#!/usr/bin/perl
#
# check-config -- check the current config for issues
#
use strict;

my $P = 'check-config';

my $test = -1;
if ($ARGV[0] eq '--test') {
	$test = $ARGV[1] + 0;
} elsif ($#ARGV != 4) {
	die "Usage: $P <config> <arch> <flavour> <commonconfig> <warn-only>\n";
}

my ($config, $arch, $flavour, $commonconfig, $warn_only) = @ARGV;

my %values = ();

# If we are in overridden then still perform the checks and emit the messages
# but do not return failure.  Those items marked FATAL will alway trigger
# failure.
my $fail_exit = 1;
$fail_exit = 0 if ($warn_only eq 'true' || $warn_only eq '1');
my $exit_val = 0;

# Load up the current configuration values -- FATAL if this fails
print "$P: $config: loading config\n";
open(CONFIG, "<$config") || die "$P: $config: open failed -- $! -- aborting\n";
while (<CONFIG>) {
	# Pull out values.
	/^#*\s*(CONFIG_\w+)[\s=](.*)$/ or next;
	if ($2 eq 'is not set') {
		$values{$1} = 'n';
	} else {
		$values{$1} = $2;
	}
}
close(CONFIG);

# ANNOTATIONS: check any annotations marked for enforcement
my $pass = 0;
my $total = 0;
my $annotations = "$commonconfig/annotations";
my ($config, $value, $options, $option, $value, $check, $policy);
print "$P: $annotations loading annotations\n";
my %annot;
my $form = 1;
open(ANNOTATIONS, "<$annotations") || die "$P: $annotations: open failed -- $! -- aborting\n";
while (<ANNOTATIONS>) {
	if (/^# FORMAT: (\S+)/) {
		die "$P: $1: unknown annotations format\n" if ($1 != 2);
		$form = $1;
	}

	/^#/ && next;
	chomp;
	/^$/ && next;

	/^CONFIG_/ || next;

	if ($form == 1) {
		($config, $value, $options) = split(' ', $_, 3);
	} elsif ($form == 2) {
		($config, $options) = split(' ', $_, 2);
	}

	$annot{$config} = $annot{$config} . ' ' . $options;
}
close(ANNOTATIONS);

my $config;
for $config (keys %annot) {
	$check = 0;
	$options = $annot{$config};

	$policy = undef;
	while ($options =~ /\s*(\S+)<(.*?)?>/g) {
		($option, $value) = ($1, $2);

		if ($option eq 'mark' && $value eq 'ENFORCED') {
			$check = 1;

		} elsif ($option eq 'policy') {
			if ($value =~ /^{/) {
				$value =~ s/:/=>/g;
				$policy = eval($value);
				warn "$config: $@" if ($@);
			} else {
				$policy = undef;
			}
		}
	}
	if ($check == 1 && !defined($policy)) {
		print "$P: INVALID POLICY (use policy<{...}>) $config$options\n";
		$total++;
		$check = 0;
	}
	if ($check) {
		my $is = '-';
		$is = $values{$config} if (defined $values{$config});

		my $value = '-';
		for my $which ("$arch-$flavour", "$arch-*", "*-$flavour", "$arch", "*") {
			if (defined $policy->{$which}) {
				$value = $policy->{$which};
				last;
			}
		}
		if ($is eq $value) {
			$pass++;
		} else {
			print "$P: FAIL ($is != $value): $config$options\n";
			$exit_val = $fail_exit;
		}
		$total++;
	}
}

print "$P: $pass/$total checks passed -- exit $exit_val\n";
exit $exit_val;