From: David Laight <David.Laight@ACULAB.COM>
To: 'Bhaskar Chowdhury' <unixbhaskar@gmail.com>,
"masahiroy@kernel.org" <masahiroy@kernel.org>,
"nicolas@fjasle.eu" <nicolas@fjasle.eu>
Cc: "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-kbuild@vger.kernel.org" <linux-kbuild@vger.kernel.org>
Subject: RE: [PATCH] Kbuild: Elevate sha1sum to sha256sum for atomic headers check
Date: Fri, 17 Mar 2023 08:58:09 +0000 [thread overview]
Message-ID: <0bbdd88ca0cb465a85d7b90ebacb5e83@AcuMS.aculab.com> (raw)
In-Reply-To: <20230315130518.4496-1-unixbhaskar@gmail.com>
From: Bhaskar Chowdhury
> Sent: 15 March 2023 13:05
>
> Thought it would be a good idea to use a elevated mechanism i.e sha256sum
How can this change possibly work.
It is just a list of definitions read by another makefile.
You've changed the name of a definition without changing where it is used.
Also if the code is looking for a change, you'd need to change
what it is compared against.
In any case no one is worried about malicious attempts to change
things without being noticed, even sha1 is OTT.
David
>
> Signed-off-by: Bhaskar Chowdhury <unixbhaskar@gmail.com>
> ---
> Kbuild | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/Kbuild b/Kbuild
> index 464b34a08f51..b74040346d76 100644
> --- a/Kbuild
> +++ b/Kbuild
> @@ -45,14 +45,14 @@ missing-syscalls: scripts/checksyscalls.sh $(offsets-file)
>
> # Check the manual modification of atomic headers
>
> -quiet_cmd_check_sha1 = CHKSHA1 $<
> - cmd_check_sha1 = \
> - if ! command -v sha1sum >/dev/null; then \
> - echo "warning: cannot check the header due to sha1sum missing"; \
> +quiet_cmd_check_sha256 = CHKSHA256 $<
> + cmd_check_sha256 = \
> + if ! command -v sha256sum >/dev/null; then \
> + echo "warning: cannot check the header due to sha256sum missing"; \
> exit 0; \
> fi; \
> if [ "$$(sed -n '$$s:// ::p' $<)" != \
> - "$$(sed '$$d' $< | sha1sum | sed 's/ .*//')" ]; then \
> + "$$(sed '$$d' $< | sha256sum | sed 's/ .*//')" ]; then \
> echo "error: $< has been modified." >&2; \
> exit 1; \
> fi; \
> --
> 2.39.2
-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)
next prev parent reply other threads:[~2023-03-17 9:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-15 13:05 [PATCH] Kbuild: Elevate sha1sum to sha256sum for atomic headers check Bhaskar Chowdhury
2023-03-17 8:58 ` David Laight [this message]
2023-03-18 3:26 ` Bhaskar Chowdhury
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0bbdd88ca0cb465a85d7b90ebacb5e83@AcuMS.aculab.com \
--to=david.laight@aculab.com \
--cc=linux-kbuild@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=nicolas@fjasle.eu \
--cc=unixbhaskar@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox