1. Patchew
  2. linux
  3. View series

[PATCH] kheaders: explicitly define file modes for archived headers

Matthias Männich posted 1 patch 1 year, 6 months ago 
kernel/gen_kheaders.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH] kheaders: explicitly define file modes for archived headers
Posted by Matthias Männich 1 year, 6 months ago 
From: Matthias Maennich <maennich@google.com>

Build environments might be running with different umask settings
resulting in indeterministic file modes for the files contained in
kheaders.tar.xz. The file itself is served with 444, i.e. world
readable. Archive the files explicitly with 744,a+X to improve
reproducibility across build environments.

--mode=0444 is not suitable as directories need to be executable. Also,
444 makes it hard to delete all the readonly files after extraction.

Cc: stable@vger.kernel.org
Cc: linux-kbuild@vger.kernel.org
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Joel Fernandes <joel@joelfernandes.org>
Signed-off-by: Matthias Maennich <maennich@google.com>
---
 kernel/gen_kheaders.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh
index 6d443ea22bb7..8b6e0c2bc0df 100755
--- a/kernel/gen_kheaders.sh
+++ b/kernel/gen_kheaders.sh
@@ -84,7 +84,7 @@ find $cpio_dir -type f -print0 |
 
 # Create archive and try to normalize metadata for reproducibility.
 tar "${KBUILD_BUILD_TIMESTAMP:+--mtime=$KBUILD_BUILD_TIMESTAMP}" \
-    --owner=0 --group=0 --sort=name --numeric-owner \
+    --owner=0 --group=0 --sort=name --numeric-owner --mode=u=rw,go=r,a+X \
     -I $XZ -cf $tarfile -C $cpio_dir/ . > /dev/null
 
 echo $headers_md5 > kernel/kheaders.md5
-- 
2.45.1.288.g0e0cd299f1-goog
Re: [PATCH] kheaders: explicitly define file modes for archived headers
Posted by Masahiro Yamada 1 year, 6 months ago 
On Tue, May 28, 2024 at 8:33 PM Matthias Männich <maennich@google.com> wrote:
>
> From: Matthias Maennich <maennich@google.com>
>
> Build environments might be running with different umask settings
> resulting in indeterministic file modes for the files contained in
> kheaders.tar.xz. The file itself is served with 444, i.e. world
> readable. Archive the files explicitly with 744,a+X to improve
> reproducibility across build environments.
>
> --mode=0444 is not suitable as directories need to be executable. Also,
> 444 makes it hard to delete all the readonly files after extraction.
>
> Cc: stable@vger.kernel.org
> Cc: linux-kbuild@vger.kernel.org
> Cc: Masahiro Yamada <masahiroy@kernel.org>
> Cc: Joel Fernandes <joel@joelfernandes.org>
> Signed-off-by: Matthias Maennich <maennich@google.com>
> ---

Applied to linux-kbuild.
Thanks!



-- 
Best Regards
Masahiro Yamada

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.