From 9971b3ada7d3002553dc9d078bc14f3b379249e5 Mon Sep 17 00:00:00 2001
From: Matthias Maennich <maennich@google.com>
Date: Tue, 28 May 2024 11:32:43 +0000
Subject: [PATCH] FROMLIST: kheaders: explicitly define file modes for archived
 headers

Build environments might be running with different umask settings
resulting in indeterministic file modes for the files contained in
kheaders.tar.xz. The file itself is served with 444, i.e. world
readable. Archive the files explicitly with 744,a+X to improve
reproducibility across build environments.

--mode=0444 is not suitable as directories need to be executable. Also,
444 makes it hard to delete all the readonly files after extraction.

Cc: <stable@vger.kernel.org>
Cc: <linux-kbuild@vger.kernel.org>
Cc: Masahiro Yamada <masahiroy@kernel.org>
Cc: Joel Fernandes <joel@joelfernandes.org>
Link: https://lore.kernel.org/r/20240528113243.827490-2-maennich@google.com
Bug: 342094847
Bug: 342393806
Change-Id: Ib206a6e0abfacf8132bfad8c43a62982062175fa
Signed-off-by: Matthias Maennich <maennich@google.com>
(cherry picked from commit 6820762b5e43ccdce6272b583e77dd728143f94c)
---
 kernel/gen_kheaders.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/gen_kheaders.sh b/kernel/gen_kheaders.sh
index bb8945ca53cd..25f958ffa37f 100755
--- a/kernel/gen_kheaders.sh
+++ b/kernel/gen_kheaders.sh
@@ -85,7 +85,7 @@ find $cpio_dir -type f -print0 |
 # pre-sorted, as --sort=name might not be available.
 find $cpio_dir -printf "./%P\n" | LC_ALL=C sort | \
     tar "${KBUILD_BUILD_TIMESTAMP:+--mtime=$KBUILD_BUILD_TIMESTAMP}" \
-    --owner=0 --group=0 --numeric-owner --no-recursion \
+    --owner=0 --group=0 --numeric-owner --no-recursion --mode=u=rw,go=r,a+X \
     -I $XZ -cf $tarfile -C $cpio_dir/ -T - > /dev/null
 
 echo $headers_md5 > kernel/kheaders.md5