| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 5 Oct 2020 13:10:44 +0530
From: Dwaipayan Ray <dwaipayanray1@...il.com>
To: Joe Perches <joe@...ches.com>
Cc: linux-kernel-mentees@...ts.linuxfoundation.org,
Lukas Bulwahn <lukas.bulwahn@...il.com>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC] checkpatch: add new warnings to author signoff checks.
On Mon, Oct 5, 2020 at 12:48 PM Joe Perches <joe@...ches.com> wrote:
>
> On Mon, 2020-10-05 at 12:18 +0530, Dwaipayan Ray wrote:
> > The author signed-off-by checks are currently very vague.
> > Cases like same name or same address are not handled separately.
> >
> > For example, running checkpatch on commit be6577af0cef
> > ("parisc: Add atomic64_set_release() define to avoid CPU soft lockups"),
> > gives:
> >
> > WARNING: Missing Signed-off-by: line by nominal patch author
> > 'John David Anglin <dave.anglin@...l.net>'
> >
> > The signoff line was:
> > "Signed-off-by: Dave Anglin <dave.anglin@...l.net>"
> >
> > Clearly the author has signed off but with a slightly different version
> > of his name. A more appropriate warning would have been to point out
> > at the name mismatch instead.
> >
> > Introduced three new types of warnings:
> >
> > 1) Address matches, but names are different.
> > "James Watson <james@...il.com>", "James <james@...il.com>"
> >
> > 2) Name matches, but addresses are different.
> > "James Watson <james@...son.com>", "James Watson <james@...il.com>"
> >
> > 3) Name matches, but addresses without mail extensions are same.
> > "James Watson <james@...il.com>", "James Watson <james+a@...il.com>"
> >
> > For the 3rd class, a --strict check message is generated, and for the
> > other two, warnings are generated.
>
> I don't have any issue with the concept, but please
> be consistent with spacing after if tests.
>
> Always use a single space after if
>
Okay sure I will take care of that.
> > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
>
> > @@ -2347,6 +2347,7 @@ sub process {
> > my $signoff = 0;
> > my $author = '';
> > my $authorsignoff = 0;
> > + my $authorsignoff_ctx = '';
>
> ctx isn't a descriptive name.
>
> Maybe $author_sob
Yes that's more illustrative. I will change that.
>
> > @@ -2674,9 +2675,34 @@ sub process {
> > if ($line =~ /^\s*signed-off-by:\s*(.*)/i) {
> > $signoff++;
> > $in_commit_log = 0;
> > - if ($author ne '') {
> > + if ($author ne '' && $authorsignoff != 1) {
>
> Has space after if
>
> > if (same_email_addresses($1, $author)) {
> > $authorsignoff = 1;
> > + } else {
> > + my $ctx = $1;
> > + my ($email_name, $email_comment, $email_address, $comment1) = parse_email($ctx);
> > + my ($author_name, $author_comment, $author_address, $comment2) = parse_email($author);
> > +
> > + if($email_address eq $author_address) {
>
> No space after if, etc...
>
> > @@ -6891,9 +6917,32 @@ sub process {
> > if ($signoff == 0) {
> > ERROR("MISSING_SIGN_OFF",
> > "Missing Signed-off-by: line(s)\n");
> > - } elsif (!$authorsignoff) {
> > - WARN("NO_AUTHOR_SIGN_OFF",
> > - "Missing Signed-off-by: line by nominal patch author '$author'\n");
> > + } elsif ($authorsignoff != 1) {
> > + # authorsignoff values:
> > + # 0 -> missing sign off
> > + # 1 -> sign off present
>
> sign off identical
>
> > + # 2 -> address matches, name different
> > + # 3 -> name matches, address different
> > + # 4 -> name matches, address matches without extension
>
> extension here isn't obvious
Yeah I was thinking of that. I was a bit confused about the message.
Will it be better as "address excluding mail extensions matches"?
>
> > +
> > + my $ctx_msg = "'Signed-off-by: $authorsignoff_ctx' should be:\n'Signed-off-by: $author'";
>
> New line not necessary or useful really.
>
> And for mismatches, it's really not known that
> it should be one way or the or the other is it?
>
I think that's true. But since the mail in the
From: part is the one which with others are being
compared, I think maybe it should have the higher
priority, and be treated as the expected one.
Otherwise I could change the message accordingly.
> > +
> > + if($authorsignoff == 0) {
> > + WARN("NO_AUTHOR_SIGN_OFF",
> > + "Missing Signed-off-by: line by nominal patch author '$author'\n");
> > + }
> > + elsif($authorsignoff == 2) {
> > + WARN("NO_AUTHOR_SIGN_OFF",
> > + "Author name mismatch:\n$ctx_msg\n");
> > + }
> > + elsif($authorsignoff == 3) {
> > + WARN("NO_AUTHOR_SIGN_OFF",
> > + "Author address mismatch:\n$ctx_msg\n");
> > + }
> > + elsif($authorsignoff == 4) {
> > + CHK("NO_AUTHOR_SIGN_OFF",
> > + "Author mail extension mismatch:\n$ctx_msg\n");
> > + }
> > }
> > }
> >
>
Thanks,
Dwaipayan.
Powered by blists - more mailing lists