| Message ID | 20250306-qa_kernel-v1-1-e83431c29799@syslinbit.com |
|---|---|
| State | New |
| Headers | show |
| Series | classes/kernel: add QA to check required or forbidden kernel configs | expand |
On Thu, Mar 6, 2025 at 10:04 AM Louis Rannou via lists.openembedded.org <louis.rannou=syslinbit.com@lists.openembedded.org> wrote: > From: Louis Rannou <louis.rannou@non.se.com> > > Add a QARECIPETEST kernel-config to the kernel to check the kernel config > has > set (or unset) config listed in variables QA_KERNEL_CONFIGS_REQUIRED (or > QA_KERNEL_CONFIGS_FORBIDDEN). > > We already have audit tools that can do this, the approach of opening the .config, iterating and then hard binding ourselves to the very specific kernel configuration names has been considered and rejected many times. What exactly isn't working with the already supported mechanism ? Bruce > Signed-off-by: Louis Rannou <louis.rannou@non.se.com> > --- > meta/classes-recipe/kernel.bbclass | 38 > ++++++++++++++++++++++++++++++++++++++ > 1 file changed, 38 insertions(+) > > diff --git a/meta/classes-recipe/kernel.bbclass > b/meta/classes-recipe/kernel.bbclass > index > 64a685a964dab942db05b8d9e08cc22a3bbb152e..4a82b84d479667bf4a6e64ad3e99d934c6868b98 > 100644 > --- a/meta/classes-recipe/kernel.bbclass > +++ b/meta/classes-recipe/kernel.bbclass > @@ -867,3 +867,41 @@ EXPORT_FUNCTIONS do_deploy > > # Add using Device Tree support > inherit kernel-devicetree > + > + > +# Add QA test to check some required/forbidden kernel configs are set or > not. > +QA_KERNEL_CONFIGS_REQUIRED ??= "" > +QA_KERNEL_CONFIGS_FORBIDDEN ??= "" > + > +WARN_QA:append = " kernel-config" > + > +QARECIPETEST[kernel-config] = "package_qa_check_kernel_config" > +def package_qa_check_kernel_config(pn, d): > + from pathlib import Path > + import re > + > + config_path = Path(d.getVar("B"), ".config") > + if not config_path.exists(): > + oe.qa.handle_error("kernel-config", > + "Kernel configs have not been checked "\ > + "as the kernel .config is not found: "\ > + "%s." % config_path) > + return > + > + config_list = {} > + with config_path.open('r') as f_config: > + for line in f_config.read().splitlines(): > + configset = re.match(r'# (\w+) is not set|(\w+)=([ymn])', > line) > + if configset is not None: > + if configset.group(1) is not None: > + config_list[configset.group(1)] = "n" > + else: > + config_list[configset.group(2)] = configset.group(3) > + > + for conf in d.getVar("QA_KERNEL_CONFIGS_REQUIRED").split(): > + if conf not in config_list or config_list[conf] == "n": > + oe.qa.handle_error("kernel-config", "Kernel config is > required: %s" % conf, d) > + > + for conf in d.getVar("QA_KERNEL_CONFIGS_FORBIDDEN").split(): > + if conf in config_list and config_list[conf] in "ym": > + oe.qa.handle_error("kernel-config", "Kernel config is > forbidden: %s" % conf, d) > > --- > base-commit: b72823fc09674f78ad452250f453f6e47d9444de > change-id: 20250306-qa_kernel-061a37e316c4 > > Best regards, > -- > Louis Rannou <louis.rannou@syslinbit.com> > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#212394): > https://lists.openembedded.org/g/openembedded-core/message/212394 > Mute This Topic: https://lists.openembedded.org/mt/111549046/1050810 > Group Owner: openembedded-core+owner@lists.openembedded.org > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [ > bruce.ashfield@gmail.com] > -=-=-=-=-=-=-=-=-=-=-=- > >
On 06/03/2025 16:36, Bruce Ashfield wrote: > > > On Thu, Mar 6, 2025 at 10:04 AM Louis Rannou via lists.openembedded.org > <http://lists.openembedded.org> > <louis.rannou=syslinbit.com@lists.openembedded.org > <mailto:syslinbit.com@lists.openembedded.org>> wrote: > > From: Louis Rannou <louis.rannou@non.se.com > <mailto:louis.rannou@non.se.com>> > > Add a QARECIPETEST kernel-config to the kernel to check the kernel > config has > set (or unset) config listed in variables QA_KERNEL_CONFIGS_REQUIRED (or > QA_KERNEL_CONFIGS_FORBIDDEN). > > > We already have audit tools that can do this, the approach of opening > the .config, iterating and then hard binding ourselves to the very specific > kernel configuration names has been considered and rejected many > times. > > What exactly isn't working with the already supported mechanism ? My ignorance I suppose. I didn't know about the audit phase and kernel-cache. I guess I have to read the doc... Louis > > Bruce > > Signed-off-by: Louis Rannou <louis.rannou@non.se.com > <mailto:louis.rannou@non.se.com>> > --- > meta/classes-recipe/kernel.bbclass | 38 ++++++++++++++++++++++++++ > ++++++++++++ > 1 file changed, 38 insertions(+) > > diff --git a/meta/classes-recipe/kernel.bbclass b/meta/classes- > recipe/kernel.bbclass > index > 64a685a964dab942db05b8d9e08cc22a3bbb152e..4a82b84d479667bf4a6e64ad3e99d934c6868b98 100644 > --- a/meta/classes-recipe/kernel.bbclass > +++ b/meta/classes-recipe/kernel.bbclass > @@ -867,3 +867,41 @@ EXPORT_FUNCTIONS do_deploy > > # Add using Device Tree support > inherit kernel-devicetree > + > + > +# Add QA test to check some required/forbidden kernel configs are > set or not. > +QA_KERNEL_CONFIGS_REQUIRED ??= "" > +QA_KERNEL_CONFIGS_FORBIDDEN ??= "" > + > +WARN_QA:append = " kernel-config" > + > +QARECIPETEST[kernel-config] = "package_qa_check_kernel_config" > +def package_qa_check_kernel_config(pn, d): > + from pathlib import Path > + import re > + > + config_path = Path(d.getVar("B"), ".config") > + if not config_path.exists(): > + oe.qa.handle_error("kernel-config", > + "Kernel configs have not been checked "\ > + "as the kernel .config is not found: "\ > + "%s." % config_path) > + return > + > + config_list = {} > + with config_path.open('r') as f_config: > + for line in f_config.read().splitlines(): > + configset = re.match(r'# (\w+) is not set| > (\w+)=([ymn])', line) > + if configset is not None: > + if configset.group(1) is not None: > + config_list[configset.group(1)] = "n" > + else: > + config_list[configset.group(2)] = > configset.group(3) > + > + for conf in d.getVar("QA_KERNEL_CONFIGS_REQUIRED").split(): > + if conf not in config_list or config_list[conf] == "n": > + oe.qa.handle_error("kernel-config", "Kernel config is > required: %s" % conf, d) > + > + for conf in d.getVar("QA_KERNEL_CONFIGS_FORBIDDEN").split(): > + if conf in config_list and config_list[conf] in "ym": > + oe.qa.handle_error("kernel-config", "Kernel config is > forbidden: %s" % conf, d) > > --- > base-commit: b72823fc09674f78ad452250f453f6e47d9444de > change-id: 20250306-qa_kernel-061a37e316c4 > > Best regards, > -- > Louis Rannou <louis.rannou@syslinbit.com > <mailto:louis.rannou@syslinbit.com>> > > > -=-=-=-=-=-=-=-=-=-=-=- > Links: You receive all messages sent to this group. > View/Reply Online (#212394): https://lists.openembedded.org/g/ > openembedded-core/message/212394 <https://lists.openembedded.org/g/ > openembedded-core/message/212394> > Mute This Topic: https://lists.openembedded.org/mt/111549046/1050810 > <https://lists.openembedded.org/mt/111549046/1050810> > Group Owner: openembedded-core+owner@lists.openembedded.org > <mailto:openembedded-core%2Bowner@lists.openembedded.org> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/ > unsub <https://lists.openembedded.org/g/openembedded-core/unsub> > [bruce.ashfield@gmail.com <mailto:bruce.ashfield@gmail.com>] > -=-=-=-=-=-=-=-=-=-=-=- > > > > -- > - Thou shalt not follow the NULL pointer, for chaos and madness await > thee at its end > - "Use the force Harry" - Gandalf, Star Trek II >
On Fri, Mar 7, 2025 at 2:45 AM Louis Rannou <louis.rannou@syslinbit.com> wrote: > > > On 06/03/2025 16:36, Bruce Ashfield wrote: > > > > > > On Thu, Mar 6, 2025 at 10:04 AM Louis Rannou via lists.openembedded.org > > <http://lists.openembedded.org> > > <louis.rannou=syslinbit.com@lists.openembedded.org > > <mailto:syslinbit.com@lists.openembedded.org>> wrote: > > > > From: Louis Rannou <louis.rannou@non.se.com > > <mailto:louis.rannou@non.se.com>> > > > > Add a QARECIPETEST kernel-config to the kernel to check the kernel > > config has > > set (or unset) config listed in variables QA_KERNEL_CONFIGS_REQUIRED > (or > > QA_KERNEL_CONFIGS_FORBIDDEN). > > > > > > We already have audit tools that can do this, the approach of opening > > the .config, iterating and then hard binding ourselves to the very > specific > > kernel configuration names has been considered and rejected many > > times. > > > > What exactly isn't working with the already supported mechanism ? > > My ignorance I suppose. I didn't know about the audit phase and > kernel-cache. I guess I have to read the doc... > If it doesn't work for your use case, or is otherwise causing issues, let me know and I'll make changes as required. I've taken a note to pull together a short presentation on this, as more documentation/examples can only be a good thing. Cheers, Bruce > > Louis > > > > > Bruce > > > > Signed-off-by: Louis Rannou <louis.rannou@non.se.com > > <mailto:louis.rannou@non.se.com>> > > --- > > meta/classes-recipe/kernel.bbclass | 38 ++++++++++++++++++++++++++ > > ++++++++++++ > > 1 file changed, 38 insertions(+) > > > > diff --git a/meta/classes-recipe/kernel.bbclass b/meta/classes- > > recipe/kernel.bbclass > > index > > > 64a685a964dab942db05b8d9e08cc22a3bbb152e..4a82b84d479667bf4a6e64ad3e99d934c6868b98 > 100644 > > --- a/meta/classes-recipe/kernel.bbclass > > +++ b/meta/classes-recipe/kernel.bbclass > > @@ -867,3 +867,41 @@ EXPORT_FUNCTIONS do_deploy > > > > # Add using Device Tree support > > inherit kernel-devicetree > > + > > + > > +# Add QA test to check some required/forbidden kernel configs are > > set or not. > > +QA_KERNEL_CONFIGS_REQUIRED ??= "" > > +QA_KERNEL_CONFIGS_FORBIDDEN ??= "" > > + > > +WARN_QA:append = " kernel-config" > > + > > +QARECIPETEST[kernel-config] = "package_qa_check_kernel_config" > > +def package_qa_check_kernel_config(pn, d): > > + from pathlib import Path > > + import re > > + > > + config_path = Path(d.getVar("B"), ".config") > > + if not config_path.exists(): > > + oe.qa.handle_error("kernel-config", > > + "Kernel configs have not been checked "\ > > + "as the kernel .config is not found: "\ > > + "%s." % config_path) > > + return > > + > > + config_list = {} > > + with config_path.open('r') as f_config: > > + for line in f_config.read().splitlines(): > > + configset = re.match(r'# (\w+) is not set| > > (\w+)=([ymn])', line) > > + if configset is not None: > > + if configset.group(1) is not None: > > + config_list[configset.group(1)] = "n" > > + else: > > + config_list[configset.group(2)] = > > configset.group(3) > > + > > + for conf in d.getVar("QA_KERNEL_CONFIGS_REQUIRED").split(): > > + if conf not in config_list or config_list[conf] == "n": > > + oe.qa.handle_error("kernel-config", "Kernel config is > > required: %s" % conf, d) > > + > > + for conf in d.getVar("QA_KERNEL_CONFIGS_FORBIDDEN").split(): > > + if conf in config_list and config_list[conf] in "ym": > > + oe.qa.handle_error("kernel-config", "Kernel config is > > forbidden: %s" % conf, d) > > > > --- > > base-commit: b72823fc09674f78ad452250f453f6e47d9444de > > change-id: 20250306-qa_kernel-061a37e316c4 > > > > Best regards, > > -- > > Louis Rannou <louis.rannou@syslinbit.com > > <mailto:louis.rannou@syslinbit.com>> > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#212394): https://lists.openembedded.org/g/ > > openembedded-core/message/212394 <https://lists.openembedded.org/g/ > > openembedded-core/message/212394> > > Mute This Topic: https://lists.openembedded.org/mt/111549046/1050810 > > <https://lists.openembedded.org/mt/111549046/1050810> > > Group Owner: openembedded-core+owner@lists.openembedded.org > > <mailto:openembedded-core%2Bowner@lists.openembedded.org> > > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/ > > unsub <https://lists.openembedded.org/g/openembedded-core/unsub> > > [bruce.ashfield@gmail.com <mailto:bruce.ashfield@gmail.com>] > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > -- > > - Thou shalt not follow the NULL pointer, for chaos and madness await > > thee at its end > > - "Use the force Harry" - Gandalf, Star Trek II > > > >
On 07/03/2025 14:54, Bruce Ashfield wrote: > > > On Fri, Mar 7, 2025 at 2:45 AM Louis Rannou <louis.rannou@syslinbit.com > <mailto:louis.rannou@syslinbit.com>> wrote: > > > > On 06/03/2025 16:36, Bruce Ashfield wrote: > > > > > > On Thu, Mar 6, 2025 at 10:04 AM Louis Rannou via > lists.openembedded.org <http://lists.openembedded.org> > > <http://lists.openembedded.org <http://lists.openembedded.org>> > > <louis.rannou=syslinbit.com@lists.openembedded.org > <mailto:syslinbit.com@lists.openembedded.org> > > <mailto:syslinbit.com@lists.openembedded.org > <mailto:syslinbit.com@lists.openembedded.org>>> wrote: > > > > From: Louis Rannou <louis.rannou@non.se.com > <mailto:louis.rannou@non.se.com> > > <mailto:louis.rannou@non.se.com > <mailto:louis.rannou@non.se.com>>> > > > > Add a QARECIPETEST kernel-config to the kernel to check the > kernel > > config has > > set (or unset) config listed in variables > QA_KERNEL_CONFIGS_REQUIRED (or > > QA_KERNEL_CONFIGS_FORBIDDEN). > > > > > > We already have audit tools that can do this, the approach of opening > > the .config, iterating and then hard binding ourselves to the > very specific > > kernel configuration names has been considered and rejected many > > times. > > > > What exactly isn't working with the already supported mechanism ? > > My ignorance I suppose. I didn't know about the audit phase and > kernel-cache. I guess I have to read the doc... > > > If it doesn't work for your use case, or is otherwise causing issues, let > me know and I'll make changes as required. Thanks, the main issue for us is that it does not handle in-tree kernel configs such as hardening.config https://web.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/kernel/configs/hardening.config Louis > > I've taken a note to pull together a short presentation on this, as more > documentation/examples can only be a good thing. > > Cheers, > > Bruce > > > Louis > > > > > Bruce > > > > Signed-off-by: Louis Rannou <louis.rannou@non.se.com > <mailto:louis.rannou@non.se.com> > > <mailto:louis.rannou@non.se.com > <mailto:louis.rannou@non.se.com>>> > > --- > > meta/classes-recipe/kernel.bbclass | 38 +++++++++++++++++++ > +++++++ > > ++++++++++++ > > 1 file changed, 38 insertions(+) > > > > diff --git a/meta/classes-recipe/kernel.bbclass b/meta/classes- > > recipe/kernel.bbclass > > index > > > 64a685a964dab942db05b8d9e08cc22a3bbb152e..4a82b84d479667bf4a6e64ad3e99d934c6868b98 100644 > > --- a/meta/classes-recipe/kernel.bbclass > > +++ b/meta/classes-recipe/kernel.bbclass > > @@ -867,3 +867,41 @@ EXPORT_FUNCTIONS do_deploy > > > > # Add using Device Tree support > > inherit kernel-devicetree > > + > > + > > +# Add QA test to check some required/forbidden kernel > configs are > > set or not. > > +QA_KERNEL_CONFIGS_REQUIRED ??= "" > > +QA_KERNEL_CONFIGS_FORBIDDEN ??= "" > > + > > +WARN_QA:append = " kernel-config" > > + > > +QARECIPETEST[kernel-config] = "package_qa_check_kernel_config" > > +def package_qa_check_kernel_config(pn, d): > > + from pathlib import Path > > + import re > > + > > + config_path = Path(d.getVar("B"), ".config") > > + if not config_path.exists(): > > + oe.qa.handle_error("kernel-config", > > + "Kernel configs have not been > checked "\ > > + "as the kernel .config is not > found: "\ > > + "%s." % config_path) > > + return > > + > > + config_list = {} > > + with config_path.open('r') as f_config: > > + for line in f_config.read().splitlines(): > > + configset = re.match(r'# (\w+) is not set| > > (\w+)=([ymn])', line) > > + if configset is not None: > > + if configset.group(1) is not None: > > + config_list[configset.group(1)] = "n" > > + else: > > + config_list[configset.group(2)] = > > configset.group(3) > > + > > + for conf in d.getVar("QA_KERNEL_CONFIGS_REQUIRED").split(): > > + if conf not in config_list or config_list[conf] == "n": > > + oe.qa.handle_error("kernel-config", "Kernel > config is > > required: %s" % conf, d) > > + > > + for conf in d.getVar("QA_KERNEL_CONFIGS_FORBIDDEN").split(): > > + if conf in config_list and config_list[conf] in "ym": > > + oe.qa.handle_error("kernel-config", "Kernel > config is > > forbidden: %s" % conf, d) > > > > --- > > base-commit: b72823fc09674f78ad452250f453f6e47d9444de > > change-id: 20250306-qa_kernel-061a37e316c4 > > > > Best regards, > > -- > > Louis Rannou <louis.rannou@syslinbit.com > <mailto:louis.rannou@syslinbit.com> > > <mailto:louis.rannou@syslinbit.com > <mailto:louis.rannou@syslinbit.com>>> > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > Links: You receive all messages sent to this group. > > View/Reply Online (#212394): https://lists.openembedded.org/ > g/ <https://lists.openembedded.org/g/> > > openembedded-core/message/212394 <https:// > lists.openembedded.org/g/ <https://lists.openembedded.org/g/> > > openembedded-core/message/212394> > > Mute This Topic: https://lists.openembedded.org/ > mt/111549046/1050810 <https://lists.openembedded.org/ > mt/111549046/1050810> > > <https://lists.openembedded.org/mt/111549046/1050810 > <https://lists.openembedded.org/mt/111549046/1050810>> > > Group Owner: openembedded-core+owner@lists.openembedded.org > <mailto:openembedded-core%2Bowner@lists.openembedded.org> > > <mailto:openembedded-core%2Bowner@lists.openembedded.org > <mailto:openembedded-core%252Bowner@lists.openembedded.org>> > > Unsubscribe: https://lists.openembedded.org/g/openembedded- > core/ <https://lists.openembedded.org/g/openembedded-core/> > > unsub <https://lists.openembedded.org/g/openembedded-core/ > unsub <https://lists.openembedded.org/g/openembedded-core/unsub>> > > [bruce.ashfield@gmail.com <mailto:bruce.ashfield@gmail.com> > <mailto:bruce.ashfield@gmail.com <mailto:bruce.ashfield@gmail.com>>] > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > -- > > - Thou shalt not follow the NULL pointer, for chaos and madness > await > > thee at its end > > - "Use the force Harry" - Gandalf, Star Trek II > > > > > > -- > - Thou shalt not follow the NULL pointer, for chaos and madness await > thee at its end > - "Use the force Harry" - Gandalf, Star Trek II >
On Mon, Mar 10, 2025 at 12:38 PM Louis Rannou <louis.rannou@syslinbit.com> wrote: > > > On 07/03/2025 14:54, Bruce Ashfield wrote: > > > > > > On Fri, Mar 7, 2025 at 2:45 AM Louis Rannou <louis.rannou@syslinbit.com > > <mailto:louis.rannou@syslinbit.com>> wrote: > > > > > > > > On 06/03/2025 16:36, Bruce Ashfield wrote: > > > > > > > > > On Thu, Mar 6, 2025 at 10:04 AM Louis Rannou via > > lists.openembedded.org <http://lists.openembedded.org> > > > <http://lists.openembedded.org <http://lists.openembedded.org>> > > > <louis.rannou=syslinbit.com@lists.openembedded.org > > <mailto:syslinbit.com@lists.openembedded.org> > > > <mailto:syslinbit.com@lists.openembedded.org > > <mailto:syslinbit.com@lists.openembedded.org>>> wrote: > > > > > > From: Louis Rannou <louis.rannou@non.se.com > > <mailto:louis.rannou@non.se.com> > > > <mailto:louis.rannou@non.se.com > > <mailto:louis.rannou@non.se.com>>> > > > > > > Add a QARECIPETEST kernel-config to the kernel to check the > > kernel > > > config has > > > set (or unset) config listed in variables > > QA_KERNEL_CONFIGS_REQUIRED (or > > > QA_KERNEL_CONFIGS_FORBIDDEN). > > > > > > > > > We already have audit tools that can do this, the approach of > opening > > > the .config, iterating and then hard binding ourselves to the > > very specific > > > kernel configuration names has been considered and rejected many > > > times. > > > > > > What exactly isn't working with the already supported mechanism ? > > > > My ignorance I suppose. I didn't know about the audit phase and > > kernel-cache. I guess I have to read the doc... > > > > > > If it doesn't work for your use case, or is otherwise causing issues, let > > me know and I'll make changes as required. > > Thanks, the main issue for us is that it does not handle in-tree kernel > configs such as hardening.config > > > https://web.git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/kernel/configs/hardening.config > > In which sense ? The meta-data handling can now apply them (I did a change about three months ago to support it). For them to be part of the audit, you then either need to increase the verbosity level of the audit or promote them to "hardware" or "required" configuration values. If you have a public layer showing an issue, I'll definitely have a look. Bruce > Louis > > > > > I've taken a note to pull together a short presentation on this, as more > > documentation/examples can only be a good thing. > > > > Cheers, > > > > Bruce > > > > > > Louis > > > > > > > > Bruce > > > > > > Signed-off-by: Louis Rannou <louis.rannou@non.se.com > > <mailto:louis.rannou@non.se.com> > > > <mailto:louis.rannou@non.se.com > > <mailto:louis.rannou@non.se.com>>> > > > --- > > > meta/classes-recipe/kernel.bbclass | 38 +++++++++++++++++++ > > +++++++ > > > ++++++++++++ > > > 1 file changed, 38 insertions(+) > > > > > > diff --git a/meta/classes-recipe/kernel.bbclass > b/meta/classes- > > > recipe/kernel.bbclass > > > index > > > > > > 64a685a964dab942db05b8d9e08cc22a3bbb152e..4a82b84d479667bf4a6e64ad3e99d934c6868b98 > 100644 > > > --- a/meta/classes-recipe/kernel.bbclass > > > +++ b/meta/classes-recipe/kernel.bbclass > > > @@ -867,3 +867,41 @@ EXPORT_FUNCTIONS do_deploy > > > > > > # Add using Device Tree support > > > inherit kernel-devicetree > > > + > > > + > > > +# Add QA test to check some required/forbidden kernel > > configs are > > > set or not. > > > +QA_KERNEL_CONFIGS_REQUIRED ??= "" > > > +QA_KERNEL_CONFIGS_FORBIDDEN ??= "" > > > + > > > +WARN_QA:append = " kernel-config" > > > + > > > +QARECIPETEST[kernel-config] = > "package_qa_check_kernel_config" > > > +def package_qa_check_kernel_config(pn, d): > > > + from pathlib import Path > > > + import re > > > + > > > + config_path = Path(d.getVar("B"), ".config") > > > + if not config_path.exists(): > > > + oe.qa.handle_error("kernel-config", > > > + "Kernel configs have not been > > checked "\ > > > + "as the kernel .config is not > > found: "\ > > > + "%s." % config_path) > > > + return > > > + > > > + config_list = {} > > > + with config_path.open('r') as f_config: > > > + for line in f_config.read().splitlines(): > > > + configset = re.match(r'# (\w+) is not set| > > > (\w+)=([ymn])', line) > > > + if configset is not None: > > > + if configset.group(1) is not None: > > > + config_list[configset.group(1)] = "n" > > > + else: > > > + config_list[configset.group(2)] = > > > configset.group(3) > > > + > > > + for conf in > d.getVar("QA_KERNEL_CONFIGS_REQUIRED").split(): > > > + if conf not in config_list or config_list[conf] == > "n": > > > + oe.qa.handle_error("kernel-config", "Kernel > > config is > > > required: %s" % conf, d) > > > + > > > + for conf in > d.getVar("QA_KERNEL_CONFIGS_FORBIDDEN").split(): > > > + if conf in config_list and config_list[conf] in "ym": > > > + oe.qa.handle_error("kernel-config", "Kernel > > config is > > > forbidden: %s" % conf, d) > > > > > > --- > > > base-commit: b72823fc09674f78ad452250f453f6e47d9444de > > > change-id: 20250306-qa_kernel-061a37e316c4 > > > > > > Best regards, > > > -- > > > Louis Rannou <louis.rannou@syslinbit.com > > <mailto:louis.rannou@syslinbit.com> > > > <mailto:louis.rannou@syslinbit.com > > <mailto:louis.rannou@syslinbit.com>>> > > > > > > > > > -=-=-=-=-=-=-=-=-=-=-=- > > > Links: You receive all messages sent to this group. > > > View/Reply Online (#212394): https://lists.openembedded.org/ > > g/ <https://lists.openembedded.org/g/> > > > openembedded-core/message/212394 <https:// > > lists.openembedded.org/g/ <https://lists.openembedded.org/g/> > > > openembedded-core/message/212394> > > > Mute This Topic: https://lists.openembedded.org/ > > mt/111549046/1050810 <https://lists.openembedded.org/ > > mt/111549046/1050810> > > > <https://lists.openembedded.org/mt/111549046/1050810 > > <https://lists.openembedded.org/mt/111549046/1050810>> > > > Group Owner: openembedded-core+owner@lists.openembedded.org > > <mailto:openembedded-core%2Bowner@lists.openembedded.org> > > > <mailto:openembedded-core%2Bowner@lists.openembedded.org > > <mailto:openembedded-core%252Bowner@lists.openembedded.org>> > > > Unsubscribe: https://lists.openembedded.org/g/openembedded- > > core/ <https://lists.openembedded.org/g/openembedded-core/> > > > unsub <https://lists.openembedded.org/g/openembedded-core/ > > unsub <https://lists.openembedded.org/g/openembedded-core/unsub>> > > > [bruce.ashfield@gmail.com <mailto:bruce.ashfield@gmail.com> > > <mailto:bruce.ashfield@gmail.com <mailto:bruce.ashfield@gmail.com>>] > > > -=-=-=-=-=-=-=-=-=-=-=- > > > > > > > > > > > > -- > > > - Thou shalt not follow the NULL pointer, for chaos and madness > > await > > > thee at its end > > > - "Use the force Harry" - Gandalf, Star Trek II > > > > > > > > > > > -- > > - Thou shalt not follow the NULL pointer, for chaos and madness await > > thee at its end > > - "Use the force Harry" - Gandalf, Star Trek II > > > >
diff --git a/meta/classes-recipe/kernel.bbclass b/meta/classes-recipe/kernel.bbclass index 64a685a964dab942db05b8d9e08cc22a3bbb152e..4a82b84d479667bf4a6e64ad3e99d934c6868b98 100644 --- a/meta/classes-recipe/kernel.bbclass +++ b/meta/classes-recipe/kernel.bbclass @@ -867,3 +867,41 @@ EXPORT_FUNCTIONS do_deploy # Add using Device Tree support inherit kernel-devicetree + + +# Add QA test to check some required/forbidden kernel configs are set or not. +QA_KERNEL_CONFIGS_REQUIRED ??= "" +QA_KERNEL_CONFIGS_FORBIDDEN ??= "" + +WARN_QA:append = " kernel-config" + +QARECIPETEST[kernel-config] = "package_qa_check_kernel_config" +def package_qa_check_kernel_config(pn, d): + from pathlib import Path + import re + + config_path = Path(d.getVar("B"), ".config") + if not config_path.exists(): + oe.qa.handle_error("kernel-config", + "Kernel configs have not been checked "\ + "as the kernel .config is not found: "\ + "%s." % config_path) + return + + config_list = {} + with config_path.open('r') as f_config: + for line in f_config.read().splitlines(): + configset = re.match(r'# (\w+) is not set|(\w+)=([ymn])', line) + if configset is not None: + if configset.group(1) is not None: + config_list[configset.group(1)] = "n" + else: + config_list[configset.group(2)] = configset.group(3) + + for conf in d.getVar("QA_KERNEL_CONFIGS_REQUIRED").split(): + if conf not in config_list or config_list[conf] == "n": + oe.qa.handle_error("kernel-config", "Kernel config is required: %s" % conf, d) + + for conf in d.getVar("QA_KERNEL_CONFIGS_FORBIDDEN").split(): + if conf in config_list and config_list[conf] in "ym": + oe.qa.handle_error("kernel-config", "Kernel config is forbidden: %s" % conf, d)