# pylint: disable=missing-function-docstring,line-too-long,invalid-name,too-many-branches,too-many-statements
+import gzip
import sys
from argparse import ArgumentParser
from collections import OrderedDict
from .engine import populate_with_data, perform_checks
+def _open(file: str, *args, **kwargs):
+ open_method = open
+ if file.endswith(".gz"):
+ open_method = gzip.open
+
+ return open_method(file, *args, **kwargs)
+
+
def detect_arch(fname, archs):
- with open(fname, 'r', encoding='utf-8') as f:
+ with _open(fname, 'rt', encoding='utf-8') as f:
arch_pattern = re.compile("CONFIG_[a-zA-Z0-9_]*=y")
arch = None
for line in f.readlines():
def detect_kernel_version(fname):
- with open(fname, 'r', encoding='utf-8') as f:
+ with _open(fname, 'rt', encoding='utf-8') as f:
ver_pattern = re.compile("# Linux/.* Kernel Configuration")
for line in f.readlines():
if ver_pattern.match(line):
def detect_compiler(fname):
gcc_version = None
clang_version = None
- with open(fname, 'r', encoding='utf-8') as f:
+ with _open(fname, 'rt', encoding='utf-8') as f:
gcc_version_pattern = re.compile("CONFIG_GCC_VERSION=[0-9]*")
clang_version_pattern = re.compile("CONFIG_CLANG_VERSION=[0-9]*")
for line in f.readlines():
def print_checklist(mode, checklist, with_results):
if mode == 'json':
output = []
- for o in checklist:
- output.append(o.json_dump(with_results))
+ for opt in checklist:
+ output.append(opt.json_dump(with_results))
print(json.dumps(output))
return
def parse_kconfig_file(parsed_options, fname):
- with open(fname, 'r', encoding='utf-8') as f:
+ with _open(fname, 'rt', encoding='utf-8') as f:
opt_is_on = re.compile("CONFIG_[a-zA-Z0-9_]*=[a-zA-Z0-9_\"]*")
opt_is_off = re.compile("# CONFIG_[a-zA-Z0-9_]* is not set")
parser.add_argument('-p', '--print', choices=supported_archs,
help='print security hardening preferences for the selected architecture')
parser.add_argument('-c', '--config',
- help='check the kernel kconfig file against these preferences')
+ help='check the kernel kconfig file against these preferences (also supports *.gz files)')
parser.add_argument('-l', '--cmdline',
help='check the kernel cmdline file against these preferences')
parser.add_argument('-m', '--mode', choices=report_modes,
parsed_kconfig_options = OrderedDict()
parse_kconfig_file(parsed_kconfig_options, args.config)
populate_with_data(config_checklist, parsed_kconfig_options, 'kconfig')
+
+ # populate the checklist with the kernel version data
populate_with_data(config_checklist, kernel_version, 'version')
if args.cmdline:
- # populate the checklist with the parsed kconfig data
+ # populate the checklist with the parsed cmdline data
parsed_cmdline_options = OrderedDict()
parse_cmdline_file(parsed_cmdline_options, args.cmdline)
populate_with_data(config_checklist, parsed_cmdline_options, 'cmdline')