DIR', True)
license_source_dirs = []
license_source_dirs.append(generic_directory)
try:
additional_lic_dirs = d.getVar('LICENSE_DIR', True).split()
for lic_dir in additional_lic_dirs:
license_source_dirs.append(lic_dir)
except:
pass
class FindVisitor(oe.license.LicenseVisitor):
def visit_Str(self, node):
#
# Until I figure out what to do with
# the two modifiers I support (or greater = +
# and "with exceptions" being *
# we'll just strip out the modifier and put
# the base license.
find_license(node.s.replace("+", "").replace("*", ""))
self.generic_visit(node)
def find_license(license_type):
try:
bb.mkdirhier(gen_lic_dest)
except:
pass
spdx_generic = None
license_source = None
# If the generic does not exist we need to check to see if there is an SPDX mapping to it
for lic_dir in license_source_dirs:
if not os.path.isfile(os.path.join(lic_dir, license_type)):
if d.getVarFlag('SPDXLICENSEMAP', license_type) != None:
# Great, there is an SPDXLICENSEMAP. We can copy!
bb.debug(1, "We need to use a SPDXLICENSEMAP for %s" % (license_type))
spdx_generic = d.getVarFlag('SPDXLICENSEMAP', license_type)
license_source = lic_dir
break
elif os.path.isfile(os.path.join(lic_dir, license_type)):
spdx_generic = license_type
license_source = lic_dir
break
if spdx_generic and license_source:
# we really should copy to generic_ + spdx_generic, however, that ends up messing the manifest
# audit up. This should be fixed in emit_pkgdata (or, we actually got and fix all the recipes)
ret = bb.copyfile(os.path.join(license_source, spdx_generic), os.path.join(os.path.join(d.getVar('LICSSTATEDIR', True), pn), "generic_" + license_type))
# If the copy didn't occur, something horrible went wrong and we fail out
if not ret:
bb.warn("%s for %s could not be copied for some reason. It may not exist. WARN for now." % (spdx_generic, pn))
else:
# And here is where we warn people that their licenses are lousy
bb.warn("%s: No generic license file exists for: %s in any provider" % (pn, license_type))
pass
try:
bb.mkdirhier(destdir)
except:
pass
if not generic_directory:
raise bb.build.FuncFailed("COMMON_LICENSE_DIR is unset. Please set this in your distro config")
if not lic_files:
# No recipe should have an invalid license file. This is checked else
# where, but let's be pedantic
bb.note(pn + ": Recipe file does not have license file information.")
return True
for url in lic_files.split():
(type, host, path, user, pswd, parm) = bb.decodeurl(url)
# We want the license file to be copied into the destination
srclicfile = os.path.join(srcdir, path)
ret = bb.copyfile(srclicfile, os.path.join(destdir, os.path.basename(path)))
# If the copy didn't occur, something horrible went wrong and we fail out
if not ret:
bb.warn("%s could not be copied for some reason. It may not exist. WARN for now." % srclicfile)
v = FindVisitor()
try:
v.visit_string(license_types)
except oe.license.InvalidLicense as exc:
bb.fatal('%s: %s' % (d.getVar('PF', True), exc))
except SyntaxError:
bb.warn("%s: Failed to parse it's LICENSE field." % (d.getVar('PF', True)))
}
def incompatible_license(d,dont_want_license):
"""
This function checks if a package has only incompatible licenses. It also take into consideration 'or'
operand.
"""
import re
import oe.license
from fnmatch import fnmatchcase as fnmatch
dont_want_licenses = []
dont_want_licenses.append(d.getVar('INCOMPATIBLE_LICENSE', True))
if d.getVarFlag('SPDXLICENSEMAP', dont_want_license):
dont_want_licenses.append(d.getVarFlag('SPDXLICENSEMAP', dont_want_license))
def include_license(license):
if any(fnmatch(license, pattern) for pattern in dont_want_licenses):
return False
else:
spdx_license = d.getVarFlag('SPDXLICENSEMAP', license)
if spdx_license and any(fnmatch(spdx_license, pattern) for pattern in dont_want_licenses):
return False
else:
return True
def choose_licenses(a, b):
if all(include_license(lic) for lic in a):
return a
else:
return b
"""
If you want to exlude license named generically 'X', we surely want to exlude 'X+' as well.
In consequence, we will exclude the '+' character from LICENSE in case INCOMPATIBLE_LICENSE
is not a 'X+' license.
"""
if not re.search(r'[+]',dont_want_license):
licenses=oe.license.flattened_licenses(re.sub(r'[+]', '', d.getVar('LICENSE', True)), choose_licenses)
else:
licenses=oe.license.flattened_licenses(d.getVar('LICENSE', True), choose_licenses)
for onelicense in licenses:
if not include_license(onelicense):
return True
return False
def check_license_flags(d):
"""
This function checks if a recipe has any LICENSE_FLAGs that
aren't whitelisted.
If it does, it returns the first LICENSE_FLAG missing from the
whitelist, or all the LICENSE_FLAGs if there is no whitelist.
If everything is is properly whitelisted, it returns None.
"""
def license_flag_matches(flag, whitelist, pn):
"""
Return True if flag matches something in whitelist, None if not.
Before we test a flag against the whitelist, we append _${PN}
to it. We then try to match that string against the
whitelist. This covers the normal case, where we expect
LICENSE_FLAGS to be a simple string like 'commercial', which
the user typically matches exactly in the whitelist by
explicitly appending the package name e.g 'commercial_foo'.
If we fail the match however, we then split the flag across
'_' and append each fragment and test until we either match or
run out of fragments.
"""
flag_pn = ("%s_%s" % (flag, pn))
for candidate in whitelist:
if flag_pn == candidate:
return True
flag_cur = ""
flagments = flag_pn.split("_")
flagments.pop() # we've already tested the full string
for flagment in flagments:
if flag_cur:
flag_cur += "_"
flag_cur += flagment
for candidate in whitelist:
if flag_cur == candidate:
return True
return False
def all_license_flags_match(license_flags, whitelist):
""" Return first unmatched flag, None if all flags match """
pn = d.getVar('PN', True)
split_whitelist = whitelist.split()
for flag in license_flags.split():
if not license_flag_matches(flag, split_whitelist, pn):
return flag
return None
license_flags = d.getVar('LICENSE_FLAGS', True)
if license_flags:
whitelist = d.getVar('LICENSE_FLAGS_WHITELIST', True)
if not whitelist:
return license_flags
unmatched_flag = all_license_flags_match(license_flags, whitelist)
if unmatched_flag:
return unmatched_flag
return None
SSTATETASKS += "do_populate_lic"
do_populate_lic[sstate-name] = "populate-lic"
do_populate_lic[sstate-inputdirs] = "${LICSSTATEDIR}"
do_populate_lic[sstate-outputdirs] = "${LICENSE_DIRECTORY}/"
ROOTFS_POSTINSTALL_COMMAND += "license_create_manifest; "
python do_populate_lic_setscene () {
sstate_setscene(d)
}
addtask do_populate_lic_setscene
|
