lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Mon, 1 Jul 2024 21:07:06 +0200
From: Nicolas Schier <nicolas@...sle.eu>
To: Uwe Kleine-König <u.kleine-koenig@...libre.com>
Cc: Paul Menzel <pmenzel@...gen.mpg.de>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Ahmad Fatoum <a.fatoum@...gutronix.de>,
	Masahiro Yamada <masahiroy@...nel.org>, kernel@...gutronix.de,
	it+linux-kconfig@...gen.mpg.de, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lib/build_OID_registry: Avoid non-destructive
 substitution for Perl < 5.13.2 compat

On Mon, Jul 01, 2024 at 08:01:46PM +0200, Uwe Kleine-König wrote:
> Hello Paul,
> 
> On Mon, Jul 01, 2024 at 05:58:01PM +0200, Paul Menzel wrote:
> > On a system with Perl 5.12.1, commit 5ef6dc08cfde
> > ("lib/build_OID_registry: don't mention the full path of the script in
> > output") causes the build to fail with the error below.
> > 
> >      Bareword found where operator expected at ./lib/build_OID_registry line 41, near "s#^\Q$abs_srctree/\E##r"
> >      syntax error at ./lib/build_OID_registry line 41, near "s#^\Q$abs_srctree/\E##r"
> >      Execution of ./lib/build_OID_registry aborted due to compilation errors.
> >      make[3]: *** [lib/Makefile:352: lib/oid_registry_data.c] Error 255
> > 
> > Ahmad Fatoum analyzed that non-destructive substitution is only supported since
> > Perl 5.13.2. Instead of dropping `r` and having the side effect of modifying
> > `$0`, introduce a dedicated variable to support older Perl versions.
> > 
> > Fixes: 5ef6dc08cfde ("lib/build_OID_registry: don't mention the full path of
> > the script in output")
> 
> No real objection from my side. But if this is an issue for you, I
> recommend to upgrade your build system. Looking at Debian releases
> (because they are known for their up-to-date software) and their
> included versions of Perl, we have:
> 
> 	release  | releaseno | Perl version | release date
> 	---------+-----------+--------------+-------------------
> 	squeeze  |     6     |    5.10.1    | February 6th, 2011
> 	wheezy   |     7     |    5.14.2    | May 4th, 2013
> 	jessie   |     8     |    5.20.2    | April 26th, 2015
> 	stretch  |     9     |    5.24.1    | June 17th, 2017
> 	buster   |    10     |    5.28.1    | July 6th, 2019
> 	bullseye |    11     |    5.32.1    | August 14th, 2021
> 	bookworm |    12     |    5.36.0    | June 10th, 2023
> 
> So wheezy is new enough, and that's 11 years old.
> Perl 5.13.2 was released June 22, 2010---that's 14 years ago.
> 
> I don't know about your build environment, but I wonder if a system that
> old can really build a recent kernel (if the patch under discussion is
> applied).

I think, extending support by 6 weeks from Perl 5.13.2 (2010-06-22) to
Perl 5.12.1 (2010-05-16) [1] sounds a bit strange.  I'd like to remember
that Masahiro recommended to just remove the script name from the
generated comment [2].

Would you mind satifying my curiosity: what distribution are you using?

Kind regards,
Nicolas


[1]: https://dev.perl.org/perl5/news/
[2]: https://lore.kernel.org/linux-kbuild/CAK7LNASa-KedA_CTww6unckAGkJCQTctdbk0d-MUsN7wQpM=kQ@mail.gmail.com/

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ