lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <DFTTLB4I89PR.26SQVXWNG9U7@garyguo.net>
Date: Tue, 20 Jan 2026 23:54:07 +0000
From: "Gary Guo" <gary@...yguo.net>
To: "Ihor Solodrai" <ihor.solodrai@...ux.dev>,
 Thomas Weißschuh <linux@...ssschuh.net>, "Gary Guo"
 <gary@...yguo.net>
Cc: "Alexei Starovoitov" <ast@...nel.org>, "Daniel Borkmann"
 <daniel@...earbox.net>, "Andrii Nakryiko" <andrii@...nel.org>, "Martin
 KaFai Lau" <martin.lau@...ux.dev>, "Eduard Zingerman" <eddyz87@...il.com>,
 "Song Liu" <song@...nel.org>, "Yonghong Song" <yonghong.song@...ux.dev>,
 "John Fastabend" <john.fastabend@...il.com>, "KP Singh"
 <kpsingh@...nel.org>, "Stanislav Fomichev" <sdf@...ichev.me>, "Hao Luo"
 <haoluo@...gle.com>, "Jiri Olsa" <jolsa@...nel.org>, <bpf@...r.kernel.org>,
 <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] scripts/gen-btf.sh: fix shebang for NixOS

On Tue Jan 20, 2026 at 7:53 PM GMT, Ihor Solodrai wrote:
> On 1/20/26 11:38 AM, Thomas Weißschuh wrote:
>> On 2026-01-20 19:15:11+0000, Gary Guo wrote:
>>> On Tue Jan 20, 2026 at 6:59 PM GMT, Ihor Solodrai wrote:
>>>> On 1/20/26 10:20 AM, Gary Guo wrote:
>>>>> From: Gary Guo <gary@...yguo.net>
>>>>>
>>>>> NixOS only puts /usr/bin/env and /bin/sh at the standard location as
>>>>> required by POSIX, but not other shells. Other program that kernel build
>>>>> depends on is supplied via PATH, so shebang needs to use /usr/bin/env to
>>>>> find them.
>>>>>
>>>>> This has been done to a few other scripts already, e.g.
>>>>> gen_test_kallsyms.sh or decode_stacktrace.sh.
>>>>>
>>>>> Fixes: 522397d05e7d ("resolve_btfids: Change in-place update with raw binary output")
>>>>> Signed-off-by: Gary Guo <gary@...yguo.net>
>>>>> ---
>>>>>  scripts/gen-btf.sh | 2 +-
>>>>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/scripts/gen-btf.sh b/scripts/gen-btf.sh
>>>>> index be21ccee3487..4cd3159f2ddb 100755
>>>>> --- a/scripts/gen-btf.sh
>>>>> +++ b/scripts/gen-btf.sh
>>>>> @@ -1,4 +1,4 @@
>>>>> -#!/bin/bash
>>>>> +#!/usr/bin/env bash
>>>>>  # SPDX-License-Identifier: GPL-2.0
>>>>>  # Copyright (c) 2025 Meta Platforms, Inc. and affiliates.
>>>>>  #
>>>>>
>>>>> base-commit: 053966c344dbd346e71305f530e91ea77916189f
>>>>
>>>> Hi Gary, thanks for the patch.
>>>>
>>>> I'm guessing this came up because gen-btf.sh is part of the vmlinux
>>>> build, and link-vmlinux.sh has #!/bin/sh (not bash).
>>>
>>> My typical experience is that when I see an error about /bin/bash not found, I
>>> just use "bash <script path>" instead without putting much think into it.
>>>
>>> gen-btf.sh is part of build so I don't get to invoke the script directly, hence
>>> the patch.
>> 
>> For the build we have $(CONFIG_SHELL) to stick before the script.
>> It is only 'sh', but it is the well-known variable users know to
>> override. IMO all script invocations should use this mechanism.
>
> There are two places where gen-btf.sh is invoked.
>
> In link-vmlinux.sh:
>
> 	if ! ${srctree}/scripts/gen-btf.sh .tmp_vmlinux1; then
> 		echo >&2 "Failed to generate BTF for vmlinux"
> 		echo >&2 "Try to disable CONFIG_DEBUG_INFO_BTF"
> 		exit 1
> 	fi
>
> And in Makefile.modfinal:
>
> quiet_cmd_btf_ko = BTF [M] $@
>       cmd_btf_ko = 							\
> 	if [ ! -f $(objtree)/vmlinux ]; then				\
> 		printf "Skipping BTF generation for %s due to unavailability of vmlinux\n" $@ 1>&2; \
> 	else	\
> 		$(srctree)/scripts/gen-btf.sh --btf_base $(objtree)/vmlinux $@; \
> 	fi;
>
> So it's trivial to put $(CONFIG_SHELL) in front of it. But then it
> must be migrated to #!/bin/sh, right?

Documentation/kbuild/makefiles.rst says:

Make rules may invoke scripts to build the kernel. The rules shall
always provide the appropriate interpreter to execute the script. They
shall not rely on the execute bits being set, and shall not invoke the
script directly. For the convenience of manual script invocation, such
as invoking ./scripts/checkpatch.pl, it is recommended to set execute
bits on the scripts nonetheless.

Kbuild provides variables $(CONFIG_SHELL), $(AWK), $(PERL),
and $(PYTHON3) to refer to interpreters for the respective
scripts.

So I suppose it would need to migate to POSIX shell...

Best,
Gary

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ