[Linux-kernel-mentees] [RFC PATCH] checkpatch: add shebang check to EXECUTE_PERMISSIONS

Lukas Bulwahn lukas.bulwahn at gmail.com
Mon Oct 12 05:25:01 UTC 2020


Please add linux-kernel at vger.kernel.org (lkml) to the recipient list.

On Mon, Oct 12, 2020 at 6:37 AM Ujjwal Kumar <ujjwalkumar0501 at gmail.com> wrote:
>
> checkpatch.pl checks for invalid EXECUTE_PERMISSIONS on source
> files. The script leverages filename extensions and its path in
> the repository to decide whether to allow execute permissions on
> the file or not.
>
> Based on current check conditions, a perl script file having
> execute permissions, without '.pl' extension in its filename
> and not belonging to 'scripts/' directory is reported as ERROR
> which is a false-positive.
>

s/false-positive/false positive/

> Adding a shebang check along with current conditions will make
> the check more generalised and improve checkpatch reports.
> To do so, without breaking the core design decision of checkpatch,
> we can fetch the first line from the patch itself and match it for
> a shebang pattern.
>
> There can be cases where the first line is not part of the patch.
> In that case there may be a false-positive report but in the end we
> will have less false-positives as we will be handling some of the
> unhandled cases.
>
> Signed-off-by: Ujjwal Kumar <ujjwalkumar0501 at gmail.com>
> ---
>  scripts/checkpatch.pl | 19 +++++++++++++++++++
>  1 file changed, 19 insertions(+)
>
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> index fab38b493cef..e596d30794bf 100755
> --- a/scripts/checkpatch.pl
> +++ b/scripts/checkpatch.pl
> @@ -1795,6 +1795,23 @@ sub get_stat_here {
>         return $herectx;
>  }
>
> +sub get_shebang {
> +       my ($linenr, $realfile) = @_;
> +       my $rawline = "";
> +       my $shebang = "";
> +
> +       $rawline = raw_line($linenr, 3);
> +       if (defined $rawline &&
> +               $rawline =~ /^\@\@ -\d+(?:,\d+)? \+(\d+)(,(\d+))? \@\@/) {
> +               if (defined $1 && $1 == 1) {
> +                       $shebang = raw_line($linenr, 4);
> +                       $shebang = substr $shebang, 1;
> +               }
> +       }
> +
> +       return $shebang;
> +}
> +
>  sub cat_vet {
>         my ($vet) = @_;
>         my ($res, $coded);
> @@ -2680,7 +2697,9 @@ sub process {
>  # Check for incorrect file permissions
>                 if ($line =~ /^new (file )?mode.*[7531]\d{0,2}$/) {
>                         my $permhere = $here . "FILE: $realfile\n";
> +                       my $shebang = get_shebang($linenr, $realfile);
>                         if ($realfile !~ m at scripts/@ &&
> +                           $shebang !~ /^#!\s*(\/\w)+.*/ &&
>                             $realfile !~ /\.(py|pl|awk|sh)$/) {
>                                 ERROR("EXECUTE_PERMISSIONS",
>                                       "do not set execute permissions for source files\n" . $permhere);
>
> base-commit: d67bc7812221606e1886620a357b13f906814af7
> --
> 2.26.2
>


More information about the Linux-kernel-mentees mailing list