kernel-yocto: allow cfg fragments to be specified as required

When .scc files are used, a configuration fragment can be declared
as "hardware" (required) or "non-hardware" (optional).

By default the configuration audit only warns about hardware
options. We can extend that default level of auditing to configuration
fragments that are on the SRC_URI or in KERNEL_FEATURES by
adding the ability to put a specifier after the fragment.

 i.e. KERNEL_FEATURES:append = 'hardening.config:required'

This is particular useful for fragments that are outside of
the kernel-cache (in a layer, in a kernel tree, etc)

Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

diff --git a/meta/classes-recipe/kernel-yocto.bbclass b/meta/classes-recipe/kernel-yocto.bbclass
index 66602d3594046e484e09c44c42ede6803e4002d9..e73adcc725bf8a2bd48999ace18eb5281ff21ec8 100644 (file)
--- a/meta/classes-recipe/kernel-yocto.bbclass
+++ b/meta/classes-recipe/kernel-yocto.bbclass
@@ -271,6 +271,9 @@ do_kernel_metadata() {
        KERNEL_FEATURES_FINAL=""
        if [ -n "${KERNEL_FEATURES}" ]; then
                for feature in ${KERNEL_FEATURES}; do
+                       feature_as_specified="$feature"
+                       feature="$(echo $feature_as_specified | cut -d: -f1)"
+                       feature_specifier="$(echo $feature_as_specified | cut -d: -f2)"
                        feature_found=f
                        for d in $includes; do
                                path_to_check=$(echo $d | sed 's/^-I//')
@@ -288,7 +291,7 @@ do_kernel_metadata() {
                                    bbfatal_log "Set KERNEL_DANGLING_FEATURES_WARN_ONLY to ignore this issue"
                                fi
                        else
-                               KERNEL_FEATURES_FINAL="$KERNEL_FEATURES_FINAL $feature"
+                               KERNEL_FEATURES_FINAL="$KERNEL_FEATURES_FINAL $feature_as_specified"
                        fi
                done
         fi