projects
/
kconfig-hardened-check.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Update github actions
[kconfig-hardened-check.git]
/
kernel_hardening_checker
/
engine.py
diff --git
a/kernel_hardening_checker/engine.py
b/kernel_hardening_checker/engine.py
index 4e4eee91b413c1b1f1408b92645e285a9aab1539..8ba34ef9a96949b392c1409eeef8966d42ad0c29 100644
(file)
--- a/
kernel_hardening_checker/engine.py
+++ b/
kernel_hardening_checker/engine.py
@@
-57,6
+57,16
@@
class OptCheck:
self.state = None
self.result = None
self.state = None
self.result = None
+ @property
+ def type(self):
+ return None
+
+ def set_state(self, data):
+ if data:
+ assert(isinstance(data, str)), \
+ f'invalid state "{data}" for "{self.name}" check'
+ self.state = data
+
def check(self):
# handle the 'is present' check
if self.expected == 'is present':
def check(self):
# handle the 'is present' check
if self.expected == 'is present':
@@
-104,7
+114,7
@@
class OptCheck:
class KconfigCheck(OptCheck):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
class KconfigCheck(OptCheck):
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
- self.name =
'CONFIG_' + self.name
+ self.name =
f'CONFIG_{self.name}'
@property
def type(self):
@property
def type(self):
@@
-125,8
+135,8
@@
class SysctlCheck(OptCheck):
class VersionCheck:
def __init__(self, ver_expected):
class VersionCheck:
def __init__(self, ver_expected):
- assert(ver_expected and isinstance(ver_expected, tuple) and len(ver_expected) ==
2
), \
- f'invalid version "{ver_expected}" for VersionCheck'
+ assert(ver_expected and isinstance(ver_expected, tuple) and len(ver_expected) ==
3
), \
+ f'invalid
expected
version "{ver_expected}" for VersionCheck'
self.ver_expected = ver_expected
self.ver = ()
self.result = None
self.ver_expected = ver_expected
self.ver = ()
self.result = None
@@
-135,6
+145,11
@@
class VersionCheck:
def type(self):
return 'version'
def type(self):
return 'version'
+ def set_state(self, data):
+ assert(data and isinstance(data, tuple) and len(data) >= 3), \
+ f'invalid version "{data}" for VersionCheck'
+ self.ver = data[:3]
+
def check(self):
if self.ver[0] > self.ver_expected[0]:
self.result = f'OK: version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
def check(self):
if self.ver[0] > self.ver_expected[0]:
self.result = f'OK: version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
@@
-179,7
+194,8
@@
class ComplexOptCheck:
def table_print(self, mode, with_results):
if mode == 'verbose':
def table_print(self, mode, with_results):
if mode == 'verbose':
- print(f' {"<<< " + self.__class__.__name__ + " >>>":87}', end='')
+ class_name = f'<<< {self.__class__.__name__} >>>'
+ print(f' {class_name:87}', end='')
if with_results:
print(f'| {colorize_result(self.result)}', end='')
for o in self.opts:
if with_results:
print(f'| {colorize_result(self.result)}', end='')
for o in self.opts:
@@
-275,11
+291,11
@@
def populate_simple_opt_with_data(opt, data, data_type):
return
if data_type in ('kconfig', 'cmdline', 'sysctl'):
return
if data_type in ('kconfig', 'cmdline', 'sysctl'):
- opt.s
tate = data.get(opt.name, None
)
+ opt.s
et_state(data.get(opt.name, None)
)
else:
assert(data_type == 'version'), \
f'unexpected data type "{data_type}"'
else:
assert(data_type == 'version'), \
f'unexpected data type "{data_type}"'
- opt.
ver = data
+ opt.
set_state(data)
def populate_opt_with_data(opt, data, data_type):
def populate_opt_with_data(opt, data, data_type):