lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAK7LNAQkoqTG540EOER27G83z+DO5fkeHi-in-vRYkrbX-o0cg@mail.gmail.com>
Date:   Thu, 17 Jun 2021 10:05:26 +0900
From:   Masahiro Yamada <masahiroy@...nel.org>
To:     Matthias Maennich <maennich@...gle.com>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        "Cc: Android Kernel" <kernel-team@...roid.com>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>
Subject: Re: [PATCH] kbuild: mkcompile_h: consider timestamp if
 KBUILD_BUILD_TIMESTAMP is set

On Sat, Jun 12, 2021 at 11:18 PM Matthias Maennich <maennich@...gle.com> wrote:
>
> To avoid unnecessary recompilations, mkcompile_h does not regenerate
> compile.h if just the timestamp changed.
> Though, if KBUILD_BUILD_TIMESTAMP is set, an explicit timestamp for the
> build was requested, in which case we should not ignore it.
>
> If a user follows the documentation for reproducible builds [1] and
> defines KBUILD_BUILD_TIMESTAMP as the git commit timestamp, a clean
> build will have the correct timestamp. A subsequent cherry-pick (or
> amend) changes the commit timestamp and if an incremental build is done
> with a different KBUILD_BUILD_TIMESTAMP now, that new value is not taken
> into consideration. But it should for reproducibility.
>
> Hence, whenever KBUILD_BUILD_TIMESTAMP is explicitly set, do not ignore
> UTS_VERSION when making a decision about whether the regenerated version
> of compile.h should be moved into place.
>
> [1] https://www.kernel.org/doc/html/latest/kbuild/reproducible-builds.html
>
> Cc: Masahiro Yamada <masahiroy@...nel.org>
> Cc: linux-kbuild@...r.kernel.org
> Signed-off-by: Matthias Maennich <maennich@...gle.com>
> ---


Applied to linux-kbuild. Thanks.


>  scripts/mkcompile_h | 14 +++++++++++---
>  1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/scripts/mkcompile_h b/scripts/mkcompile_h
> index 4ae735039daf..a72b154de7b0 100755
> --- a/scripts/mkcompile_h
> +++ b/scripts/mkcompile_h
> @@ -70,15 +70,23 @@ UTS_VERSION="$(echo $UTS_VERSION $CONFIG_FLAGS $TIMESTAMP | cut -b -$UTS_LEN)"
>  # Only replace the real compile.h if the new one is different,
>  # in order to preserve the timestamp and avoid unnecessary
>  # recompilations.
> -# We don't consider the file changed if only the date/time changed.
> +# We don't consider the file changed if only the date/time changed,
> +# unless KBUILD_BUILD_TIMESTAMP was explicitly set (e.g. for
> +# reproducible builds with that value referring to a commit timestamp).
>  # A kernel config change will increase the generation number, thus
>  # causing compile.h to be updated (including date/time) due to the
>  # changed comment in the
>  # first line.
>
> +if [ -z "$KBUILD_BUILD_TIMESTAMP" ]; then
> +   IGNORE_PATTERN="UTS_VERSION"
> +else
> +   IGNORE_PATTERN="NOT_A_PATTERN_TO_BE_MATCHED"
> +fi
> +
>  if [ -r $TARGET ] && \
> -      grep -v 'UTS_VERSION' $TARGET > .tmpver.1 && \
> -      grep -v 'UTS_VERSION' .tmpcompile > .tmpver.2 && \
> +      grep -v $IGNORE_PATTERN $TARGET > .tmpver.1 && \
> +      grep -v $IGNORE_PATTERN .tmpcompile > .tmpver.2 && \
>        cmp -s .tmpver.1 .tmpver.2; then
>     rm -f .tmpcompile
>  else
> --
> 2.32.0.272.g935e593368-goog
>


-- 
Best Regards
Masahiro Yamada

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ