lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 28 Jun 2023 22:35:17 +0200
From:   Ahelenia Ziemiańska 
        <nabijaczleweli@...ijaczleweli.xyz>
To:     unlisted-recipients:; (no To-header on input)
Cc:     Andy Whitcroft <apw@...onical.com>, Joe Perches <joe@...ches.com>,
        Dwaipayan Ray <dwaipayanray1@...il.com>,
        Lukas Bulwahn <lukas.bulwahn@...il.com>,
        linux-kernel@...r.kernel.org
Subject: [PATCH] checkpatch: don't take signature to be part of the commit SHA

I had just received:
  $ scripts/checkpatch.pl 0001-splice-always-fsnotify_access-in-fsnotify_modify-out.patch
  WARNING: Please use correct Fixes: style 'Fixes: <12 chars of sha1> ("<title line>")' - ie: 'Fixes: gpg: Signatu (":35 CEST")'
  #25:
  Fixes: 983652c69199 ("splice: report related fsnotify events")

  total: 0 errors, 1 warnings, 60 lines checked

  NOTE: For some of the reported defects, checkpatch may be able to
        mechanically convert to the typical style using --fix or --fix-inplace.

  0001-splice-always-fsnotify_access-in-fsnotify_modify-out.patch has style problems, please review.

  NOTE: If any of the errors are false positives, please report
        them to the maintainer, see CHECKPATCH in MAINTAINERS.

This fails when the Fixes:ed SHAs are signed, since the output is
  $ git log --format='%H %s'
  gpg: Signature made Wed 28 Jun 2023 19:05:02 CEST
  gpg:                using RSA key 7D69474E84028C5CC0C44163BCFD0B018D2658F1
  gpg: Good signature from "наб <nabijaczleweli@...ijaczleweli.xyz>" [ultimate]
  gpg:                 aka "наб <nabijaczleweli@...il.com>" [ultimate]
  gpg:                 aka "nabijaczleweli <nabijaczleweli@...il.com>" [ultimate]
  53307062b2b644dc0de7bde916d6193492f37643 splice: fsnotify_access(in), fsnotify_modify(out) on success in tee
or
  $ git log --format='%H %s' 983652c69199
  gpg: Signature made Tue 04 Apr 2023 15:57:35 CEST
  gpg:                using EDDSA key 408734571EA70C78B332692891C61BC06578DCA2
  gpg: Can't check signature: No public key
  983652c691990b3257a07f67f4263eb847baa82d splice: report related fsnotify events

The fix mimicks what was done in commit f24fb53984cf ("perf tools: Don't
include signature in version strings"): just don't ask for the
signatures being validated.

With this, my patch passed validation.

Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@...ijaczleweli.xyz>
---
Grepped through for /log /, /show /, and /git_command/, and this
is all I found. Unsure if there's other git executions that need
to be fixed, tho.

 scripts/checkpatch.pl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index b30114d637c4..d3a682bc9c20 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -1164,7 +1164,7 @@ sub seed_camelcase_includes {
 	$camelcase_seeded = 1;
 
 	if (-e "$gitroot") {
-		my $git_last_include_commit = `${git_command} log --no-merges --pretty=format:"%h%n" -1 -- include`;
+		my $git_last_include_commit = `${git_command} log --no-show-signature --no-merges --pretty=format:"%h%n" -1 -- include`;
 		chomp $git_last_include_commit;
 		$camelcase_cache = ".checkpatch-camelcase.git.$git_last_include_commit";
 	} else {
@@ -1226,7 +1226,7 @@ sub git_commit_info {
 
 	return ($id, $desc) if ((which("git") eq "") || !(-e "$gitroot"));
 
-	my $output = `${git_command} log --no-color --format='%H %s' -1 $commit 2>&1`;
+	my $output = `${git_command} log --no-show-signature --no-color --format='%H %s' -1 $commit 2>&1`;
 	$output =~ s/^\s*//gm;
 	my @lines = split("\n", $output);
 
@@ -1277,7 +1277,7 @@ if ($git) {
 		} else {
 			$git_range = "-1 $commit_expr";
 		}
-		my $lines = `${git_command} log --no-color --no-merges --pretty=format:'%H %s' $git_range`;
+		my $lines = `${git_command} log --no-show-signature --no-color --no-merges --pretty=format:'%H %s' $git_range`;
 		foreach my $line (split(/\n/, $lines)) {
 			$line =~ /^([0-9a-fA-F]{40,40}) (.*)$/;
 			next if (!defined($1) || !defined($2));
-- 
2.39.2

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ