X-Git-Url: https://jxself.org/git/?a=blobdiff_plain;f=kconfig_hardened_check%2Fengine.py;h=63087400bb57b21dd160b78ab243c921b9ee930c;hb=90b7e8cd79accaee3ec9b535947c15c860163be3;hp=b458d29ac35870196d6e2ead615d98fe2f473a08;hpb=328a89c7703915bc9c8eb6e66eebb6944caf94bb;p=kconfig-hardened-check.git

diff --git a/kconfig_hardened_check/engine.py b/kconfig_hardened_check/engine.py
index b458d29..6308740 100644
--- a/kconfig_hardened_check/engine.py
+++ b/kconfig_hardened_check/engine.py
@@ -1,7 +1,17 @@
 #!/usr/bin/python3
 
-# pylint: disable=missing-module-docstring,missing-class-docstring,missing-function-docstring
-# pylint: disable=line-too-long,invalid-name,too-many-branches,too-many-statements
+"""
+This tool helps me to check Linux kernel options against
+my security hardening preferences for X86_64, ARM64, X86_32, and ARM.
+Let the computers do their job!
+
+Author: Alexander Popov <alex.popov@linux.com>
+
+This module is the engine of checks.
+"""
+
+# pylint: disable=missing-class-docstring,missing-function-docstring
+# pylint: disable=line-too-long,invalid-name,too-many-branches
 
 
 class OptCheck:
@@ -52,12 +62,12 @@ class OptCheck:
         if self.expected == 'is not off':
             if self.state == 'off':
                 self.result = 'FAIL: is off'
-            if self.state == '0':
+            elif self.state == '0':
                 self.result = 'FAIL: is off, "0"'
             elif self.state is None:
                 self.result = 'FAIL: is off, not found'
             else:
-                self.result = 'OK: is not off, "' + self.state + '"'
+                self.result = f'OK: is not off, "{self.state}"'
             return
 
         # handle the option value check
@@ -69,7 +79,7 @@ class OptCheck:
             else:
                 self.result = 'FAIL: is not found'
         else:
-            self.result = 'FAIL: "' + self.state + '"'
+            self.result = f'FAIL: "{self.state}"'
 
     def table_print(self, _mode, with_results):
         print(f'{self.name:<40}|{self.type:^7}|{self.expected:^12}|{self.decision:^10}|{self.reason:^18}', end='')
@@ -113,18 +123,18 @@ class VersionCheck:
 
     def check(self):
         if self.ver[0] > self.ver_expected[0]:
-            self.result = 'OK: version >= ' + str(self.ver_expected[0]) + '.' + str(self.ver_expected[1])
+            self.result = f'OK: version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
             return
         if self.ver[0] < self.ver_expected[0]:
-            self.result = 'FAIL: version < ' + str(self.ver_expected[0]) + '.' + str(self.ver_expected[1])
+            self.result = f'FAIL: version < {self.ver_expected[0]}.{self.ver_expected[1]}'
             return
         if self.ver[1] >= self.ver_expected[1]:
-            self.result = 'OK: version >= ' + str(self.ver_expected[0]) + '.' + str(self.ver_expected[1])
+            self.result = f'OK: version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
             return
-        self.result = 'FAIL: version < ' + str(self.ver_expected[0]) + '.' + str(self.ver_expected[1])
+        self.result = f'FAIL: version < {self.ver_expected[0]}.{self.ver_expected[1]}'
 
     def table_print(self, _mode, with_results):
-        ver_req = 'kernel version >= ' + str(self.ver_expected[0]) + '.' + str(self.ver_expected[1])
+        ver_req = f'kernel version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
         print(f'{ver_req:<91}', end='')
         if with_results:
             print(f'| {self.result}', end='')
@@ -155,7 +165,7 @@ class ComplexOptCheck:
 
     def table_print(self, mode, with_results):
         if mode == 'verbose':
-            print(f"    {'<<< ' + self.__class__.__name__ + ' >>>':87}", end='')
+            print(f'    {"<<< " + self.__class__.__name__ + " >>>":87}', end='')
             if with_results:
                 print(f'| {self.result}', end='')
             for o in self.opts: