| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Oct 2020 09:57:23 +0200
From: Lukas Bulwahn <lukas.bulwahn@...il.com>
To: Andrew Morton <akpm@...ux-foundation.org>,
Kees Cook <keescook@...omium.org>,
Masahiro Yamada <masahiroy@...nel.org>,
Michal Marek <michal.lkml@...kovi.net>,
linux-kbuild@...r.kernel.org
Cc: Jonathan Corbet <corbet@....net>, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org,
Ujjwal Kumar <ujjwalkumar0501@...il.com>,
linux-kernel-mentees@...ts.linuxfoundation.org,
Lukas Bulwahn <lukas.bulwahn@...il.com>
Subject: [PATCH] kbuild: doc: describe proper script invocation
During an investigation to fix up the execute bits of scripts in the kernel
repository, Andrew Morton and Kees Cook pointed out that the execute bit
should not matter, and that build scripts cannot rely on that. Kees could
not point to any documentation, though.
Masahiro Yamada explained the convention of setting execute bits to make it
easier for manual script invocation.
Provide some basic documentation how the build shall invoke scripts, such
that the execute bits do not matter, and acknowledge that execute bits
are useful nonetheless.
This serves as reference for further clean-up patches in the future.
Link: https://lore.kernel.org/lkml/20200830174409.c24c3f67addcce0cea9a9d4c@linux-foundation.org/
Link: https://lore.kernel.org/lkml/202008271102.FEB906C88@keescook/
Link: https://lore.kernel.org/linux-kbuild/CAK7LNAQdrvMkDA6ApDJCGr+5db8SiPo=G+p8EiOvnnGvEN80gA@mail.gmail.com/
Suggested-by: Andrew Morton <akpm@...ux-foundation.org>
Suggested-by: Kees Cook <keescook@...omium.org>
Signed-off-by: Lukas Bulwahn <lukas.bulwahn@...il.com>
---
RFC v1 -> RFC v2:
explain why execute bits are still convenient.
Kees, Andrew, please ack.
Masahiro-san, I have taken your feedback into account. Please pick this small
documentation update into your kbuild tree.
Ujjwal Kumar, a potential future mentee, will follow up with further fixes to
the build scripts.
Documentation/kbuild/makefiles.rst | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/Documentation/kbuild/makefiles.rst b/Documentation/kbuild/makefiles.rst
index 58d513a0fa95..bd3e1baf58be 100644
--- a/Documentation/kbuild/makefiles.rst
+++ b/Documentation/kbuild/makefiles.rst
@@ -21,6 +21,7 @@ This document describes the Linux kernel Makefiles.
--- 3.10 Special Rules
--- 3.11 $(CC) support functions
--- 3.12 $(LD) support functions
+ --- 3.13 Script Invocation
=== 4 Host Program support
--- 4.1 Simple Host Program
@@ -605,6 +606,25 @@ more details, with real examples.
#Makefile
LDFLAGS_vmlinux += $(call ld-option, -X)
+3.13 Script invocation
+----------------------
+
+ Make rules may invoke scripts to build the kernel. The rules shall
+ always provide the appropriate interpreter to execute the script. They
+ shall not rely on the execute bits being set, and shall not invoke the
+ script directly. For the convenience of manual script invocation, such
+ as invoking ./scripts/checkpatch.pl, it is recommended to set execute
+ bits on the scripts nonetheless.
+
+ Kbuild provides variables $(CONFIG_SHELL), $(AWK), $(PERL),
+ $(PYTHON) and $(PYTHON3) to refer to interpreters for the respective
+ scripts.
+
+ Example::
+
+ #Makefile
+ cmd_depmod = $(CONFIG_SHELL) $(srctree)/scripts/depmod.sh $(DEPMOD) \
+ $(KERNELRELEASE)
4 Host Program support
======================
--
2.17.1
Powered by blists - more mailing lists