kbuild: do not include include/config/auto.conf from shell scripts
Richard Weinberger pointed out the risk of sourcing the kernel config
from shell scripts [1], and proposed some patches [2], [3]. It is a good
point, but it took a long time because I was wondering how to fix this.
This commit goes with simple grep approach because there are only a few
scripts including the kernel configuration.
scripts/link_vmlinux.sh has references to a bunch of CONFIG options,
all of which are boolean. I added is_enabled() helper as
scripts/package/{mkdebian,builddeb} do.
scripts/gen_autoksyms.sh uses 'eval', stating "to expand the whitelist
path". I removed it since it is the issue we are trying to fix.
I was a bit worried about the cost of invoking the grep command over
again. I extracted the grep parts from it, and measured the cost. It
was approximately 0.03 sec, which I hope is acceptable.
[test code]
$ cat test-grep.sh
#!/bin/sh
is_enabled() {
grep -q "^$1=y" include/config/auto.conf
}
is_enabled CONFIG_LTO_CLANG
is_enabled CONFIG_LTO_CLANG
is_enabled CONFIG_STACK_VALIDATION
is_enabled CONFIG_UNWINDER_ORC
is_enabled CONFIG_FTRACE_MCOUNT_USE_OBJTOOL
is_enabled CONFIG_VMLINUX_VALIDATION
is_enabled CONFIG_FRAME_POINTER
is_enabled CONFIG_GCOV_KERNEL
is_enabled CONFIG_LTO_CLANG
is_enabled CONFIG_RETPOLINE
is_enabled CONFIG_X86_SMAP
is_enabled CONFIG_LTO_CLANG
is_enabled CONFIG_VMLINUX_MAP
is_enabled CONFIG_KALLSYMS_ALL
is_enabled CONFIG_KALLSYMS_ABSOLUTE_PERCPU
is_enabled CONFIG_KALLSYMS_BASE_RELATIVE
is_enabled CONFIG_DEBUG_INFO_BTF
is_enabled CONFIG_KALLSYMS
is_enabled CONFIG_DEBUG_INFO_BTF
is_enabled CONFIG_BPF
is_enabled CONFIG_BUILDTIME_TABLE_SORT
is_enabled CONFIG_KALLSYMS
$ time ./test-grep.sh
real 0m0.036s
user 0m0.027s
sys m0.009s
[1]: https://lore.kernel.org/all/1919455.eZKeABUfgV@blindfold/
[2]: https://lore.kernel.org/all/20180219092245.26404-1-richard@nod.at/
[3]: https://lore.kernel.org/all/20210920213957.1064-2-richard@nod.at/
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Reviewed-by: Nicolas Schier <n.schier@avm.de>
3 files changed