lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAK7LNAQdrvMkDA6ApDJCGr+5db8SiPo=G+p8EiOvnnGvEN80gA@mail.gmail.com>
Date:   Mon, 28 Sep 2020 20:28:40 +0900
From:   Masahiro Yamada <masahiroy@...nel.org>
To:     Lukas Bulwahn <lukas.bulwahn@...il.com>
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Kees Cook <keescook@...omium.org>,
        Michal Marek <michal.lkml@...kovi.net>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Jonathan Corbet <corbet@....net>,
        "open list:DOCUMENTATION" <linux-doc@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Ujjwal Kumar <ujjwalkumar0501@...il.com>,
        linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH RFC] kbuild: doc: describe proper script invocation

On Mon, Sep 28, 2020 at 3:42 PM Lukas Bulwahn <lukas.bulwahn@...il.com> wrote:
>
> During an investigation to fix up the execute bits of scripts in the kernel
> repository, Andrew Morton and Kees Cook pointed out that the execute bit
> should not matter, and that build scripts cannot rely on that. Kees could
> not point to any documentation, though.
>
> Provide some basic documentation how the build shall invoke scripts, such
> that the execute bits do not matter.
>
> This serves as reference for further clean-up patches in the future.


For scripts run by users directly, the executable bit
should be set. (e.g. scripts/checkpatch.pl)


For scripts invoked from the build system, the
convention is to use interpreters such as
$(CONFIG_SHELL), and we do not need to set
the executable bit. But, we often set the executable bit
for this case, too.


This convention started from the following commit, which
was made by the previous kbuild maintainer.



commit 06ed5c2bfacaf67039e87a213fa5d1cdde34246a
Author: Michal Marek <mmarek@...e.cz>
Date:   Wed Aug 20 16:02:59 2014 +0200

    kbuild: Make scripts executable

    The Makefiles call the respective interpreter explicitly, but this makes
    it easier to use the scripts manually.

    Signed-off-by: Michal Marek <mmarek@...e.cz>








> Link: https://lore.kernel.org/lkml/20200830174409.c24c3f67addcce0cea9a9d4c@linux-foundation.org/
> Link: https://lore.kernel.org/lkml/202008271102.FEB906C88@keescook/
>
> Suggested-by: Andrew Morton <akpm@...ux-foundation.org>
> Suggested-by: Kees Cook <keescook@...omium.org>
> Signed-off-by: Lukas Bulwahn <lukas.bulwahn@...il.com>
> ---
> applies cleanly on next-20200925 and v5.9-rc7
>
> Kees, Andrew, please ack.
>
> Masahiro-san, please pick this small documentation update into your kbuild tree.
>
> Ujjwal Kumar, a potential future mentee, will follow up with further fixes to
> the build scripts.
>
>  Documentation/kbuild/makefiles.rst | 18 ++++++++++++++++++
>  1 file changed, 18 insertions(+)
>
> diff --git a/Documentation/kbuild/makefiles.rst b/Documentation/kbuild/makefiles.rst
> index 58d513a0fa95..9d0d198adb7e 100644
> --- a/Documentation/kbuild/makefiles.rst
> +++ b/Documentation/kbuild/makefiles.rst
> @@ -21,6 +21,7 @@ This document describes the Linux kernel Makefiles.
>            --- 3.10 Special Rules
>            --- 3.11 $(CC) support functions
>            --- 3.12 $(LD) support functions
> +          --- 3.13 Script Invocation
>
>         === 4 Host Program support
>            --- 4.1 Simple Host Program
> @@ -605,6 +606,23 @@ more details, with real examples.
>                 #Makefile
>                 LDFLAGS_vmlinux += $(call ld-option, -X)
>
> +3.13 Script invocation
> +----------------------
> +
> +       Make rules may invoke scripts to build the kernel. The rules shall
> +       always provide the appropriate interpreter to execute the script. They
> +       shall not rely on the execute bits being set, and shall not invoke the
> +       script directly.
> +
> +       Kbuild provides variables $(CONFIG_SHELL), $(AWK), $(PERL),
> +       $(PYTHON) and $(PYTHON3) to refer to interpreters for the respective
> +       scripts.
> +
> +       Example::
> +
> +               #Makefile
> +               cmd_depmod = $(CONFIG_SHELL) $(srctree)/scripts/depmod.sh $(DEPMOD) \
> +                            $(KERNELRELEASE)
>
>  4 Host Program support
>  ======================
> --
> 2.17.1
>


-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ