From 5a5d01bc7a0159e602641cfabd8c187ba6258243 Mon Sep 17 00:00:00 2001
From: Michal Koutný <mkoutny@suse.com>
Date: Apr 05 2024 14:18:24 +0000
Subject: mass-cve: Add Makefile to process vulns.git database


---

diff --git a/scripts/cve_tools/.gitignore b/scripts/cve_tools/.gitignore
new file mode 100644
index 0000000..773a6df
--- /dev/null
+++ b/scripts/cve_tools/.gitignore
@@ -0,0 +1 @@
+*.dat
diff --git a/scripts/cve_tools/Makefile b/scripts/cve_tools/Makefile
new file mode 100644
index 0000000..0fd8719
--- /dev/null
+++ b/scripts/cve_tools/Makefile
@@ -0,0 +1,22 @@
+# Expects VULNS_GIT environment variable with a clone of https://git.kernel.org/pub/scm/linux/security/vulns.git
+# Expects KSOURCE_GIT environment variable
+
+YEAR=2024
+
+all: $(YEAR).dat
+
+hash_cve_$(YEAR).dat: $(wildcard $(VULNS_GIT)/cve/published/$(YEAR)/*.sha1)
+	for f in $^ ; do \
+		echo $$(head -n1 $$f) $$(basename $${f%.sha1}) ; \
+	done | sort -k1 >"$@"
+
+hash_file.dat:
+	git --git-dir="$(KSOURCE_GIT)/.git" --work-tree="$(KSOURCE_GIT)" grep -i "^git-commit[[:space:]]*:[[:space:]]*" "$(KSOURCE_GIT)/patches.suse" |\
+		awk -vFS=":" '{gsub(" ", "", $$3); print $$3, $$1}' | sort -k1 >"$@"
+
+update_refs: hash_file.dat hash_cve_$(YEAR).dat
+	join $^ | while read sha file cve ; do \
+		pushd "$(KSOURCE_GIT)" >/dev/null ; \
+		scripts/add-missing-reference -r $$cve $$file ; \
+		popd >/dev/null ; \
+	done