]> git.ipfire.org Git - people/stevee/pakfire.git/commitdiff
projects / people / stevee / pakfire.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b196423)
file: Skip hardening checks for firmware files
authorMichael Tremer <michael.tremer@ipfire.org>
Tue, 14 Mar 2023 18:56:20 +0000 (18:56 +0000)
committerMichael Tremer <michael.tremer@ipfire.org>
Tue, 14 Mar 2023 18:56:20 +0000 (18:56 +0000)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/libpakfire/file.c patch | blob | blame | history
src/libpakfire/include/pakfire/file.h patch | blob | blame | history

diff --git a/src/libpakfire/file.c b/src/libpakfire/file.c
index f917e7b932ee13ccd3e00800981f964d2d6d675b..d4e370e618535b2284d94f982c6010e5c7403014 100644 (file)
--- a/src/libpakfire/file.c
+++ b/src/libpakfire/file.c
@@ -1159,6 +1159,7 @@ static const struct extension {
        { "*.la", PAKFIRE_FILE_LIBTOOL_ARCHIVE },
        { "*.pm", PAKFIRE_FILE_PERL },
        { "*.pc", PAKFIRE_FILE_PKGCONFIG },
+       { "/usr/lib/firmware/*", PAKFIRE_FILE_FIRMWARE },
        { NULL , 0 },
 };
 
@@ -1675,6 +1676,10 @@ int pakfire_file_is_stripped(struct pakfire_file* file) {
                return -1;
        }
 
+       // Do not perform this check on firmware
+       if (pakfire_file_matches_class(file, PAKFIRE_FILE_FIRMWARE))
+               return 0;
+
        switch (pakfire_file_get_elf_type(file)) {
                // Do not check Relocatable Objects
                case ET_REL:
@@ -1864,6 +1869,10 @@ static int pakfire_file_hardening_check_relro(struct pakfire_file* file) {
 int pakfire_file_check_hardening(struct pakfire_file* file, int* issues) {
        int r;
 
+       // Do not perform this check on firmware
+       if (pakfire_file_matches_class(file, PAKFIRE_FILE_FIRMWARE))
+               return 0;
+
        // Return previous result if this has been run before
        if (!file->hardening_check_done) {
                switch (pakfire_file_get_elf_type(file)) {
diff --git a/src/libpakfire/include/pakfire/file.h b/src/libpakfire/include/pakfire/file.h
index 9d9b68eeaff921442811df6180f9fd4889c27dc8..d284fc82307d338f7379aa195256bb970fa0383f 100644 (file)
--- a/src/libpakfire/include/pakfire/file.h
+++ b/src/libpakfire/include/pakfire/file.h
@@ -119,6 +119,7 @@ enum pakfire_file_classes {
        PAKFIRE_FILE_PERL            = (1 << 10),
        PAKFIRE_FILE_STATIC_LIBRARY  = (1 << 11),
        PAKFIRE_FILE_LIBTOOL_ARCHIVE = (1 << 12),
+       PAKFIRE_FILE_FIRMWARE        = (1 << 13),
 };
 
 int pakfire_file_create_from_path(struct pakfire_file** file,
Stefan's tree of pakfire.