lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1b9c6280-f1dc-2381-59d6-dc29fda3a63b@embeddedor.com>
Date:   Wed, 20 Mar 2019 16:23:21 -0500
From:   "Gustavo A. R. Silva" <gustavo@...eddedor.com>
To:     Richard Weinberger <richard@....at>
Cc:     David Woodhouse <dwmw2@...radead.org>,
        Brian Norris <computersforpeace@...il.com>,
        Boris Brezillon <bbrezillon@...nel.org>,
        Marek Vasut <marek.vasut@...il.com>,
        linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org,
        Kees Cook <keescook@...omium.org>
Subject: Re: [PATCH] mtd: cfi_util: mark expected switch fall-throughs



On 3/20/19 4:05 PM, Richard Weinberger wrote:
> Hi!
> 
> Am Mittwoch, 20. März 2019, 21:20:51 CET schrieb Gustavo A. R. Silva:
>> Hi all,
>>
>> Friendly ping:
>>
>> Who can take this?
> 
> Hmmm, for MTD I think we can schedule these patches for the next merge window.
> But I'm not sure whether these comments are a good solution.
> I much more prefer the compiler attribute solution.
> Also a tree-wide (sane) coccinelle script would be better IMHO,
> and not zillions of individual patches via different trees.
> 

If that script is sophisticated enough to spot both false positives and
actual bugs, then yeah, I'd love that solution.  But it's actually not
that simple.

The thing about the compiler attributes is not a big deal, once we
finally enable -Wimplicit-fallthrough, for which we first need to
address each one of these cases.  But we are getting close, there
are less than 100 of these issues in linux-next. :)

So, if this is too much of a burden for people, I can add all these
MTD patches to my own tree for 5.2.

Just, please, let me know.

Thanks
--
Gustavo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ