Re: [PATCH v5 13/14] kbuild: move handling of module stripping to Makefile.lib

[sashiko-bot@kernel.org]

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [High] Reusing `INSTALL_MOD_STRIP` in the build phase violates the separation of build and install phases, breaking standard user workflows and core kernel packaging scripts.
--

commit 82e978c8789922dfed0ff25bf7970d67d952508d
Author: Thomas Weißschuh <linux@weissschuh.net>

kbuild: move handling of module stripping to Makefile.lib

This commit moves the INSTALL_MOD_STRIP logic to Makefile.lib so that it
can be reused by Makefile.modfinal, allowing CONFIG_MODULE_HASHES in
combination with module stripping.

> To allow CONFIG_MODULE_HASHES in combination with INSTALL_MOD_STRIP,
> this logc will also be used by Makefile.modfinal.

This isn't a bug, but there's a typo (logc) in the commit message.

More importantly, does evaluating INSTALL_MOD_STRIP during the build phase
(Makefile.modfinal) violate the separation of the build and install phases?

INSTALL_MOD_STRIP is traditionally an install-phase variable passed strictly
to make modules_install (e.g., make INSTALL_MOD_STRIP=1 modules_install).

Core kernel packaging scripts heavily rely on passing INSTALL_MOD_STRIP only
during the install phase. For example, scripts/package/builddeb executes:
make -f Makefile INSTALL_MOD_PATH="..." INSTALL_MOD_STRIP=1 modules_install
during debian/rules binary, while the build phase runs without this variable.
Similar logic exists in Arch PKGBUILD and RPM kernel.spec.

If build tools do not export INSTALL_MOD_STRIP during the build phase,
relying on it during Makefile.modfinal will mean the build phase and
install phase have different views of the variable. If a subsequent commit
enforces that the build-time and install-time values of INSTALL_MOD_STRIP
must match, wouldn't this break package build targets like make bindeb-pkg
or make rpm-pkg?

If build-phase module stripping is required to support hashes, should this
be governed by a dedicated build-time Kconfig option, rather than
repurposing an install-time Kbuild environment variable?

> diff --git a/scripts/Makefile.lib b/scripts/Makefile.lib
> --- a/scripts/Makefile.lib
> +++ b/scripts/Makefile.lib

[ ... ]

> +# Module Strip
> +# ---------------------------------------------------------------------------
> +#
> +# INSTALL_MOD_STRIP, if defined, will cause modules to be stripped after they
> +# are installed. If INSTALL_MOD_STRIP is '1', then the default option
> +# --strip-debug will be used. Otherwise, INSTALL_MOD_STRIP value will be used
> +# as the options to the strip command.
> +ifeq ($(INSTALL_MOD_STRIP),1)
> +mod-strip-option := --strip-debug
> +else
> +mod-strip-option := $(INSTALL_MOD_STRIP)
> +endif

Since this is now in Makefile.lib and evaluated during both build and install,
can this cause inconsistencies if users run a standard workflow like:

make
sudo make INSTALL_MOD_STRIP=1 modules_install

Will the build phase have generated hashes based on unstripped modules,
rendering the hashes invalid when the modules are later stripped during
installation?

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260505-module-hashes-v5-0-e174a5a49fce@weissschuh.net?part=13