lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <A05C31E6-7AD2-482A-B590-A5ED57D028B3@intel.com>
Date:	Mon, 22 Sep 2014 21:50:54 +0000
From:	"Rustad, Mark D" <mark.d.rustad@...el.com>
To:	Borislav Petkov <bp@...en8.de>
CC:	"Kirsher, Jeffrey T" <jeffrey.t.kirsher@...el.com>,
	"sparse@...isli.org" <sparse@...isli.org>,
	"linux-sparse@...r.kernel.org" <linux-sparse@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 0/7] Silence even more W=2 warnings

On Sep 22, 2014, at 1:33 PM, Borislav Petkov <bp@...en8.de> wrote:

> Btw, out of curiosity, what is your use case for staring at those W=2
> warnings?

I know no one cares about out-of-tree drivers, but I have a hack that
allows building out-of-tree drivers without getting warnings from the
kernel includes. We do an automated compile of every patch with W=12
and expect clean compiles.

It would be nice to compile drivers in-tree and have a similar expectation.
I guess a similar hack could be developed, but since we are contributing
upstream, I would rather uncover any potential issues that may exist, even
if they aren't in the driver. The hack would tend to cover up such issues.
This is definitely NOT about covering up things that could be problems!

> In thinking about it, what we could also do is simply move the noisiest
> ones to W=3 or so, or even add another W= level. It'll be interesting to
> hear your use case though. AFAICT, this is the first time I hear of a
> more, let's say, serious use case of W= since we added the W= things a
> couple of years ago. :-)

Well, I have W=1 in my environment, so I don't even have to ask for it, I
just get it. W=12 is just insane, or I would use that all the time. I think
it would be nice for new code, or at least new drivers, to compile clean with
W=12, but that isn't possible when the kernel includes throw so many warnings.

Nested-externs, for example, can catch people gratuitously providing a
function prototype that could become a hazard, but some use of that may
be justified. The macros provide a way to specifically allow certain
instances while generally discouraging it. Of course if you never use
W=2 you may never catch those gratuitous declarations.

> Thanks.

Hopefully the discussion is somewhat useful.

-- 
Mark Rustad, Networking Division, Intel Corporation


Download attachment "signature.asc" of type "application/pgp-signature" (842 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ