diff mbox series

[F,I,2/2] UBUNTU: [Packaging] Add fips-checks as part of finalchecks

Message ID 20211004133548.2168392-4-marcelo.cerri@canonical.com
State New
Headers show
Series None | expand

Commit Message

Marcelo Henrique Cerri Oct. 4, 2021, 1:35 p.m. UTC 
BugLink: https://bugs.launchpad.net/bugs/1945989

Call fips-checks as part of the debian target "finalchecks". That will
ensure the checks are executed during build and during cranky close.

Kernels need to enable this check via do_fips_checks.

Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
---
 debian/rules.d/0-common-vars.mk | 3 +++
 debian/rules.d/1-maintainer.mk  | 3 +++
 2 files changed, 6 insertions(+)
diff mbox series

Patch

diff --git a/debian/rules.d/0-common-vars.mk b/debian/rules.d/0-common-vars.mk
index b71546ab03a0..b53af89388d8 100644
--- a/debian/rules.d/0-common-vars.mk
+++ b/debian/rules.d/0-common-vars.mk
@@ -219,6 +219,9 @@  do_flavour_header_package=true
 # DTBs
 do_dtbs=false
 
+# FIPS check
+do_fips_checks=false
+
 # Support parallel=<n> in DEB_BUILD_OPTIONS (see #209008)
 #
 # These 2 environment variables set the -j value of the kernel build. For example,
diff --git a/debian/rules.d/1-maintainer.mk b/debian/rules.d/1-maintainer.mk
index 5944ca526703..572c93bc3032 100644
--- a/debian/rules.d/1-maintainer.mk
+++ b/debian/rules.d/1-maintainer.mk
@@ -134,6 +134,9 @@  autoreconstruct:
 	fi
 
 finalchecks: debian/control
+ifeq ($(do_fips_checks),true)
+	$(DROOT)/scripts/misc/fips-checks
+endif
 	$(DROOT)/scripts/misc/final-checks "$(DEBIAN)" "$(prev_fullver)"
 
 diffupstream: