| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Dec 2017 08:15:43 +0100
From: Philippe Ombredanne <pombredanne@...b.com>
To: Rob Herring <robh@...nel.org>
Cc: LKML <linux-kernel@...r.kernel.org>,
Thomas Gleixner <tglx@...utronix.de>,
Joe Perches <joe@...ches.com>,
Andy Whitcroft <apw@...onical.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH v4] checkpatch.pl: Add SPDX license tag check
Rob,
On Thu, Dec 21, 2017 at 12:46 AM, Rob Herring <robh@...nel.org> wrote:
> Add SPDX license tag check based on the rules defined in
> Documentation/process/license-rules.rst. To summarize, SPDX license tags
> should be on the 1st line (or 2nd line in scripts) using the appropriate
> comment style for the file type.
>
> Cc: Andy Whitcroft <apw@...onical.com>
> Cc: Joe Perches <joe@...ches.com>
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Philippe Ombredanne <pombredanne@...b.com>
> Signed-off-by: Rob Herring <robh@...nel.org>
> ---
> Thomas, if you are inclined and Joe is happy with this, can you add this
> on top of your series adding license-rules.rst.
>
> v4:
> - Reference license-rules.rst
> - Add comment style checks based on file types
> - Check .rst files
>
> v3:
> - Since we specify that the tag goes on the 1st or 2nd line, the logic
> can be greatly simplified compared to v2 because we can just use the
> line number. And now the check is improved too.
>
> scripts/checkpatch.pl | 25 +++++++++++++++++++++++++
> 1 file changed, 25 insertions(+)
>
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> index 31031f10fe56..0324f845011d 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -2866,6 +2866,31 @@ sub process {
> }
> }
>
> +# check for using SPDX license tag at beginning of files
> + if ($rawline =~ /^\+/ && !($realline == 1 && $rawline =~ /^[\s\+]#!/)) {
> + my $ln = 1;
> + my $comment = "";
> +
> + if ($realfile =~ /\.(h|s|S)$/) {
> + $comment = '/\*';
> + } elsif ($realfile =~ /\.(c|dts|dtsi)$/) {
> + $comment = '//';
> + } elsif ($realfile =~ /\.(sh|pl|py)$/) {
> + if ($prevrawline =~ /^[\s\+]#!/) {
> + $ln = 2;
> + }
> + $comment = '#';
> + } elsif ($realfile =~ /\.rst$/) {
> + $comment = '..';
> + }
> +
> + if ($comment !~ /^$/ &&
> + ($realline == $ln xor $rawline =~ m@^\+$comment SPDX-License-Identifier: @)) {
> + WARN("SPDX_LICENSE_TAG",
> + "Missing or malformed SPDX-License-Identifier tag in 1st (or 2nd for scripts) line\n" . $herecurr);
> + }
> + }
> +
> # check we are in a valid source file if not then ignore this hunk
> next if ($realfile !~ /\.(h|c|s|S|sh|dtsi|dts)$/);
>
> --
> 2.14.1
>
My Perl is terribly rusty. But heck this is checkpatch.pl, not
checkpatch.py ;) This looks good to me though.
FWIW I maintain a comprehensive license expression parser and boolean
minimizer that could be a nice addition but is likely overkill even
for deeper checks.
Instead, in the future what we could add to checkpatch.pl could be
some simple table lookup to ensure that the actual expression is a
known one since we have a finite number of licenses in the kernel.
Reviewed-by: Philippe Ombredanne <pombredanne@...b.com>
[1] https://github.com/nexB/license-expression/
--
Cordially
Philippe Ombredanne
Powered by blists - more mailing lists