| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1501091840.1196.12.camel@gmail.com>
Date: Wed, 26 Jul 2017 13:57:20 -0400
From: Daniel Micay <danielmicay@...il.com>
To: Kees Cook <keescook@...omium.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Dan Williams <dan.j.williams@...el.com>,
Mika Westerberg <mika.westerberg@...ux.intel.com>,
Al Viro <viro@...iv.linux.org.uk>,
David Howells <dhowells@...hat.com>,
Heikki Krogerus <heikki.krogerus@...ux.intel.com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Mauro Carvalho Chehab <mchehab@...nel.org>,
LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] fortify: Use WARN instead of BUG for now
> Maybe we could do two phases? One to s/BUG/WARN/ and the second to
> improve the message?
s/fortify_panic/fortify_overflow/ + use WARN + remove __noreturn makes
sense as one commit. Still think the *option* of __noreturn + BUG should
be kept there even just for measuring the size overhead. !COMPILE_TIME
&& EXPERT if it needs to be for now. If you're fully removing __noreturn
then the entry in tools/objtool/check.c for __noreturn functions also
won't make sense (either way it needs to use the new name).
I think improving error messages should be done a bit differently though
and it'll be easier to not tie these things together.
Powered by blists - more mailing lists