Re: [RFC PATCH] kbuild: check uniqueness of basename of modules

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Kees Cook <keescook@chromium.org>
To: Masahiro Yamada <yamada.masahiro@socionext.com>
Cc: Linux Kbuild mailing list <linux-kbuild@vger.kernel.org>,
	Andrew Morton <akpm@linux-foundation.org>,
	Sam Ravnborg <sam@ravnborg.org>, Arnd Bergmann <arnd@arndb.de>,
	Greg KH <gregkh@linuxfoundation.org>,
	Jessica Yu <jeyu@kernel.org>,
	Lucas De Marchi <lucas.de.marchi@gmail.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Rusty Russell <rusty@rustcorp.com.au>,
	Michal Marek <michal.lkml@markovi.net>,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: [RFC PATCH] kbuild: check uniqueness of basename of modules
Date: Wed, 15 May 2019 11:38:26 -0700	[thread overview]
Message-ID: <201905151131.EBB45E5@keescook> (raw)
In-Reply-To: <CAK7LNARezpQgcK9O9K3ZFeebMVNroWStno_brvSLadsKXVfm-Q@mail.gmail.com>

On Thu, May 16, 2019 at 02:55:02AM +0900, Masahiro Yamada wrote:
> 
> On Thu, May 16, 2019 at 1:20 AM Kees Cook <keescook@chromium.org> wrote:
> >
> > On Wed, May 15, 2019 at 04:53:15PM +0900, Masahiro Yamada wrote:
> > > On Wed, May 15, 2019 at 4:40 PM Masahiro Yamada
> > > <yamada.masahiro@socionext.com> wrote:
> > > >
> > > > [...]
> > > > diff --git a/scripts/modules-check.sh b/scripts/modules-check.sh
> > > > new file mode 100755
> > > > index 000000000000..944e68bd22b0
> > > > --- /dev/null
> > > > +++ b/scripts/modules-check.sh
> > > > @@ -0,0 +1,18 @@
> > > > +#!/bin/sh
> > > > +# SPDX-License-Identifier: GPL-2.0
> > > > +
> > > > +# Warn if two or more modules have the same basename
> > > > +check_same_name_modules()
> > > > +{
> > > > +       same_name_modules=$(cat modules.order modules.builtin | \
> > > > +                               xargs basename -a | sort | uniq -d)
> >
> > While probably it'll never be a problem, just for robustness, I'd add "--"
> > to the end basename to terminate argument interpretation:
> >
> >     xargs basename -a -- | sort | ...
> 
> 
> Sorry for my ignorance, but could you
> teach me the effect of "--" ?
> 
> 
> I sometimes use "--" as a separator
> when there is ambiguity in arguments
> for example, "git log <revision> -- <path>"
> 
> 
> In this case, what is intended by "--"?

It means "end of arguments" so that whatever xargs passes into the
program aren't interpretted as an argument. In this case, if there was
a module path somehow ever named --weird/build/path/foo.o, xargs would
launch basename as:

	basename -a --weird/build/path/foo.o

and basename would fail since it didn't recognize the argument. Having
"--" will stop argument parsing:

	basename -a -- --weird/build/path/foo.o

This is just a robustness suggestion that I always recommend for xargs
piping, since this can turn into a security flaw (though not here) when
an argument may have behavioral side-effects. So, it's just a thing that
always jumps out at me, though in this particular case I don't think
we could ever see it cause a problem, but better to always write these
xargs patterns as safely as possible.

-- 
Kees Cook

next prev parent reply	other threads:[~2019-05-15 18:38 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-15  7:38 [RFC PATCH] kbuild: check uniqueness of basename of modules Masahiro Yamada
2019-05-15  7:53 ` Masahiro Yamada
2019-05-15 16:20   ` Kees Cook
2019-05-15 17:55     ` Masahiro Yamada
2019-05-15 18:38       ` Kees Cook [this message]
2019-05-17  3:39         ` Masahiro Yamada
2019-05-16  9:00       ` David Laight
2019-05-16  9:38         ` Masahiro Yamada
2019-05-15  8:08 ` Arnd Bergmann
2019-05-15  8:14   ` Greg KH
2019-05-15  8:57     ` Masahiro Yamada
2019-05-15 11:31       ` Greg KH
2019-05-15 11:42         ` Masahiro Yamada
2019-05-15 18:07 ` Masahiro Yamada
2019-05-15 18:31   ` Kees Cook
2019-05-17  3:37     ` Masahiro Yamada

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=201905151131.EBB45E5@keescook \
    --to=keescook@chromium.org \
    --cc=akpm@linux-foundation.org \
    --cc=arnd@arndb.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=jeyu@kernel.org \
    --cc=linux-kbuild@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=lucas.de.marchi@gmail.com \
    --cc=michal.lkml@markovi.net \
    --cc=rusty@rustcorp.com.au \
    --cc=sam@ravnborg.org \
    --cc=torvalds@linux-foundation.org \
    --cc=yamada.masahiro@socionext.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.