From: Bruce Ashfield Date: Thu, 7 Nov 2024 02:29:08 +0000 (-0500) Subject: kernel-yocto: allow cfg fragments to be specified as required X-Git-Tag: yocto-5.2~1407 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=0a84a3dd00543adffdef4fcf5381faab2984541e;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git kernel-yocto: allow cfg fragments to be specified as required When .scc files are used, a configuration fragment can be declared as "hardware" (required) or "non-hardware" (optional). By default the configuration audit only warns about hardware options. We can extend that default level of auditing to configuration fragments that are on the SRC_URI or in KERNEL_FEATURES by adding the ability to put a specifier after the fragment. i.e. KERNEL_FEATURES:append = 'hardening.config:required' This is particular useful for fragments that are outside of the kernel-cache (in a layer, in a kernel tree, etc) Signed-off-by: Bruce Ashfield Signed-off-by: Richard Purdie --- diff --git a/meta/classes-recipe/kernel-yocto.bbclass b/meta/classes-recipe/kernel-yocto.bbclass index 66602d35940..e73adcc725b 100644 --- a/meta/classes-recipe/kernel-yocto.bbclass +++ b/meta/classes-recipe/kernel-yocto.bbclass @@ -271,6 +271,9 @@ do_kernel_metadata() { KERNEL_FEATURES_FINAL="" if [ -n "${KERNEL_FEATURES}" ]; then for feature in ${KERNEL_FEATURES}; do + feature_as_specified="$feature" + feature="$(echo $feature_as_specified | cut -d: -f1)" + feature_specifier="$(echo $feature_as_specified | cut -d: -f2)" feature_found=f for d in $includes; do path_to_check=$(echo $d | sed 's/^-I//') @@ -288,7 +291,7 @@ do_kernel_metadata() { bbfatal_log "Set KERNEL_DANGLING_FEATURES_WARN_ONLY to ignore this issue" fi else - KERNEL_FEATURES_FINAL="$KERNEL_FEATURES_FINAL $feature" + KERNEL_FEATURES_FINAL="$KERNEL_FEATURES_FINAL $feature_as_specified" fi done fi