| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Sep 2022 16:33:32 +0530
From: Bhaskar Chowdhury <unixbhaskar@...il.com>
To: masahiroy@...nel.org, unixbhaskar@...il.com,
danielmentz@...gle.com, linux-kernel@...r.kernel.org
Subject: [PATCH] kernel:gen_kheaders:Replace md5sum to sha256sum
Thought to apply a better encryption mechanism.
Replace all occurance of md5sum to sha256sum .
Signed-off-by: Bhaskar Chowdhury <unixbhaskar@...il.com>
---
kernel/gen_kheaders.sh | 27 ++++++++++++++-------------
1 file changed, 14 insertions(+), 13 deletions(-)
diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh
index 0c78e64f747d..1abf2d83039c 100755
--- a/kernel/gen_kheaders.sh
+++ b/kernel/gen_kheaders.sh
@@ -3,6 +3,7 @@
# This script generates an archive consisting of kernel headers
# for CONFIG_IKHEADERS.
+# Replace md5sum to sha256sum
set -e
sfile="$(readlink -f "$0")"
outdir="$(pwd)"
@@ -37,22 +38,22 @@ all_dirs="$all_dirs $dir_list"
# When Kconfig regenerates include/generated/autoconf.h, its timestamp is
# updated, but the contents might be still the same. When any CONFIG option is
# changed, Kconfig touches the corresponding timestamp file include/config/*.
-# Hence, the md5sum detects the configuration change anyway. We do not need to
+# Hence, the sha256sum detects the configuration change anyway. We do not need to
# check include/generated/autoconf.h explicitly.
#
-# Ignore them for md5 calculation to avoid pointless regeneration.
-headers_md5="$(find $all_dirs -name "*.h" |
+# Ignore them for sha256 calculation to avoid pointless regeneration.
+headers_sha256="$(find $all_dirs -name "*.h" |
grep -v "include/generated/compile.h" |
grep -v "include/generated/autoconf.h" |
- xargs ls -l | md5sum | cut -d ' ' -f1)"
+ xargs ls -l | sha256sum| cut -d ' ' -f1)"
# Any changes to this script will also cause a rebuild of the archive.
-this_file_md5="$(ls -l $sfile | md5sum | cut -d ' ' -f1)"
-if [ -f $tarfile ]; then tarfile_md5="$(md5sum $tarfile | cut -d ' ' -f1)"; fi
-if [ -f kernel/kheaders.md5 ] &&
- [ "$(head -n 1 kernel/kheaders.md5)" = "$headers_md5" ] &&
- [ "$(head -n 2 kernel/kheaders.md5 | tail -n 1)" = "$this_file_md5" ] &&
- [ "$(tail -n 1 kernel/kheaders.md5)" = "$tarfile_md5" ]; then
+this_file_sha256="$(ls -l $sfile | sha256sum| cut -d ' ' -f1)"
+if [ -f $tarfile ]; then tarfile_sha256="$(sha256sum $tarfile | cut -d ' ' -f1)"; fi
+if [ -f kernel/kheaders.sha256 ] &&
+ [ "$(head -n 1 kernel/kheaders.sha256)" = "$headers_sha256" ] &&
+ [ "$(head -n 2 kernel/kheaders.sha256 | tail -n 1)" = "$this_file_sha256" ] &&
+ [ "$(tail -n 1 kernel/kheaders.sha256)" = "$tarfile_sha256" ]; then
exit
fi
@@ -88,8 +89,8 @@ find $cpio_dir -printf "./%P\n" | LC_ALL=C sort | \
--owner=0 --group=0 --numeric-owner --no-recursion \
-I $XZ -cf $tarfile -C $cpio_dir/ -T - > /dev/null
-echo $headers_md5 > kernel/kheaders.md5
-echo "$this_file_md5" >> kernel/kheaders.md5
-echo "$(md5sum $tarfile | cut -d ' ' -f1)" >> kernel/kheaders.md5
+echo $headers_sha256 > kernel/kheaders.sha256
+echo "$this_file_sha256" >> kernel/kheaders.sha256
+echo "$(sha256sum $tarfile | cut -d ' ' -f1)" >> kernel/kheaders.sha256
rm -rf $cpio_dir
--
2.35.1
Powered by blists - more mailing lists