]>
Commit | Line | Data |
---|---|---|
356bd1e1 LO |
1 | #!/usr/bin/perl |
2 | # | |
3 | # check-config -- check the current config for issues | |
4 | # | |
5 | use strict; | |
6 | ||
7 | my $P = 'check-config'; | |
8 | ||
9 | my $test = -1; | |
10 | if ($ARGV[0] eq '--test') { | |
11 | $test = $ARGV[1] + 0; | |
12 | } elsif ($#ARGV != 4) { | |
13 | die "Usage: $P <config> <arch> <flavour> <commonconfig> <warn-only>\n"; | |
14 | } | |
15 | ||
16 | my ($config, $arch, $flavour, $commonconfig, $warn_only) = @ARGV; | |
17 | ||
356bd1e1 LO |
18 | my %values = (); |
19 | ||
20 | # If we are in overridden then still perform the checks and emit the messages | |
21 | # but do not return failure. Those items marked FATAL will alway trigger | |
22 | # failure. | |
23 | my $fail_exit = 1; | |
24 | $fail_exit = 0 if ($warn_only eq 'true' || $warn_only eq '1'); | |
25 | my $exit_val = 0; | |
26 | ||
356bd1e1 LO |
27 | # Load up the current configuration values -- FATAL if this fails |
28 | print "$P: $config: loading config\n"; | |
29 | open(CONFIG, "<$config") || die "$P: $config: open failed -- $! -- aborting\n"; | |
30 | while (<CONFIG>) { | |
31 | # Pull out values. | |
32 | /^#*\s*(CONFIG_\w+)[\s=](.*)$/ or next; | |
33 | if ($2 eq 'is not set') { | |
34 | $values{$1} = 'n'; | |
35 | } else { | |
36 | $values{$1} = $2; | |
37 | } | |
38 | } | |
39 | close(CONFIG); | |
40 | ||
d4395354 AW |
41 | # ANNOTATIONS: check any annotations marked for enforcement |
42 | my $pass = 0; | |
43 | my $total = 0; | |
44 | my $annotations = "$commonconfig/annotations"; | |
45 | my ($config, $value, $options, $option, $value, $check, $policy); | |
46 | print "$P: $annotations loading annotations\n"; | |
66872888 | 47 | my %annot; |
d4395354 AW |
48 | open(ANNOTATIONS, "<$annotations") || die "$P: $annotations: open failed -- $! -- aborting\n"; |
49 | while (<ANNOTATIONS>) { | |
50 | /^#/ && next; | |
51 | chomp; | |
52 | /^$/ && next; | |
53 | ||
66872888 AW |
54 | /^CONFIG_/ || next; |
55 | ||
d4395354 | 56 | ($config, $value, $options) = split(' ', $_, 3); |
66872888 AW |
57 | |
58 | $annot{$config} = $annot{$config} . ' ' . $options; | |
59 | } | |
60 | close(ANNOTATIONS); | |
61 | ||
62 | my $config; | |
63 | for $config (keys %annot) { | |
64 | $check = 0; | |
65 | $options = $annot{$config}; | |
66 | ||
67 | $policy = undef; | |
d4395354 AW |
68 | while ($options =~ /\s*(\S+)<(.*?)?>/g) { |
69 | ($option, $value) = ($1, $2); | |
70 | ||
71 | if ($option eq 'mark' && $value eq 'ENFORCED') { | |
72 | $check = 1; | |
73 | ||
74 | } elsif ($option eq 'policy') { | |
75 | if ($value =~ /^{/) { | |
76 | $value =~ s/:/=>/g; | |
77 | $policy = eval($value); | |
b51c78b4 | 78 | warn "$@" if ($@); |
d4395354 AW |
79 | } else { |
80 | $policy = undef; | |
81 | } | |
82 | } | |
83 | } | |
66872888 AW |
84 | if ($check == 1 && !defined($policy)) { |
85 | print "$P: INVALID POLICY (use policy<{...}>) $config$options\n"; | |
d4395354 | 86 | $total++; |
66872888 | 87 | $check = 0; |
d4395354 AW |
88 | } |
89 | if ($check) { | |
90 | my $is = '-'; | |
91 | $is = $values{$config} if (defined $values{$config}); | |
92 | ||
93 | my $value = '-'; | |
94 | for my $which ("$arch-$flavour", "$arch-*", "*-$flavour", "$arch", "*") { | |
95 | if (defined $policy->{$which}) { | |
96 | $value = $policy->{$which}; | |
97 | last; | |
98 | } | |
99 | } | |
100 | if ($is eq $value) { | |
101 | $pass++; | |
102 | } else { | |
66872888 | 103 | print "$P: FAIL ($is != $value): $config$options\n"; |
d4395354 AW |
104 | $exit_val = $fail_exit; |
105 | } | |
106 | $total++; | |
107 | } | |
108 | } | |
d4395354 | 109 | |
356bd1e1 LO |
110 | print "$P: $pass/$total checks passed -- exit $exit_val\n"; |
111 | exit $exit_val; |