lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 11 Nov 2020 07:50:44 -0800
From:   Joe Perches <joe@...ches.com>
To:     Aditya <yashsri421@...il.com>,
        Lukas Bulwahn <lukas.bulwahn@...il.com>
Cc:     linux-kernel-mentees@...ts.linuxfoundation.org,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] checkpatch: add fix option for MISSING_SIGN_OFF

On Wed, 2020-11-11 at 16:39 +0530, Aditya wrote:
> On 11/11/20 4:00 pm, Lukas Bulwahn wrote:
> > On Wed, Nov 11, 2020 at 10:01 AM Aditya Srivastava <yashsri421@...il.com> wrote:
> > > 
> > > Currently checkpatch warns us if there is no 'Signed-off-by' line
> > > for the patch.
> > > 
> > > E.g., running checkpatch on commit 9ac060a708e0 ("leaking_addresses:
> > > Completely remove --version flag") reports this error:
> > > 
> > > ERROR: Missing Signed-off-by: line(s)
> > > 
> > > Provide a fix by adding a Signed-off-by line corresponding to the author
> > > of the patch before the patch separator line. Also avoid this error for
> > > the commits where some typo is present in the sign off.
[]
> > I think it should still warn about a Missing Signed-off-by: even when
> > we know there is a $non_standard_signature. So, checkpatch simply
> > emits two warnings; that is okay in that case.
> > 
> > It is just that our evaluation shows that the provided fix option
> > should not be suggested when there is a $non_standard_signature
> > because we actually would predict that there is typo in the intended
> > Signed-off-by tag and the fix that checkpatch would suggest would not
> > be adequate.
> > 
> > Joe, what is your opinion?
> > 
> > Aditya, it should not be too difficult to implement the rule that way, right?
> > 
> 
> No, I'd probably just have to add the check with $fix, instead of with
> $signoff

I think it does not matter much which is chosen.

The bad signed-off-by: line would still need to be corrected one
way or another and the added signed-off-line is also possibly
incorrect so it could need to be modified or deleted.


Powered by blists - more mailing lists