| Message ID | 20240528113243.827490-2-maennich@google.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | kheaders: explicitly define file modes for archived headers | expand |
On Tue, May 28, 2024 at 8:33 PM Matthias Männich <maennich@google.com> wrote: > > From: Matthias Maennich <maennich@google.com> > > Build environments might be running with different umask settings > resulting in indeterministic file modes for the files contained in > kheaders.tar.xz. The file itself is served with 444, i.e. world > readable. Archive the files explicitly with 744,a+X to improve > reproducibility across build environments. > > --mode=0444 is not suitable as directories need to be executable. Also, > 444 makes it hard to delete all the readonly files after extraction. > > Cc: stable@vger.kernel.org > Cc: linux-kbuild@vger.kernel.org > Cc: Masahiro Yamada <masahiroy@kernel.org> > Cc: Joel Fernandes <joel@joelfernandes.org> > Signed-off-by: Matthias Maennich <maennich@google.com> > --- Applied to linux-kbuild. Thanks!
diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh index 6d443ea22bb7..8b6e0c2bc0df 100755 --- a/kernel/gen_kheaders.sh +++ b/kernel/gen_kheaders.sh @@ -84,7 +84,7 @@ find $cpio_dir -type f -print0 | # Create archive and try to normalize metadata for reproducibility. tar "${KBUILD_BUILD_TIMESTAMP:+--mtime=$KBUILD_BUILD_TIMESTAMP}" \ - --owner=0 --group=0 --sort=name --numeric-owner \ + --owner=0 --group=0 --sort=name --numeric-owner --mode=u=rw,go=r,a+X \ -I $XZ -cf $tarfile -C $cpio_dir/ . > /dev/null echo $headers_md5 > kernel/kheaders.md5