| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 5 Apr 2019 09:39:26 -0500
From: Josh Poimboeuf <jpoimboe@...hat.com>
To: Luis Ressel <aranea@...ah.de>
Cc: Peter Zijlstra <peterz@...radead.org>,
open list <linux-kernel@...r.kernel.org>,
stable@...r.kernel.org
Subject: Re: [PATCH] objtool: Don't use -Werror
On Fri, Apr 05, 2019 at 04:24:43PM +0200, Luis Ressel wrote:
> On Fri, Apr 05, 2019 at 07:39:09AM -0500, Josh Poimboeuf wrote:
> > What version of libelf are you using? AFAIK, the non-elfutils version
> > of libelf is buggy and has been unmaintained for 10 years.
>
> I'm using libelf 0.8.13, which is indeed 10y old, abandoned and rather
> suboptimal (elfutils OTOH is nonportable, and I haven't gotten around
> yet to fixing its incompatibilities with the musl libc).
If you can't use the elfutils version, I'd recommend just disabling all
the features which rely on objtool. Because some of the libelf-related
bugs I've seen are pretty bad, and we rely on objtool for some pretty
fundamental things like ORC oops stack traces and live patching.
In fact I think we probably need a patch to fail the build if the
10-year-old libelf is used, as I've gotten several bug reports there and
the answer is always the same ("don't use old libelf").
> I can accept that you might not be interested in fixing issues related
> to libelf, but using -Werror is a more general problem which just
> happens to be triggered by my particular setup.
Hm, I would actually argue the reverse. Warnings are generally bad and
-Werror is useful for ensuring that we don't have any. For warnings
that don't provide value, we just disable those individual warnings.
--
Josh
Powered by blists - more mailing lists