lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.00.1601301311170.5958@tp.orcam.me.uk>
Date:	Sat, 30 Jan 2016 13:38:03 +0000
From:	"Maciej W. Rozycki" <macro@...tec.com>
To:	Alexander Kapshuk <alexander.kapshuk@...il.com>
CC:	Daniel Sanders <Daniel.Sanders@...tec.com>,
	James Hogan <James.Hogan@...tec.com>,
	"Michael S. Tsirkin" <mst@...hat.com>,
	LKML <linux-kernel@...r.kernel.org>,
	Michal Marek <mmarek@...e.com>,
	"linux-kbuild@...r.kernel.org" <linux-kbuild@...r.kernel.org>,
	Linux MIPS Mailing List <linux-mips@...ux-mips.org>,
	Ralf Baechle <ralf@...ux-mips.org>
Subject: Re: [PATCH] ld-version: fix it on Fedora

On Mon, 25 Jan 2016, Alexander Kapshuk wrote:

> > > At the moment, I'm wondering whether we really need to handle more 
> > > than three version number components. Another thought is that the 
> > > comparison could be inside ld-version.sh (or a replacement) so that 
> > > it can compare the array of version components directly instead of 
> > > using a constructed integer as a proxy.

 I don't think going beyond three version number components makes sense, 
to be honest.  Any such numbers will be non-standard third-party releases.  
Upstream binutils use a three-component versioning scheme.  Even the third 
component only makes sense because sometime we may actually rely on a bug 
fix first available with a maintenance release; these reach single-digit 
numbers only and hardly ever above 1 actually as another base release is 
usually made quickly enough (the usual schedule was annual, although as 
from 2.26, out last Monday, it has been switched to a semi-annual cycle).

> I put the latter of the two methods that worked for you it into a
> script, shown below:
> 
> #!/usr/bin/awk -f
> # extract linker version number from stdin and turn into single number
> 
> /[0-9]+([.]?[0-9]+)+/ && !/not found$/{
>     match($0, /[0-9]+([.]?[0-9]+)+/)
>     ver=substr($0,RSTART,RLENGTH)
>     split(ver, a, ".")
>     print a[1]*10000000 + a[2]*100000 + a[3]*1000
>     exit
> }
> 
> And tried it out on the following input:
> 
> % echo 2.24.51.20140217 | ld-version.sh
> 22451000

 So the above version is a non-release snapshot from the development tree 
as the repository trunk is switched to x.y+1.51 once a release branch for 
x.y has been made.  Then the release branch is switched to x.y-1.90 for 
prereleases, before settling on x.y or x.y.0 (this hasn't been consistent) 
for the actual base release.  Any subsequent maintenance releases will 
then have their version set to x.y.1, x.y.2, and so on.  We shouldn't ever 
rely on versions that are not proper releases.

> % echo 'GNU ld version 2.25-15.fc23' | ld-version.sh
> 22500000

 So this is a base 2.25 release (obviously with vendor patches, hopefully 
not breaking what we might rely on).

 FWIW,

  Maciej

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ