lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 10 Nov 2017 14:19:09 -0600
From:   Rob Herring <robh@...nel.org>
To:     linux-kernel@...r.kernel.org
Cc:     Andy Whitcroft <apw@...onical.com>, Joe Perches <joe@...ches.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: [PATCH v3] checkpatch.pl: Add SPDX license tag check

SPDX license tags are a thing now in the kernel[1]. It has also been
decided to make them the first line in files. As Linus put it:

"The real reason _I_ personally would like to see at least all the new
SPDX lines to go at the very top of the file is that every time when
we have some kind of ambiguity about placement, we end up with
multiple cases, and then people don't notice when merging, and you end
up having two - or you just end up having unnecessary merge conflicts
because two different people picked two different choices)."

Add a warning if SPDX-License-Identifier tag is not present in the first
line (or 2nd for #! scripts) of files.

[1] https://lwn.net/Articles/738235/

Cc: Andy Whitcroft <apw@...onical.com>
Cc: Joe Perches <joe@...ches.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Signed-off-by: Rob Herring <robh@...nel.org>
---
v3:
- Since we specify that the tag goes on the 1st or 2nd line, the logic 
can be greatly simplified compared to v2 because we can just use the 
line number. And now the check is improved too.

I tested this on a variety of files and Greg's patches adding the tags. 
I did find one error in Greg's patches. The tags were placed on the 
2nd line even for scripts without a "#!" line. Want to know which ones? 
Well, you'll have to run checkpatch. :)

 scripts/checkpatch.pl | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index 8b80bac055e4..50633d44b49b 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -2865,6 +2865,20 @@ sub process {
 			}
 		}
 
+# check for using SPDX license tag at beginning of files
+		if ($realfile !~ /Documentation/ && $rawline =~ /^\+/ &&
+		    !($realline == 1 && $rawline =~ /^[\s\+]#!/)) {
+			my $ln = 1;
+
+			if ($realline == 2 && $prevrawline =~ /^[\s\+]#!/) {
+				$ln++;
+			}
+			if ($realline == $ln xor $rawline =~ m@^\+(#|//|/\*) SPDX-License-Identifier: @) {
+				WARN("SPDX_LICENSE_TAG",
+				     "Missing or malformed SPDX-License-Identifier tag in 1st (or 2nd for scripts) line\n" . $herecurr);
+			}
+		}
+
 # check we are in a valid source file if not then ignore this hunk
 		next if ($realfile !~ /\.(h|c|s|S|sh|dtsi|dts)$/);
 
-- 
2.14.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ