keyutils: Use generic kernel config rendering

2025-01-24 06:52:14 +08:00 · 2024-01-25 17:32:22 +08:00 · 2024-01-25 17:32:22 +08:00 · 434e3e0c89
commit 434e3e0c89
parent 808fe3aa36
3 changed files with 41 additions and 4 deletions
--- a/general/genlib/keyutils-test-kernel.xml
+++ b/general/genlib/keyutils-test-kernel.xml
@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE note PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<!-- Automatically generated by kernel-config.py
+     DO NOT EDIT! -->
+<screen><emphasis role='blue'>S</emphasis>ecurity options ---&gt;
+  [*] <emphasis role='blue'>E</emphasis>nable access key retention support                                 [KEYS]
+  [*]   <emphasis role='blue'>L</emphasis>arge payload keys                                            [BIG_KEYS]
+  [*]   <emphasis role='blue'>D</emphasis>iffie-Hellman operations on retained keys           [KEY_DH_OPERATIONS]
+
+-*- <emphasis role='blue'>C</emphasis>ryptographic API ---&gt;                                              [CRYPTO]
+  <emphasis role='blue'>P</emphasis>ublic-key cryptography ---&gt;
+    &lt;*/M&gt; <emphasis role='blue'>D</emphasis>H (Diffie-Hellman)                                        [CRYPTO_DH]
+  <emphasis role='blue'>C</emphasis>ertificates for signature checking ---&gt;
+    [*] <emphasis role='blue'>P</emphasis>rovide system-wide ring of trusted keys        [SYSTEM_TRUSTED_KEYRING]
+    [*]   <emphasis role='blue'>P</emphasis>rovide a keyring to which extra trustable keys may be added
+                                                ...  [SECONDARY_TRUSTED_KEYRING]
+    [*] <emphasis role='blue'>P</emphasis>rovide system-wide ring of blacklisted keys  [SYSTEM_BLACKLIST_KEYRING]</screen>
--- a/general/genlib/keyutils.xml
+++ b/general/genlib/keyutils.xml
@ -76,6 +76,21 @@
    </para>
  </sect2>

+  <sect2 role="kernel" id="keyutils-test-kernel">
+    <title>Kernel Configuration</title>
+
+    <para>
+      If running the test suite, some tests needs the following kernel
+      features enabled:
+    </para>
+
+    <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
+      href="keyutils-test-kernel.xml"/>
+
+    <indexterm zone="keyutils keyutils-test-kernel">
+      <primary sortas="d-keyutils">keyutils (testing)</primary>
+    </indexterm>
+  </sect2>
  <sect2 role="installation">
    <title>Installation of keyutils</title>

@ -101,10 +116,6 @@
 <screen role="root" remap="test"><userinput>make -k test</userinput></screen>

    <para>
-      Note that several tests will fail if certain uncommon kernel options
-      were not used when the kernel was built. These include CONFIG_BIG_KEYS,
-      CONFIG_KEY_DH_OPERATIONS, CONFIG_CRYPTO_DH,
-      CONFIG_SECONDARY_TRUSTED_KEYRING, and CONFIG_SYSTEM_BLACKLIST_KEYRING.
      If <xref linkend='lsb-tools'/> is not installed, the test suite will
      output some lines complaining the <command>lsb_release</command>
      command not available but it won't affect the test result.
--- a/kernel-config/general/genlib/keyutils-test.toml
+++ b/kernel-config/general/genlib/keyutils-test.toml
@ -0,0 +1,8 @@
+BIG_KEYS='*'
+KEYS='*'
+KEY_DH_OPERATIONS='*'
+CRYPTO = { value = '*', forced = '*' }
+CRYPTO_DH='*M'
+SYSTEM_TRUSTED_KEYRING='*'
+SECONDARY_TRUSTED_KEYRING='*'
+SYSTEM_BLACKLIST_KEYRING='*'