lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 18 Sep 2016 02:59:31 +0100
From:   Ben Hutchings <ben@...adent.org.uk>
To:     linux-kernel@...r.kernel.org, linux-firmware@...nel.org
Subject: [PATCH linux-firmware 01/12] Add a metadata consistency check script

The script compares the files listed in WHENCE (or otherwise expected)
and the files known to git, and reports all differences as errors.

Add a 'check' rule to the Makefile that runs this.

Signed-off-by: Ben Hutchings <ben@...adent.org.uk>
---
 Makefile        |  3 +++
 check_whence.py | 56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+)
 create mode 100755 check_whence.py

diff --git a/Makefile b/Makefile
index 1b1aa2836c97..d1163b871096 100644
--- a/Makefile
+++ b/Makefile
@@ -5,6 +5,9 @@ FIRMWAREDIR = /lib/firmware
 
 all:
 
+check:
+	./check_whence.py
+
 install:
 	mkdir -p $(DESTDIR)$(FIRMWAREDIR)
 	cp -r * $(DESTDIR)$(FIRMWAREDIR)
diff --git a/check_whence.py b/check_whence.py
new file mode 100755
index 000000000000..f83fb197aa57
--- /dev/null
+++ b/check_whence.py
@@ -0,0 +1,56 @@
+#!/usr/bin/python
+
+import os, re, sys
+
+def list_whence():
+    with open('WHENCE') as whence:
+        for line in whence:
+            match = re.match(r'(?:File|Link|Source):\s*(\S*)', line)
+            if match:
+                yield match.group(1)
+                continue
+            match = re.match(r'Licen[cs]e: (?:.*\bSee (.*) for details\.?|(\S*))\n',
+                             line)
+            if match:
+                if match.group(1):
+                    for name in re.split(r', | and ', match.group(1)):
+                        yield name
+                    continue
+                if match.group(2):
+                    # Just one word - may or may not be a filename
+                    if not re.search(r'unknown|distributable', match.group(2),
+                                     re.IGNORECASE):
+                        yield match.group(2)
+                        continue
+
+def list_git():
+    with os.popen('git ls-files') as git_files:
+        for line in git_files:
+            yield line.rstrip('\n')
+
+def main():
+    whence_list = list(list_whence())
+    known_files = set(name for name in whence_list if not name.endswith('/')) | \
+                  set(['check_whence.py', 'configure', 'Makefile',
+                       'README', 'WHENCE'])
+    known_prefixes = set(name for name in whence_list if name.endswith('/'))
+    git_files = set(list_git())
+
+    for name in sorted(list(known_files - git_files)):
+        sys.stderr.write('E: %s listed in WHENCE does not exist\n' % name)
+
+    for name in sorted(list(git_files - known_files)):
+        # Ignore subdirectory changelogs and GPG detached signatures
+        if (name.endswith('/ChangeLog') or
+            (name.endswith('.asc') and name[:-4] in known_files)):
+            continue
+
+        # Ignore unknown files in known directories
+        for prefix in known_prefixes:
+            if name.startswith(prefix):
+                break
+        else:
+            sys.stderr.write('E: %s not listed in WHENCE\n' % name)
+
+if __name__ == '__main__':
+    main()


Download attachment "signature.asc" of type "application/pgp-signature" (812 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ