lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 19 Aug 2021 12:19:41 -0700
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     "Gustavo A. R. Silva" <gustavoars@...nel.org>
Cc:     Kees Cook <keescook@...omium.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Nathan Chancellor <nathan@...nel.org>,
        Nick Desaulniers <ndesaulniers@...gle.com>,
        linux-hardening@...r.kernel.org
Subject: Re: [GIT PULL] Enable -Wimplicit-fallthrough for Clang for 5.14-rc7

On Wed, Aug 18, 2021 at 9:02 PM Gustavo A. R. Silva
<gustavoars@...nel.org> wrote:
>
> Enable -Wimplicit-fallthrough for Clang for 5.14-rc7

No. Much too late in the release, particularly knowing that we have
Clang pre-releases that claim to be 14.0.0 and get this wrong.

So no way does this happen like this.

That's doubly true since the clang support for this all adds exactly
_zero_ upside, only downside: we made the gcc checks be stricter, and
gcc ends up having (a) more wide coverage and (b) doesn't have the
bugs clang has.

Honestly, I think the clang "version 14 or more" check is simply
buggy. We *know* that check fails. Don't do it.

Make it "strictly more than 14.0.0" which hopefully doesn't fail, is
cheap and easy, and which will make clang work correctly in the not
too distant future.

In the meantime, we have the gcc checks,  and we'll have a release
without pointless warnings from garbage clang versions.

                Linus

Powered by blists - more mailing lists