diff options
| author | Matthias Maennich <maennich@google.com> | 2024-05-28 11:32:43 +0000 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2024-06-27 13:46:24 +0200 |
| commit | 5efe0b5deb0cb4a33798bcaabd786925d3ffcaa3 (patch) | |
| tree | eb54bbdfa898996f2261752398f6306733d40bfd | |
| parent | f0b5d1d9feee6baaa700b2f3cb25ee0f87b51273 (diff) | |
kheaders: explicitly define file modes for archived headers
[ Upstream commit 3bd27a847a3a4827a948387cc8f0dbc9fa5931d5 ]
Build environments might be running with different umask settings
resulting in indeterministic file modes for the files contained in
kheaders.tar.xz. The file itself is served with 444, i.e. world
readable. Archive the files explicitly with 744,a+X to improve
reproducibility across build environments.
--mode=0444 is not suitable as directories need to be executable. Also,
444 makes it hard to delete all the readonly files after extraction.
Cc: stable@vger.kernel.org
Signed-off-by: Matthias Maennich <maennich@google.com>
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
| -rwxr-xr-x | kernel/gen_kheaders.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh index 99422673a782..12bcd08fe79d 100755 --- a/kernel/gen_kheaders.sh +++ b/kernel/gen_kheaders.sh @@ -82,7 +82,7 @@ find $cpio_dir -type f -print0 | # Create archive and try to normalize metadata for reproducibility. tar "${KBUILD_BUILD_TIMESTAMP:+--mtime=$KBUILD_BUILD_TIMESTAMP}" \ - --owner=0 --group=0 --sort=name --numeric-owner \ + --owner=0 --group=0 --sort=name --numeric-owner --mode=u=rw,go=r,a+X \ -I $XZ -cf $tarfile -C $cpio_dir/ . > /dev/null echo $headers_md5 > kernel/kheaders.md5 |