1#!/usr/bin/env python3 2 3# Copyright (c) 2019 Intel Corporation 4# SPDX-License-Identifier: Apache-2.0 5 6import csv 7import os 8 9from kconfiglib import standard_kconfig 10 11 12def hardenconfig(kconf): 13 kconf.load_config() 14 15 hardened_kconf_filename = os.path.join(os.environ['ZEPHYR_BASE'], 16 'scripts', 'kconfig', 'hardened.csv') 17 18 options = compare_with_hardened_conf(kconf, hardened_kconf_filename) 19 20 display_results(options) 21 22 23class Option: 24 25 def __init__(self, name, recommended, current=None, symbol=None): 26 self.name = name 27 self.recommended = recommended 28 self.current = current 29 self.symbol = symbol 30 31 if current is None: 32 self.result = 'NA' 33 elif recommended == current: 34 self.result = 'PASS' 35 else: 36 self.result = 'FAIL' 37 38 39def compare_with_hardened_conf(kconf, hardened_kconf_filename): 40 options = [] 41 42 with open(hardened_kconf_filename) as csvfile: 43 csvreader = csv.reader(csvfile) 44 for row in csvreader: 45 if len(row) > 1: 46 name = row[0] 47 recommended = row[1] 48 try: 49 symbol = kconf.syms[name] 50 current = symbol.str_value 51 except KeyError: 52 symbol = None 53 current = None 54 options.append(Option(name=name, current=current, 55 recommended=recommended, symbol=symbol)) 56 return options 57 58 59def display_results(options): 60 # header 61 print('{:^50}|{:^13}|{:^20}'.format('name', 'current', 'recommended'), end='') 62 print('||{:^28}\n'.format('check result'), end='') 63 print('=' * 116) 64 65 # results, only printing options that have failed for now. It simplify the readability. 66 # TODO: add command line option to show all results 67 for opt in options: 68 if opt.result == 'FAIL' and opt.symbol.visibility != 0: 69 print('CONFIG_{:<43}|{:^13}|{:^20}'.format( 70 opt.name, opt.current, opt.recommended), end='') 71 print('||{:^28}\n'.format(opt.result), end='') 72 print() 73 74 75def main(): 76 hardenconfig(standard_kconfig()) 77 78 79if __name__ == '__main__': 80 main() 81
