[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [XEN PATCH] xen: allow XSM_FLASK_POLICY only if checkpolicy binary is available
On 16.07.2021 18:14, Andrew Cooper wrote: > On 16/07/2021 16:26, George Dunlap wrote: >> >>> On Jul 14, 2021, at 5:17 PM, Anthony PERARD <anthony.perard@xxxxxxxxxx> >>> wrote: >>> >>> This will help prevent the CI loop from having build failures when >>> `checkpolicy` isn't available, when doing "randconfig" jobs. >> Hang on, just to clarify what’s going on here. >> >> ‘randconfig’ is setting CONFIG_XSM_FLASK_POLICY in the .config file; and >> then when the build happens, we error out because one of the required >> components isn’t there. >> >> What this patch does is to make it so that if someone explicitly sets >> CONFIG_XSM_FLASK_POLICY=y, but doesn’t have checkpolicy, the build system >> will silently disable the policy behind their backs without telling them? > > Yes, but that's how ~everything in the Xen and Linux build works currently. > > What this new version will do is produce a config/build combo, with the > config reporting that CONFIG_XSM_FLASK_POLICY was not active. > > This is a damnsignt better than the "old" way of doing feature checks in > the makefiles, where there is no trace that the build system disabled a > feature because your compiler was too old. Disabling features at build time is of course no better than disabling them at configure time. Instead, if a chose configuration cannot be built, the build should fail - ideally with an error message clearly telling people what the reason is and what they can do about it. Jan
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |