| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 14 Nov 2018 18:11:18 -0800
From: Brian Norris <briannorris@...omium.org>
To: yamada.masahiro@...ionext.com
Cc: Alexander Kapshuk <alexander.kapshuk@...il.com>, sky@...ki.is,
yamada.masahiro@...ionext.com,
Doug Anderson <dianders@...omium.org>,
Guenter Roeck <linux@...ck-us.net>, lists@...dbynature.de,
Linux Kernel <linux-kernel@...r.kernel.org>,
schwab@...ux-m68k.org
Subject: [PATCH v3] scripts/setlocalversion: Improve -dirty check with
git-status --no-optional-locks
git-diff-index does not refresh the index for you, so using it for a
"-dirty" check can give misleading results. Commit 6147b1cf19651
("scripts/setlocalversion: git: Make -dirty check more robust") tried to
fix this by switching to git-status, but it overlooked the fact that
git-status also writes to the .git directory of the source tree, which
is definitely not kosher for an out-of-tree (O=) build. That is getting
reverted.
Fortunately, git-status now supports avoiding writing to the index via
the --no-optional-locks flag, as of git 2.14. It still calculates an
up-to-date index, but it avoids writing it out to the .git directory.
So, let's retry the solution from commit 6147b1cf19651 using this new
flag first, and if it fails, we assume this is an older version of git
and just use the old git-diff-index method.
It's hairy to get the 'grep -vq' (inverted matching) correct by stashing
the output of git-status (you have to be careful about the difference
betwen "empty stdin" and "blank line on stdin"), so just pipe the output
directly to grep and use a regex that's good enough for both the
git-status and git-diff-index version.
Cc: Genki Sky <sky@...ki.is>
Cc: Christian Kujau <lists@...dbynature.de>
Cc: Guenter Roeck <linux@...ck-us.net>
Suggested-by: Alexander Kapshuk <alexander.kapshuk@...il.com>
Signed-off-by: Brian Norris <briannorris@...omium.org>
---
v1 -> v2:
* handle empty (non-dirty) results properly, where
echo "${empty_variable}" | grep -qv "${something_else}"
always has a 0 exit status (a blank line is an inverted match for any
non-blank expression). Just pipe directly to grep instead, with a
hopefully-not-too-permissive regex to handle both versions.
* actually tested with dirty and non-dirty trees this time
v2 -> v3:
* switch to extended regex (-E), instead of relying on GNU extension
(\?)
---
scripts/setlocalversion | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/scripts/setlocalversion b/scripts/setlocalversion
index 71f39410691b..365b3c2b8f43 100755
--- a/scripts/setlocalversion
+++ b/scripts/setlocalversion
@@ -73,8 +73,16 @@ scm_version()
printf -- '-svn%s' "`git svn find-rev $head`"
fi
- # Check for uncommitted changes
- if git diff-index --name-only HEAD | grep -qv "^scripts/package"; then
+ # Check for uncommitted changes.
+ # First, with git-status, but --no-optional-locks is only
+ # supported in git >= 2.14, so fall back to git-diff-index if
+ # it fails. Note that git-diff-index does not refresh the
+ # index, so it may give misleading results. See
+ # git-update-index(1), git-diff-index(1), and git-status(1).
+ if {
+ git --no-optional-locks status -uno --porcelain 2>/dev/null ||
+ git diff-index --name-only HEAD
+ } | grep -qvE '^(.. )?scripts/package'; then
printf '%s' -dirty
fi
--
2.19.1.930.g4563a0d9d0-goog
Powered by blists - more mailing lists