lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20171018145735.lpzwakatsty7emlw@linux.intel.com>
Date:   Wed, 18 Oct 2017 17:57:35 +0300
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     SF Markus Elfring <elfring@...rs.sourceforge.net>
Cc:     Mimi Zohar <zohar@...ux.vnet.ibm.com>,
        linux-integrity@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
        Julia Lawall <julia.lawall@...6.fr>,
        Alexander Steffen <Alexander.Steffen@...ineon.com>,
        linux-kernel@...r.kernel.org, kernel-janitors@...r.kernel.org,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>,
        Corentin Labbe <clabbe.montjoie@...il.com>,
        Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
        Jerry Snitselaar <jsnitsel@...hat.com>,
        Kenneth Goldman <kgold@...ux.vnet.ibm.com>,
        Michael Ellerman <mpe@...erman.id.au>,
        Nayna Jain <nayna@...ux.vnet.ibm.com>,
        Paul Mackerras <paulus@...ba.org>,
        Peter Hüwe <PeterHuewe@....de>,
        Stefan Berger <stefanb@...ux.vnet.ibm.com>
Subject: Re: char/tpm: Improve a size determination in nine functions

On Tue, Oct 17, 2017 at 08:41:04PM +0200, SF Markus Elfring wrote:
> Do you find my wording “This issue was detected by using the
> Coccinelle software.” insufficient?

This is fine for cover letter, not for the commits.

After your analysis software finds an issue you should manually analyze
what is wrong and document that to the commit message. This applies to
sparse, coccinelle or any other tool.

Tool-based commit messages are bad for commit history where as clean
description gives idea what was done (if you have to maintain a GIT
tree).

In my opinion tool is doing all the work but the part that you should do
is absent.

> Regards,
> Markus

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ