lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 08 Oct 2019 08:07:09 +0000
From:   Dmitry Goldin <dgoldin@...tonmail.ch>
To:     Andreas Schwab <schwab@...ux-m68k.org>
Cc:     Greg KH <gregkh@...uxfoundation.org>,
        Masahiro Yamada <yamada.masahiro@...ionext.com>,
        "linux-kernel\\@vger.kernel.org" <linux-kernel@...r.kernel.org>,
        "joel\\@joelfernandes.org" <joel@...lfernandes.org>,
        Ben Hutchings <ben@...adent.org.uk>
Subject: Re: [PATCH v2] kheaders: making headers archive reproducible

Hi,

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Monday, October 7, 2019 2:26 PM, Andreas Schwab <schwab@...ux-m68k.org> wrote:

> On Okt 07 2019, Greg KH gregkh@...uxfoundation.org wrote:
>
> > On Mon, Oct 07, 2019 at 01:49:47PM +0200, Andreas Schwab wrote:
> >
> > > GEN kernel/kheaders_data.tar.xz
> > > tar: unrecognized option '--sort=name'
> > > Try `tar --help' or`tar --usage' for more information.
> > > make[2]: *** [kernel/kheaders_data.tar.xz] Error 64
> > > make[1]: *** [kernel] Error 2
> > > make: *** [sub-make] Error 2
> > > $ tar --version
> > > tar (GNU tar) 1.26
> > > Copyright (C) 2011 Free Software Foundation, Inc.
> >
> > Wow that's an old version of tar. 2011? What happens if you use a more
> > modern one?
>
> That's the most modern I have available on that machine.

Hmm. --sort was introduced in 1.28 in 2014. Do you think it would warrant some sort of version check and fallback or is this something we can expect the user to handle if their distribution happens to not ship anything more recent? A few sensible workarounds come to mind.

In any case, likely it would make sense to at least update to https://github.com/torvalds/linux/blob/master/Documentation/process/changes.rst with the minimal version we decide on.


Dmitry

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ