[B][PATCH 2/2] UBUNTU: [Packaging] Add fips-checks as part of finalchecks
Marcelo Henrique Cerri
marcelo.cerri at canonical.com
Mon Oct 4 13:35:47 UTC 2021
BugLink: https://bugs.launchpad.net/bugs/1945989
Call fips-checks as part of the debian target "finalchecks". That will
ensure the checks are executed during build and during cranky close.
Kernels need to enable this check via do_fips_checks.
Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri at canonical.com>
---
debian/rules.d/0-common-vars.mk | 3 +++
debian/rules.d/1-maintainer.mk | 3 +++
2 files changed, 6 insertions(+)
diff --git a/debian/rules.d/0-common-vars.mk b/debian/rules.d/0-common-vars.mk
index 2e3ed3818c98..84057c37d378 100644
--- a/debian/rules.d/0-common-vars.mk
+++ b/debian/rules.d/0-common-vars.mk
@@ -205,6 +205,9 @@ do_flavour_header_package=true
# DTBs
do_dtbs=false
+# FIPS check
+do_fips_checks=false
+
# Support parallel=<n> in DEB_BUILD_OPTIONS (see #209008)
#
# These 2 environment variables set the -j value of the kernel build. For example,
diff --git a/debian/rules.d/1-maintainer.mk b/debian/rules.d/1-maintainer.mk
index b32efbfc4f29..6d8700d8143d 100644
--- a/debian/rules.d/1-maintainer.mk
+++ b/debian/rules.d/1-maintainer.mk
@@ -125,6 +125,9 @@ autoreconstruct:
$(DROOT)/scripts/misc/gen-auto-reconstruct $(upstream_tag) $(DEBIAN)/reconstruct $(DROOT)/source/options
finalchecks:
+ifeq ($(do_fips_checks),true)
+ $(DROOT)/scripts/misc/fips-checks
+endif
$(DROOT)/scripts/misc/final-checks "$(DEBIAN)" "$(prev_fullver)"
diffupstream:
--
2.25.1
More information about the kernel-team
mailing list