X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kconfig_hardened_check%2F__init__.py;h=8f244985ecbb4d55f6ee53426e9ac6462d9eeb7f;hb=90b7e8cd79accaee3ec9b535947c15c860163be3;hp=ed4746bef61773a3c656de07643f971ae3936740;hpb=798f7d4570224f03e21cceea10d5b6b3c5260da1;p=kconfig-hardened-check.git

diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py
index ed4746b..8f24498 100644
--- a/kconfig_hardened_check/__init__.py
+++ b/kconfig_hardened_check/__init__.py
@@ -1,8 +1,5 @@
 #!/usr/bin/python3
 
-
-# pylint: disable=missing-module-docstring,missing-class-docstring,missing-function-docstring
-# pylint: disable=line-too-long,invalid-name,too-many-branches,too-many-statements
 """
 This tool helps me to check Linux kernel options against
 my security hardening preferences for X86_64, ARM64, X86_32, and ARM.
@@ -13,6 +10,7 @@ Author: Alexander Popov <alex.popov@linux.com>
 This module performs input/output.
 """
 
+# pylint: disable=missing-function-docstring,line-too-long,invalid-name,too-many-branches,too-many-statements
 
 import sys
 from argparse import ArgumentParser
@@ -32,11 +30,11 @@ def detect_arch(fname, archs):
             if arch_pattern.match(line):
                 option, _ = line[7:].split('=', 1)
                 if option in archs:
-                    if not arch:
+                    if arch is None:
                         arch = option
                     else:
                         return None, 'more than one supported architecture is detected'
-        if not arch:
+        if arch is None:
             return None, 'failed to detect architecture'
         return arch, 'OK'
 
@@ -51,7 +49,7 @@ def detect_kernel_version(fname):
                 ver_str = parts[2]
                 ver_numbers = ver_str.split('.')
                 if len(ver_numbers) < 3 or not ver_numbers[0].isdigit() or not ver_numbers[1].isdigit():
-                    msg = 'failed to parse the version "' + ver_str + '"'
+                    msg = f'failed to parse the version "{ver_str}"'
                     return None, msg
                 return (int(ver_numbers[0]), int(ver_numbers[1])), None
         return None, 'no kernel version detected'
@@ -68,7 +66,7 @@ def detect_compiler(fname):
                 gcc_version = line[19:-1]
             if clang_version_pattern.match(line):
                 clang_version = line[21:-1]
-    if not gcc_version or not clang_version:
+    if gcc_version is None or clang_version is None:
         return None, 'no CONFIG_GCC_VERSION or CONFIG_CLANG_VERSION'
     if gcc_version == '0' and clang_version != '0':
         return 'CLANG ' + clang_version, 'OK'
@@ -103,8 +101,8 @@ def print_unknown_options(checklist, parsed_options):
 def print_checklist(mode, checklist, with_results):
     if mode == 'json':
         output = []
-        for o in checklist:
-            output.append(o.json_dump(with_results))
+        for opt in checklist:
+            output.append(opt.json_dump(with_results))
         print(json.dumps(output))
         return
 
@@ -113,7 +111,7 @@ def print_checklist(mode, checklist, with_results):
     if with_results:
         sep_line_len += 30
     print('=' * sep_line_len)
-    print(f"{'option name':^40}|{'type':^7}|{'desired val':^12}|{'decision':^10}|{'reason':^18}", end='')
+    print(f'{"option name":^40}|{"type":^7}|{"desired val":^12}|{"decision":^10}|{"reason":^18}', end='')
     if with_results:
         print('| check result', end='')
     print()
@@ -144,8 +142,7 @@ def print_checklist(mode, checklist, with_results):
             fail_suppressed = ' (suppressed in output)'
         if mode == 'show_fail':
             ok_suppressed = ' (suppressed in output)'
-        if mode != 'json':
-            print(f'[+] Config check is finished: \'OK\' - {ok_count}{ok_suppressed} / \'FAIL\' - {fail_count}{fail_suppressed}')
+        print(f'[+] Config check is finished: \'OK\' - {ok_count}{ok_suppressed} / \'FAIL\' - {fail_count}{fail_suppressed}')
 
 
 def parse_kconfig_file(parsed_options, fname):
@@ -232,13 +229,13 @@ def main():
                 print(f'[+] Kernel cmdline file to check: {args.cmdline}')
 
         arch, msg = detect_arch(args.config, supported_archs)
-        if not arch:
+        if arch is None:
             sys.exit(f'[!] ERROR: {msg}')
         if mode != 'json':
             print(f'[+] Detected architecture: {arch}')
 
         kernel_version, msg = detect_kernel_version(args.config)
-        if not kernel_version:
+        if kernel_version is None:
             sys.exit(f'[!] ERROR: {msg}')
         if mode != 'json':
             print(f'[+] Detected kernel version: {kernel_version[0]}.{kernel_version[1]}')
@@ -261,10 +258,12 @@ def main():
         parsed_kconfig_options = OrderedDict()
         parse_kconfig_file(parsed_kconfig_options, args.config)
         populate_with_data(config_checklist, parsed_kconfig_options, 'kconfig')
+
+        # populate the checklist with the kernel version data
         populate_with_data(config_checklist, kernel_version, 'version')
 
         if args.cmdline:
-            # populate the checklist with the parsed kconfig data
+            # populate the checklist with the parsed cmdline data
             parsed_cmdline_options = OrderedDict()
             parse_cmdline_file(parsed_cmdline_options, args.cmdline)
             populate_with_data(config_checklist, parsed_cmdline_options, 'cmdline')