lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <9d20d06ea2b92e6b66f0a2dc58f8b191fd7778ce.camel@perches.com>
Date:   Sat, 15 Dec 2018 09:45:00 -0800
From:   Joe Perches <joe@...ches.com>
To:     Andrew Morton <akpm@...ux-foundation.org>,
        Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@...aro.org>
Cc:     gregkh@...uxfoundation.org, himanshujha199640@...il.com,
        apw@...onical.com, linux-kernel@...r.kernel.org,
        niklas.cassel@...aro.org, corbet@....net, linux-doc@...r.kernel.org
Subject: Re: [PATCH 2/2] checkpatch: add Co-developed-by to signature tags

On Fri, 2018-12-14 at 12:16 -0800, Andrew Morton wrote:
> On Fri, 14 Dec 2018 18:35:28 +0100 Jorge Ramirez-Ortiz <jorge.ramirez-ortiz@...aro.org> wrote:
> 
> > As per Documentation/process/submitting-patches, Co-developed-by is a
> > valid signature.
> > 
> 
> I'm with Joe - I find this tag kinda useless and duplicative.  But whatever.
> 
> But as the documentation says, Co-developed-by must be accompanied by a
> Signed-off-by:.  It would be helpful if checkpatch were to detect a
> failure to do this.

perhaps
---
 scripts/checkpatch.pl | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
index 93e84c9504a1..056d4b47ffaf 100755
--- a/scripts/checkpatch.pl
+++ b/scripts/checkpatch.pl
@@ -2673,7 +2673,20 @@ sub process {
 				WARN("BAD_SIGN_OFF",
 				     "Duplicate signature\n" . $herecurr);
 			} else {
-				$signatures{$sig_nospace} = 1;
+				$signatures{$sig_nospace} = $herecurr;
+			}
+		}
+
+# Check for "Co-developed-by:" uses without equivalent "Signed-off-by:"
+# $signatures keys are all lower case without spaces
+		if ($rawline =~ /^---$/) {
+			foreach my $sig (keys %signatures) {
+				next if ($sig !~ /^co-developed-by:(.*)/);
+				my $signer = $1;
+				if (!defined $signatures{"signed-off-by:$signer"}) {
+					WARN("CODEVELOPED_WITHOUT_SIGNOFF",
+					     "Co-developed-by: used without Signed-off-by: by same person\n" . $signatures{$sig});
+				}
 			}
 		}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ