lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <0dfaf697-1f69-74c4-ffc1-30b77026db68@gmail.com>
Date:   Mon, 12 Oct 2020 22:06:09 +0530
From:   Ujjwal Kumar <ujjwalkumar0501@...il.com>
To:     Masahiro Yamada <masahiroy@...nel.org>
Cc:     Michal Marek <michal.lkml@...kovi.net>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Kees Cook <keescook@...omium.org>,
        Lukas Bulwahn <lukas.bulwahn@...il.com>,
        Nathan Chancellor <natechancellor@...il.com>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>,
        linux-ia64@...r.kernel.org,
        clang-built-linux <clang-built-linux@...glegroups.com>,
        linux-kernel-mentees@...ts.linuxfoundation.org
Subject: Re: [PATCH RFC 0/2] use interpreters to invoke scripts

On 12/10/20 9:48 pm, Masahiro Yamada wrote:
> On Sun, Oct 4, 2020 at 12:19 AM Ujjwal Kumar <ujjwalkumar0501@...il.com> wrote:
>>
>> This patch series aims at removing the dependency on execute
>> bit of the scripts in the kbuild system.
>>
>> If not working with fresh clone of linux-next, clean the srctree:
>> make distclean
>> make tools/clean
>>
>> To test the dependency on execute bits, I tried building the
>> kernel after removing x-bits for all files in the repository.
>> Removing execute bits:
>> for i in $(find -executable -type f); do chmod -x $i; done
>>
>> Any attempts to configure (or build) the kernel fail because of
>> 'Permission denied' on scripts with the following error:
>> $ make allmodconfig
>> sh: ./scripts/gcc-version.sh: Permission denied
>> init/Kconfig:34: syntax error
>> init/Kconfig:33: invalid statement
>> init/Kconfig:34: invalid statement
>> sh: ./scripts/ld-version.sh: Permission denied
>> init/Kconfig:39: syntax error
>> init/Kconfig:38: invalid statement
>> sh: ./scripts/clang-version.sh: Permission denied
>> init/Kconfig:49: syntax error
>> init/Kconfig:48: invalid statement
>> make[1]: *** [scripts/kconfig/Makefile:71: allmodconfig] Error 1
>> make: *** [Makefile:606: allmodconfig] Error 2
>>
>> Changes:
>> 1. Adds specific interpreters (in Kconfig) to invoke
>> scripts.
>>
>> After this patch I could successfully do a kernel build
>> without any errors.
>>
>> 2. Again, adds specific interpreters to other parts of
>> kbuild system.
>>
>> I could successfully perform the following make targets after
>> applying the PATCH 2/2:
>> make headerdep
>> make kselftest-merge
>> make rpm-pkg
>> make perf-tar-src-pkg
>> make ARCH=ia64 defconfig
>> ARCH=arm64 CROSS_COMPILE=aarch64-linux-gnu- make prepare
>>
>> Following changes in PATCH 2/2 are not yet tested:
>> arch/arm64/kernel/vdso32/Makefile
>> arch/nds32/kernel/vdso/Makefile
>> scripts/Makefile.build
>>
>> Ujjwal Kumar (2):
>>   kconfig: use interpreters to invoke scripts
>>   kbuild: use interpreters to invoke scripts
>>
>>  Makefile                          |  4 ++--
>>  arch/arm64/kernel/vdso/Makefile   |  2 +-
>>  arch/arm64/kernel/vdso32/Makefile |  2 +-
>>  arch/ia64/Makefile                |  4 ++--
>>  arch/nds32/kernel/vdso/Makefile   |  2 +-
>>  init/Kconfig                      | 16 ++++++++--------
>>  scripts/Makefile.build            |  2 +-
>>  scripts/Makefile.package          |  4 ++--
>>  8 files changed, 18 insertions(+), 18 deletions(-)
>>
>> --
>> 2.26.2
>>
> 
> 
> Andrew Morton suggested and applied the doc patch
> (commit e9aae7af4601688386 in linux-next),
> but did not pick up this series.
> 
> It is difficult to predict which patch he would
> pick up, and which he would not.
> 
> 
> I can apply this series
> together with Lukas' base patch.
> 
> 
> I pointed out possible mistakes in 2/2.
> I can locally fix them up if you agree.

I agree with the changes you pointed out. I was in the process
of sending a V2 patch series (almost done). But if you prefer 
on locally fixing them, that is completely fine.

> 
> 
> BTW, Kees Cook suggested dropping the x bit
> from all scripts, but I did not agree with that part.

IIRC, in the discussion Kees Cook suggestion was not to drop
x bit but rather he meant to use that as a trick to catch
any existing dependency on x bit.

> 
> 
> In the doc change, Lukas mentioned
> "further clean-up patches", but I hope
> it does not mean dropping the x bits.

IMO, he did not mean to drop the x bits.
But rather I have many more small changes similar to these.
He must be referring to these two patches and any future
patches around this issue.

> 
> 
> --
> Best Regards
> 
> Masahiro Yamada
> 

Thanks
Ujjwal Kumar

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ