| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Jun 2021 10:05:26 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: Matthias Maennich <maennich@...gle.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
"Cc: Android Kernel" <kernel-team@...roid.com>,
Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>
Subject: Re: [PATCH] kbuild: mkcompile_h: consider timestamp if
KBUILD_BUILD_TIMESTAMP is set
On Sat, Jun 12, 2021 at 11:18 PM Matthias Maennich <maennich@...gle.com> wrote:
>
> To avoid unnecessary recompilations, mkcompile_h does not regenerate
> compile.h if just the timestamp changed.
> Though, if KBUILD_BUILD_TIMESTAMP is set, an explicit timestamp for the
> build was requested, in which case we should not ignore it.
>
> If a user follows the documentation for reproducible builds [1] and
> defines KBUILD_BUILD_TIMESTAMP as the git commit timestamp, a clean
> build will have the correct timestamp. A subsequent cherry-pick (or
> amend) changes the commit timestamp and if an incremental build is done
> with a different KBUILD_BUILD_TIMESTAMP now, that new value is not taken
> into consideration. But it should for reproducibility.
>
> Hence, whenever KBUILD_BUILD_TIMESTAMP is explicitly set, do not ignore
> UTS_VERSION when making a decision about whether the regenerated version
> of compile.h should be moved into place.
>
> [1] https://www.kernel.org/doc/html/latest/kbuild/reproducible-builds.html
>
> Cc: Masahiro Yamada <masahiroy@...nel.org>
> Cc: linux-kbuild@...r.kernel.org
> Signed-off-by: Matthias Maennich <maennich@...gle.com>
> ---
Applied to linux-kbuild. Thanks.
> scripts/mkcompile_h | 14 +++++++++++---
> 1 file changed, 11 insertions(+), 3 deletions(-)
>
> diff --git a/scripts/mkcompile_h b/scripts/mkcompile_h
> index 4ae735039daf..a72b154de7b0 100755
> --- a/scripts/mkcompile_h
> +++ b/scripts/mkcompile_h
> @@ -70,15 +70,23 @@ UTS_VERSION="$(echo $UTS_VERSION $CONFIG_FLAGS $TIMESTAMP | cut -b -$UTS_LEN)"
> # Only replace the real compile.h if the new one is different,
> # in order to preserve the timestamp and avoid unnecessary
> # recompilations.
> -# We don't consider the file changed if only the date/time changed.
> +# We don't consider the file changed if only the date/time changed,
> +# unless KBUILD_BUILD_TIMESTAMP was explicitly set (e.g. for
> +# reproducible builds with that value referring to a commit timestamp).
> # A kernel config change will increase the generation number, thus
> # causing compile.h to be updated (including date/time) due to the
> # changed comment in the
> # first line.
>
> +if [ -z "$KBUILD_BUILD_TIMESTAMP" ]; then
> + IGNORE_PATTERN="UTS_VERSION"
> +else
> + IGNORE_PATTERN="NOT_A_PATTERN_TO_BE_MATCHED"
> +fi
> +
> if [ -r $TARGET ] && \
> - grep -v 'UTS_VERSION' $TARGET > .tmpver.1 && \
> - grep -v 'UTS_VERSION' .tmpcompile > .tmpver.2 && \
> + grep -v $IGNORE_PATTERN $TARGET > .tmpver.1 && \
> + grep -v $IGNORE_PATTERN .tmpcompile > .tmpver.2 && \
> cmp -s .tmpver.1 .tmpver.2; then
> rm -f .tmpcompile
> else
> --
> 2.32.0.272.g935e593368-goog
>
--
Best Regards
Masahiro Yamada
Powered by blists - more mailing lists