projects
/
kconfig-hardened-check.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
cf03f17
)
Implement the set_state() method of the check classes
author
Alexander Popov
<alex.popov@linux.com>
Sat, 9 Mar 2024 18:53:47 +0000
(21:53 +0300)
committer
Alexander Popov
<alex.popov@linux.com>
Sat, 9 Mar 2024 21:12:24 +0000
(
00:12
+0300)
Refers to #88, #89, #97
kernel_hardening_checker/engine.py
patch
|
blob
|
history
diff --git
a/kernel_hardening_checker/engine.py
b/kernel_hardening_checker/engine.py
index f52c446294f147dd00fd7934bcb1a7eb3f78d91e..8ba34ef9a96949b392c1409eeef8966d42ad0c29 100644
(file)
--- a/
kernel_hardening_checker/engine.py
+++ b/
kernel_hardening_checker/engine.py
@@
-61,6
+61,12
@@
class OptCheck:
def type(self):
return None
def type(self):
return None
+ def set_state(self, data):
+ if data:
+ assert(isinstance(data, str)), \
+ f'invalid state "{data}" for "{self.name}" check'
+ self.state = data
+
def check(self):
# handle the 'is present' check
if self.expected == 'is present':
def check(self):
# handle the 'is present' check
if self.expected == 'is present':
@@
-130,7
+136,7
@@
class SysctlCheck(OptCheck):
class VersionCheck:
def __init__(self, ver_expected):
assert(ver_expected and isinstance(ver_expected, tuple) and len(ver_expected) == 3), \
class VersionCheck:
def __init__(self, ver_expected):
assert(ver_expected and isinstance(ver_expected, tuple) and len(ver_expected) == 3), \
- f'invalid version "{ver_expected}" for VersionCheck'
+ f'invalid
expected
version "{ver_expected}" for VersionCheck'
self.ver_expected = ver_expected
self.ver = ()
self.result = None
self.ver_expected = ver_expected
self.ver = ()
self.result = None
@@
-139,6
+145,11
@@
class VersionCheck:
def type(self):
return 'version'
def type(self):
return 'version'
+ def set_state(self, data):
+ assert(data and isinstance(data, tuple) and len(data) >= 3), \
+ f'invalid version "{data}" for VersionCheck'
+ self.ver = data[:3]
+
def check(self):
if self.ver[0] > self.ver_expected[0]:
self.result = f'OK: version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
def check(self):
if self.ver[0] > self.ver_expected[0]:
self.result = f'OK: version >= {self.ver_expected[0]}.{self.ver_expected[1]}'
@@
-280,11
+291,11
@@
def populate_simple_opt_with_data(opt, data, data_type):
return
if data_type in ('kconfig', 'cmdline', 'sysctl'):
return
if data_type in ('kconfig', 'cmdline', 'sysctl'):
- opt.s
tate = data.get(opt.name, None
)
+ opt.s
et_state(data.get(opt.name, None)
)
else:
assert(data_type == 'version'), \
f'unexpected data type "{data_type}"'
else:
assert(data_type == 'version'), \
f'unexpected data type "{data_type}"'
- opt.
ver = data
+ opt.
set_state(data)
def populate_opt_with_data(opt, data, data_type):
def populate_opt_with_data(opt, data, data_type):