lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202208171317.F5D57135@keescook>
Date:   Wed, 17 Aug 2022 13:18:36 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Miguel Ojeda <ojeda@...nel.org>
Cc:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, patches@...ts.linux.dev,
        Jarkko Sakkinen <jarkko@...nel.org>,
        Alex Gaynor <alex.gaynor@...il.com>,
        Wedson Almeida Filho <wedsonaf@...gle.com>,
        Finn Behrens <me@...enk.de>, Miguel Cano <macanroj@...il.com>,
        Tiago Lam <tiagolam@...il.com>,
        Boqun Feng <boqun.feng@...il.com>, Gary Guo <gary@...yguo.net>,
        Björn Roy Baron <bjorn3_gh@...tonmail.com>
Subject: Re: [PATCH v9 20/27] scripts: add `rust_is_available.sh`

On Fri, Aug 05, 2022 at 05:42:05PM +0200, Miguel Ojeda wrote:
> This script tests whether the Rust toolchain requirements are in place
> to enable Rust support.
> 
> The build system will call it to set `CONFIG_RUST_IS_AVAILABLE` in
> a later patch.
> 
> It also has an option (`-v`) to explain what is missing, which is
> useful to set up the development environment. This is used via
> the `make rustavailable` target added in a later patch.
> 
> Co-developed-by: Alex Gaynor <alex.gaynor@...il.com>
> Signed-off-by: Alex Gaynor <alex.gaynor@...il.com>
> Co-developed-by: Wedson Almeida Filho <wedsonaf@...gle.com>
> Signed-off-by: Wedson Almeida Filho <wedsonaf@...gle.com>
> Co-developed-by: Finn Behrens <me@...enk.de>
> Signed-off-by: Finn Behrens <me@...enk.de>
> Co-developed-by: Miguel Cano <macanroj@...il.com>
> Signed-off-by: Miguel Cano <macanroj@...il.com>
> Co-developed-by: Tiago Lam <tiagolam@...il.com>
> Signed-off-by: Tiago Lam <tiagolam@...il.com>
> Signed-off-by: Miguel Ojeda <ojeda@...nel.org>
> ---
>  scripts/rust_is_available.sh                 | 160 +++++++++++++++++++
>  scripts/rust_is_available_bindgen_libclang.h |   2 +
>  2 files changed, 162 insertions(+)
>  create mode 100755 scripts/rust_is_available.sh
>  create mode 100644 scripts/rust_is_available_bindgen_libclang.h
> 
> diff --git a/scripts/rust_is_available.sh b/scripts/rust_is_available.sh
> new file mode 100755
> index 000000000000..aebbf1913970
> --- /dev/null
> +++ b/scripts/rust_is_available.sh
> @@ -0,0 +1,160 @@
> +#!/bin/sh
> +# SPDX-License-Identifier: GPL-2.0
> +#
> +# Tests whether a suitable Rust toolchain is available.
> +#
> +# Pass `-v` for human output and more checks (as warnings).
> +
> +set -e
> +
> +min_tool_version=$(dirname $0)/min-tool-version.sh
> +
> +# Convert the version string x.y.z to a canonical up-to-7-digits form.
> +#
> +# Note that this function uses one more digit (compared to other
> +# instances in other version scripts) to give a bit more space to
> +# `rustc` since it will reach 1.100.0 in late 2026.
> +get_canonical_version()
> +{
> +	IFS=.
> +	set -- $1
> +	echo $((100000 * $1 + 100 * $2 + $3))
> +}
> +
> +# Check that the Rust compiler exists.
> +if ! command -v "$RUSTC" >/dev/null; then
> +	if [ "$1" = -v ]; then
> +		echo >&2 "***"
> +		echo >&2 "*** Rust compiler '$RUSTC' could not be found."
> +		echo >&2 "***"
> +	fi
> +	exit 1
> +fi
> +
> +# Check that the Rust bindings generator exists.
> +if ! command -v "$BINDGEN" >/dev/null; then
> +	if [ "$1" = -v ]; then
> +		echo >&2 "***"
> +		echo >&2 "*** Rust bindings generator '$BINDGEN' could not be found."
> +		echo >&2 "***"
> +	fi
> +	exit 1
> +fi
> +
> +# Check that the Rust compiler version is suitable.
> +#
> +# Non-stable and distributions' versions may have a version suffix, e.g. `-dev`.
> +rust_compiler_version=$( \
> +	LC_ALL=C "$RUSTC" --version 2>/dev/null \
> +		| head -n 1 \
> +		| grep -oE '[0-9]+\.[0-9]+\.[0-9]+' \
> +)
> +rust_compiler_min_version=$($min_tool_version rustc)

I think the min-tool-version.sh changes from patch 23 should be moved
into this patch.

With that:

Reviewed-by: Kees Cook <keescook@...omium.org>

-Kees

> +rust_compiler_cversion=$(get_canonical_version $rust_compiler_version)
> +rust_compiler_min_cversion=$(get_canonical_version $rust_compiler_min_version)
> +if [ "$rust_compiler_cversion" -lt "$rust_compiler_min_cversion" ]; then
> +	if [ "$1" = -v ]; then
> +		echo >&2 "***"
> +		echo >&2 "*** Rust compiler '$RUSTC' is too old."
> +		echo >&2 "***   Your version:    $rust_compiler_version"
> +		echo >&2 "***   Minimum version: $rust_compiler_min_version"
> +		echo >&2 "***"
> +	fi
> +	exit 1
> +fi
> +if [ "$1" = -v ] && [ "$rust_compiler_cversion" -gt "$rust_compiler_min_cversion" ]; then
> +	echo >&2 "***"
> +	echo >&2 "*** Rust compiler '$RUSTC' is too new. This may or may not work."
> +	echo >&2 "***   Your version:     $rust_compiler_version"
> +	echo >&2 "***   Expected version: $rust_compiler_min_version"
> +	echo >&2 "***"
> +fi
> +
> +# Check that the Rust bindings generator is suitable.
> +#
> +# Non-stable and distributions' versions may have a version suffix, e.g. `-dev`.
> +rust_bindings_generator_version=$( \
> +	LC_ALL=C "$BINDGEN" --version 2>/dev/null \
> +		| head -n 1 \
> +		| grep -oE '[0-9]+\.[0-9]+\.[0-9]+' \
> +)
> +rust_bindings_generator_min_version=$($min_tool_version bindgen)
> +rust_bindings_generator_cversion=$(get_canonical_version $rust_bindings_generator_version)
> +rust_bindings_generator_min_cversion=$(get_canonical_version $rust_bindings_generator_min_version)
> +if [ "$rust_bindings_generator_cversion" -lt "$rust_bindings_generator_min_cversion" ]; then
> +	if [ "$1" = -v ]; then
> +		echo >&2 "***"
> +		echo >&2 "*** Rust bindings generator '$BINDGEN' is too old."
> +		echo >&2 "***   Your version:    $rust_bindings_generator_version"
> +		echo >&2 "***   Minimum version: $rust_bindings_generator_min_version"
> +		echo >&2 "***"
> +	fi
> +	exit 1
> +fi
> +if [ "$1" = -v ] && [ "$rust_bindings_generator_cversion" -gt "$rust_bindings_generator_min_cversion" ]; then
> +	echo >&2 "***"
> +	echo >&2 "*** Rust bindings generator '$BINDGEN' is too new. This may or may not work."
> +	echo >&2 "***   Your version:     $rust_bindings_generator_version"
> +	echo >&2 "***   Expected version: $rust_bindings_generator_min_version"
> +	echo >&2 "***"
> +fi
> +
> +# Check that the `libclang` used by the Rust bindings generator is suitable.
> +bindgen_libclang_version=$( \
> +	LC_ALL=C "$BINDGEN" $(dirname $0)/rust_is_available_bindgen_libclang.h 2>&1 >/dev/null \
> +		| grep -F 'clang version ' \
> +		| grep -oE '[0-9]+\.[0-9]+\.[0-9]+' \
> +		| head -n 1 \
> +)
> +bindgen_libclang_min_version=$($min_tool_version llvm)
> +bindgen_libclang_cversion=$(get_canonical_version $bindgen_libclang_version)
> +bindgen_libclang_min_cversion=$(get_canonical_version $bindgen_libclang_min_version)
> +if [ "$bindgen_libclang_cversion" -lt "$bindgen_libclang_min_cversion" ]; then
> +	if [ "$1" = -v ]; then
> +		echo >&2 "***"
> +		echo >&2 "*** libclang (used by the Rust bindings generator '$BINDGEN') is too old."
> +		echo >&2 "***   Your version:    $bindgen_libclang_version"
> +		echo >&2 "***   Minimum version: $bindgen_libclang_min_version"
> +		echo >&2 "***"
> +	fi
> +	exit 1
> +fi
> +
> +# If the C compiler is Clang, then we can also check whether its version
> +# matches the `libclang` version used by the Rust bindings generator.
> +#
> +# In the future, we might be able to perform a full version check, see
> +# https://github.com/rust-lang/rust-bindgen/issues/2138.
> +if [ "$1" = -v ]; then
> +	cc_name=$($(dirname $0)/cc-version.sh "$CC" | cut -f1 -d' ')
> +	if [ "$cc_name" = Clang ]; then
> +		clang_version=$( \
> +			LC_ALL=C "$CC" --version 2>/dev/null \
> +				| sed -nE '1s:.*version ([0-9]+\.[0-9]+\.[0-9]+).*:\1:p'
> +		)
> +		if [ "$clang_version" != "$bindgen_libclang_version" ]; then
> +			echo >&2 "***"
> +			echo >&2 "*** libclang (used by the Rust bindings generator '$BINDGEN')"
> +			echo >&2 "*** version does not match Clang's. This may be a problem."
> +			echo >&2 "***   libclang version: $bindgen_libclang_version"
> +			echo >&2 "***   Clang version:    $clang_version"
> +			echo >&2 "***"
> +		fi
> +	fi
> +fi
> +
> +# Check that the source code for the `core` standard library exists.
> +#
> +# `$KRUSTFLAGS` is passed in case the user added `--sysroot`.
> +rustc_sysroot=$("$RUSTC" $KRUSTFLAGS --print sysroot)
> +rustc_src=${RUST_LIB_SRC:-"$rustc_sysroot/lib/rustlib/src/rust/library"}
> +rustc_src_core="$rustc_src/core/src/lib.rs"
> +if [ ! -e "$rustc_src_core" ]; then
> +	if [ "$1" = -v ]; then
> +		echo >&2 "***"
> +		echo >&2 "*** Source code for the 'core' standard library could not be found"
> +		echo >&2 "*** at '$rustc_src_core'."
> +		echo >&2 "***"
> +	fi
> +	exit 1
> +fi
> diff --git a/scripts/rust_is_available_bindgen_libclang.h b/scripts/rust_is_available_bindgen_libclang.h
> new file mode 100644
> index 000000000000..0ef6db10d674
> --- /dev/null
> +++ b/scripts/rust_is_available_bindgen_libclang.h
> @@ -0,0 +1,2 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +#pragma message("clang version " __clang_version__)
> -- 
> 2.37.1
> 

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ