From: Bruce Ashfield <[email protected]> When .scc files are used, a configuration fragment can be declared as "hardware" (required) or "non-hardware" (optional).
By default the configuration audit only warns about hardware options. We can extend that default level of auditing to configuration fragments that are on the SRC_URI or in KERNEL_FEATURES by adding the ability to put a specifier after the fragment. i.e. KERNEL_FEATURES:append = 'hardening.config:required' This is particular useful for fragments that are outside of the kernel-cache (in a layer, in a kernel tree, etc) Signed-off-by: Bruce Ashfield <[email protected]> --- meta/classes-recipe/kernel-yocto.bbclass | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta/classes-recipe/kernel-yocto.bbclass b/meta/classes-recipe/kernel-yocto.bbclass index 66602d3594..e73adcc725 100644 --- a/meta/classes-recipe/kernel-yocto.bbclass +++ b/meta/classes-recipe/kernel-yocto.bbclass @@ -271,6 +271,9 @@ do_kernel_metadata() { KERNEL_FEATURES_FINAL="" if [ -n "${KERNEL_FEATURES}" ]; then for feature in ${KERNEL_FEATURES}; do + feature_as_specified="$feature" + feature="$(echo $feature_as_specified | cut -d: -f1)" + feature_specifier="$(echo $feature_as_specified | cut -d: -f2)" feature_found=f for d in $includes; do path_to_check=$(echo $d | sed 's/^-I//') @@ -288,7 +291,7 @@ do_kernel_metadata() { bbfatal_log "Set KERNEL_DANGLING_FEATURES_WARN_ONLY to ignore this issue" fi else - KERNEL_FEATURES_FINAL="$KERNEL_FEATURES_FINAL $feature" + KERNEL_FEATURES_FINAL="$KERNEL_FEATURES_FINAL $feature_as_specified" fi done fi -- 2.39.2
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#206807): https://lists.openembedded.org/g/openembedded-core/message/206807 Mute This Topic: https://lists.openembedded.org/mt/109437821/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
