[PATCH v2] kbuild: Don't source kernel config

From: Richard Weinberger
Date: Mon Feb 19 2018 - 04:21:50 EST

Next message: Lee Jones: "Re: [RESEND PATCH v5 2/5] dt-bindings: pwm-backlight: add PWM delay proprieties."
Previous message: Peter Zijlstra: "Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware"
Next in thread: Masahiro Yamada: "Re: [PATCH v2] kbuild: Don't source kernel config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Don't source the kernel config file in shell scripts.
The config file is not a shell script and often imported from untrusted
sources.
What could possible go wrong? ;-)

Instead, read config file line by line and access config entries using a bash
array.

Cc: Sam Ravnborg <sam@xxxxxxxxxxxx>
Cc: Arnaud Lacombe <lacombar@xxxxxxxxx>
Cc: Nick Bowler <nbowler@xxxxxxxxxxxxxxxx>
Cc: Michal Marek <mmarek@xxxxxxx>
Cc: Nicolas Pitre <nico@xxxxxxxxxx>
Cc: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
Fixes: 23121ca2b56b ("kbuild: create/adjust generated/autoksyms.h")
Fixes: 1f2bfbd00e46 ("kbuild: link of vmlinux moved to a script")
Signed-off-by: Richard Weinberger <richard@xxxxxx>
---
Changes since v1:
- Fixed out of tree build
---
scripts/adjust_autoksyms.sh | 13 +++----------
scripts/importkconf.sh | 14 ++++++++++++++
scripts/link-vmlinux.sh | 23 ++++++++---------------
3 files changed, 25 insertions(+), 25 deletions(-)
create mode 100755 scripts/importkconf.sh

diff --git a/scripts/adjust_autoksyms.sh b/scripts/adjust_autoksyms.sh
index 513da1a4a2da..b72a8a0bf08a 100755
--- a/scripts/adjust_autoksyms.sh
+++ b/scripts/adjust_autoksyms.sh
@@ -39,14 +39,7 @@ case "$KBUILD_VERBOSE" in
esac

# We need access to CONFIG_ symbols
-case "${KCONFIG_CONFIG}" in
-*/*)
- . "${KCONFIG_CONFIG}"
- ;;
-*)
- # Force using a file from the current directory
- . "./${KCONFIG_CONFIG}"
-esac
+. ${KBUILD_SRC}/scripts/importkconf.sh

# In case it doesn't exist yet...
if [ -e "$cur_ksyms_file" ]; then touch "$cur_ksyms_file"; fi
@@ -62,14 +55,14 @@ EOT
[ "$(ls -A "$MODVERDIR")" ] &&
sed -ns -e '3{s/ /\n/g;/^$/!p;}' "$MODVERDIR"/*.mod | sort -u |
while read sym; do
- if [ -n "$CONFIG_HAVE_UNDERSCORE_SYMBOL_PREFIX" ]; then
+ if [ -n "${KERNEL_CONFIG[CONFIG_HAVE_UNDERSCORE_SYMBOL_PREFIX]}" ]; then
sym="${sym#_}"
fi
echo "#define __KSYM_${sym} 1"
done >> "$new_ksyms_file"

# Special case for modversions (see modpost.c)
-if [ -n "$CONFIG_MODVERSIONS" ]; then
+if [ -n "${KERNEL_CONFIG[CONFIG_MODVERSIONS]}" ]; then
echo "#define __KSYM_module_layout 1" >> "$new_ksyms_file"
fi

diff --git a/scripts/importkconf.sh b/scripts/importkconf.sh
new file mode 100755
index 000000000000..755a9a2e9c65
--- /dev/null
+++ b/scripts/importkconf.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+#
+# helper script which reads all kconfig keys from the kernel .config file into
+# a bash associative array.
+# By testing ${KERNEL_CONFIG[CONFIG_FOO_BAR]} shell scripts can check whether
+# CONFIG_FOO_BAR is set in .config or not.
+#
+
+declare -A KERNEL_CONFIG
+
+for cfg_ent in $(awk -F= '/^CONFIG_[A-Z0-9_]+=/{print $1}' < ${KCONFIG_CONFIG})
+do
+ KERNEL_CONFIG[${cfg_ent}]="$cfg_ent"
+done
diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh
index c0d129d7f430..f48231f16c2f 100755
--- a/scripts/link-vmlinux.sh
+++ b/scripts/link-vmlinux.sh
@@ -55,7 +55,7 @@ info()
#
archive_builtin()
{
- if [ -n "${CONFIG_THIN_ARCHIVES}" ]; then
+ if [ -n "${KERNEL_CONFIG[CONFIG_THIN_ARCHIVES]}" ]; then
info AR built-in.o
rm -f built-in.o;
${AR} rcsTP${KBUILD_ARFLAGS} built-in.o \
@@ -70,7 +70,7 @@ modpost_link()
{
local objects

- if [ -n "${CONFIG_THIN_ARCHIVES}" ]; then
+ if [ -n "${KERNEL_CONFIG[CONFIG_THIN_ARCHIVES]}" ]; then
objects="--whole-archive \
built-in.o \
--no-whole-archive \
@@ -96,7 +96,7 @@ vmlinux_link()
local objects

if [ "${SRCARCH}" != "um" ]; then
- if [ -n "${CONFIG_THIN_ARCHIVES}" ]; then
+ if [ -n "${KERNEL_CONFIG[CONFIG_THIN_ARCHIVES]}" ]; then
objects="--whole-archive \
built-in.o \
--no-whole-archive \
@@ -116,7 +116,7 @@ vmlinux_link()
${LD} ${LDFLAGS} ${LDFLAGS_vmlinux} -o ${2} \
-T ${lds} ${objects}
else
- if [ -n "${CONFIG_THIN_ARCHIVES}" ]; then
+ if [ -n "${KERNEL_CONFIG[CONFIG_THIN_ARCHIVES]}" ]; then
objects="-Wl,--whole-archive \
built-in.o \
-Wl,--no-whole-archive \
@@ -226,14 +226,7 @@ if [ "$1" = "clean" ]; then
fi

# We need access to CONFIG_ symbols
-case "${KCONFIG_CONFIG}" in
-*/*)
- . "${KCONFIG_CONFIG}"
- ;;
-*)
- # Force using a file from the current directory
- . "./${KCONFIG_CONFIG}"
-esac
+. ${KBUILD_SRC}/scripts/importkconf.sh

# Update version
info GEN .version
@@ -259,7 +252,7 @@ ${MAKE} -f "${srctree}/scripts/Makefile.modpost" vmlinux.o

kallsymso=""
kallsyms_vmlinux=""
-if [ -n "${CONFIG_KALLSYMS}" ]; then
+if [ -n "${KERNEL_CONFIG[CONFIG_KALLSYMS]}" ]; then

# kallsyms support
# Generate section listing all symbols and add it into vmlinux
@@ -312,7 +305,7 @@ fi
info LD vmlinux
vmlinux_link "${kallsymso}" vmlinux

-if [ -n "${CONFIG_BUILDTIME_EXTABLE_SORT}" ]; then
+if [ -n "${KERNEL_CONFIG[CONFIG_BUILDTIME_EXTABLE_SORT]}" ]; then
info SORTEX vmlinux
sortextable vmlinux
fi
@@ -321,7 +314,7 @@ info SYSMAP System.map
mksysmap vmlinux System.map

# step a (see comment above)
-if [ -n "${CONFIG_KALLSYMS}" ]; then
+if [ -n "${KERNEL_CONFIG[CONFIG_KALLSYMS]}" ]; then
mksysmap ${kallsyms_vmlinux} .tmp_System.map

if ! cmp -s System.map .tmp_System.map; then
--
2.13.6

Next message: Lee Jones: "Re: [RESEND PATCH v5 2/5] dt-bindings: pwm-backlight: add PWM delay proprieties."
Previous message: Peter Zijlstra: "Re: [tip:x86/pti] x86/speculation: Use IBRS if available before calling into firmware"
Next in thread: Masahiro Yamada: "Re: [PATCH v2] kbuild: Don't source kernel config"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]