[mirror_ubuntu-zesty-kernel.git] / debian / scripts / config-check

#!/usr/bin/perl
#
# check-config -- check the current config for issues
#
use strict;

my $P = 'check-config';

my $test = -1;
if ($ARGV[0] eq '--test') {
	$test = $ARGV[1] + 0;
} elsif ($#ARGV != 4) {
	die "Usage: $P <config> <arch> <flavour> <commonconfig> <warn-only>\n";
}

my ($config, $arch, $flavour, $commonconfig, $warn_only) = @ARGV;

my %values = ();

# If we are in overridden then still perform the checks and emit the messages
# but do not return failure.  Those items marked FATAL will alway trigger
# failure.
my $fail_exit = 1;
$fail_exit = 0 if ($warn_only eq 'true' || $warn_only eq '1');
my $exit_val = 0;

# Load up the current configuration values -- FATAL if this fails
print "$P: $config: loading config\n";
open(CONFIG, "<$config") || die "$P: $config: open failed -- $! -- aborting\n";
while (<CONFIG>) {
	# Pull out values.
	/^#*\s*(CONFIG_\w+)[\s=](.*)$/ or next;
	if ($2 eq 'is not set') {
		$values{$1} = 'n';
	} else {
		$values{$1} = $2;
	}
}
close(CONFIG);

# ANNOTATIONS: check any annotations marked for enforcement
my $pass = 0;
my $total = 0;
my $annotations = "$commonconfig/annotations";
my ($config, $value, $options, $option, $value, $check, $policy);
print "$P: $annotations loading annotations\n";
my %annot;
my $form = 1;
open(ANNOTATIONS, "<$annotations") || die "$P: $annotations: open failed -- $! -- aborting\n";
while (<ANNOTATIONS>) {
	if (/^# FORMAT: (\S+)/) {
		die "$P: $1: unknown annotations format\n" if ($1 != 2);
		$form = $1;
	}

	/^#/ && next;
	chomp;
	/^$/ && next;

	/^CONFIG_/ || next;

	if ($form == 1) {
		($config, $value, $options) = split(' ', $_, 3);
	} elsif ($form == 2) {
		($config, $options) = split(' ', $_, 2);
	}

	$annot{$config} = $annot{$config} . ' ' . $options;
}
close(ANNOTATIONS);

my $config;
for $config (keys %annot) {
	$check = 0;
	$options = $annot{$config};

	$policy = undef;
	while ($options =~ /\s*(\S+)<(.*?)?>/g) {
		($option, $value) = ($1, $2);

		if ($option eq 'mark' && $value eq 'ENFORCED') {
			$check = 1;

		} elsif ($option eq 'policy') {
			if ($value =~ /^{/) {
				$value =~ s/:/=>/g;
				$policy = eval($value);
				warn "$config: $@" if ($@);
			} else {
				$policy = undef;
			}
		}
	}
	if ($check == 1 && !defined($policy)) {
		print "$P: INVALID POLICY (use policy<{...}>) $config$options\n";
		$total++;
		$check = 0;
	}
	if ($check) {
		my $is = '-';
		$is = $values{$config} if (defined $values{$config});

		my $value = '-';
		for my $which ("$arch-$flavour", "$arch-*", "*-$flavour", "$arch", "*") {
			if (defined $policy->{$which}) {
				$value = $policy->{$which};
				last;
			}
		}
		if ($is eq $value) {
			$pass++;
		} else {
			print "$P: FAIL ($is != $value): $config$options\n";
			$exit_val = $fail_exit;
		}
		$total++;
	}
}

print "$P: $pass/$total checks passed -- exit $exit_val\n";
exit $exit_val;
Commit	Line	Data
356bd1e1 LO	1	#!/usr/bin/perl
	2	#
	3	# check-config -- check the current config for issues
	4	#
	5	use strict;
	6
	7	my $P = 'check-config';
	8
	9	my $test = -1;
	10	if ($ARGV[0] eq '--test') {
	11	$test = $ARGV[1] + 0;
	12	} elsif ($#ARGV != 4) {
	13	die "Usage: $P <config> <arch> <flavour> <commonconfig> <warn-only>\n";
	14	}
	15
	16	my ($config, $arch, $flavour, $commonconfig, $warn_only) = @ARGV;
	17
356bd1e1 LO	18	my %values = ();
	19
	20	# If we are in overridden then still perform the checks and emit the messages
	21	# but do not return failure. Those items marked FATAL will alway trigger
	22	# failure.
	23	my $fail_exit = 1;
	24	$fail_exit = 0 if ($warn_only eq 'true' \|\| $warn_only eq '1');
	25	my $exit_val = 0;
	26
356bd1e1 LO	27	# Load up the current configuration values -- FATAL if this fails
	28	print "$P: $config: loading config\n";
	29	open(CONFIG, "<$config") \|\| die "$P: $config: open failed -- $! -- aborting\n";
	30	while (<CONFIG>) {
	31	# Pull out values.
	32	/^#\s(CONFIG_\w+)[\s=](.*)$/ or next;
	33	if ($2 eq 'is not set') {
	34	$values{$1} = 'n';
	35	} else {
	36	$values{$1} = $2;
	37	}
	38	}
	39	close(CONFIG);
	40
d4395354 AW	41	# ANNOTATIONS: check any annotations marked for enforcement
	42	my $pass = 0;
	43	my $total = 0;
	44	my $annotations = "$commonconfig/annotations";
	45	my ($config, $value, $options, $option, $value, $check, $policy);
	46	print "$P: $annotations loading annotations\n";
66872888	47	my %annot;
3c6a3fbb	48	my $form = 1;
d4395354 AW	49	open(ANNOTATIONS, "<$annotations") \|\| die "$P: $annotations: open failed -- $! -- aborting\n";
d4395354 AW	50	while (<ANNOTATIONS>) {
3c6a3fbb AW	51	if (/^# FORMAT: (\S+)/) {
	52	die "$P: $1: unknown annotations format\n" if ($1 != 2);
	53	$form = $1;
	54	}
	55
d4395354 AW	56	/^#/ && next;
	57	chomp;
	58	/^$/ && next;
	59
66872888 AW	60	/^CONFIG_/ \|\| next;
66872888 AW	61
3c6a3fbb AW	62	if ($form == 1) {
	63	($config, $value, $options) = split(' ', $_, 3);
	64	} elsif ($form == 2) {
	65	($config, $options) = split(' ', $_, 2);
	66	}
66872888 AW	67
	68	$annot{$config} = $annot{$config} . ' ' . $options;
	69	}
	70	close(ANNOTATIONS);
	71
	72	my $config;
	73	for $config (keys %annot) {
	74	$check = 0;
	75	$options = $annot{$config};
	76
	77	$policy = undef;
d4395354 AW	78	while ($options =~ /\s(\S+)<(.?)?>/g) {
	79	($option, $value) = ($1, $2);
	80
	81	if ($option eq 'mark' && $value eq 'ENFORCED') {
	82	$check = 1;
	83
	84	} elsif ($option eq 'policy') {
	85	if ($value =~ /^{/) {
	86	$value =~ s/:/=>/g;
	87	$policy = eval($value);
6690fc07	88	warn "$config: $@" if ($@);
d4395354 AW	89	} else {
	90	$policy = undef;
	91	}
	92	}
	93	}
66872888 AW	94	if ($check == 1 && !defined($policy)) {
66872888 AW	95	print "$P: INVALID POLICY (use policy<{...}>) $config$options\n";
d4395354	96	$total++;
66872888	97	$check = 0;
d4395354 AW	98	}
	99	if ($check) {
	100	my $is = '-';
	101	$is = $values{$config} if (defined $values{$config});
	102
	103	my $value = '-';
	104	for my $which ("$arch-$flavour", "$arch-", "-$flavour", "$arch", "*") {
	105	if (defined $policy->{$which}) {
	106	$value = $policy->{$which};
	107	last;
	108	}
	109	}
	110	if ($is eq $value) {
	111	$pass++;
	112	} else {
66872888	113	print "$P: FAIL ($is != $value): $config$options\n";
d4395354 AW	114	$exit_val = $fail_exit;
	115	}
	116	$total++;
	117	}
	118	}
d4395354	119
356bd1e1 LO	120	print "$P: $pass/$total checks passed -- exit $exit_val\n";
356bd1e1 LO	121	exit $exit_val;