Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(linter): explain why options are unnecessary #30

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

feat(linter): explain why options are unnecessary #30

wants to merge 3 commits into from

Conversation

AndrewFasano
Copy link

This is a bit of a work in progress, initially started when I was working on #24 but now I think it's more of its own thing. The main thing here is trying to change the linter to say why options are bad, they can either be:

  • Already set by default for the arch
  • Entirely invalid for the arch, or
  • Invalid given the other options that are set (i.e., there's an unmet dependency).

Using this updated script I've been trying to improve the configs we have. This is still a work in progress, but I figured I'd open a draft PR for visibility. Here's the --config-only output (from a file) for x86_64 right now:

INVALID OPTION: CONFIG_NETFILTER_TPROXY
INVALID OPTION: CONFIG_NETFILTER_XT_TARGET_TRACE_MODULE
INVALID OPTION: CONFIG_NET_ACT_MPLS
INVALID OPTION: CONFIG_NET_IPV6
INVALID OPTION: CONFIG_NET_MLPS_GSO
INVALID OPTION: CONFIG_PROC_DEVICETREE
MISSING DEPENDENCY: CONFIG_NETFILTER_ADVANCED
MISSING DEPENDENCY: CONFIG_NETFILTER_NETLINK_ACCT
MISSING DEPENDENCY: CONFIG_NETFILTER_NETLINK_QUEUE
MISSING DEPENDENCY: CONFIG_NETFILTER_SYNPROXY
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_CONNMARK
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_MATCH_ECN
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_MATCH_HL
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_MATCH_IPVS
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_MATCH_SOCKET
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_TARGET_CT
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_TARGET_HL
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_TARGET_LED
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_TARGET_NETMAP
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_TARGET_RATEEST
MISSING DEPENDENCY: CONFIG_NETFILTER_XT_TARGET_REDIRECT
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_INGRESS
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_NETLINK
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_NETLINK_LOG
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_XTABLES
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_XT_MARK
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_XT_NAT
ON BY DEFAULT for x86_64: CONFIG_NETFILTER_XT_TARGET_CONNSECMARK
ON BY DEFAULT for x86_64: CONFIG_NET_NS
ON BY DEFAULT for x86_64: CONFIG_NF_CONNTRACK_PROCFS
ON BY DEFAULT for x86_64: CONFIG_NF_DEFRAG_IPV6
ON BY DEFAULT for x86_64: CONFIG_PID_NS
ON BY DEFAULT for x86_64: CONFIG_PROC_SYSCTL
ON BY DEFAULT for x86_64: CONFIG_UTS_NS

@AndrewFasano
Copy link
Author

Two things I think could be good here for future work:

  1. Linter could run across architectures and report better warnings such as "this option is always invalid" or "this option is necessary for [these arches] but not [those arches]"
  2. Continue updating config options based on this info

@be32826 be32826 force-pushed the main branch 3 times, most recently from 31e7eeb to 617c377 Compare November 19, 2024 21:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@AndrewFasano