| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Nov 2020 19:56:01 +0100
From: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
To: James Bottomley <James.Bottomley@...senpartnership.com>
Cc: Kees Cook <keescook@...omium.org>,
Jakub Kicinski <kuba@...nel.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
alsa-devel@...a-project.org, amd-gfx@...ts.freedesktop.org,
bridge@...ts.linux-foundation.org, ceph-devel@...r.kernel.org,
cluster-devel@...hat.com, coreteam@...filter.org,
devel@...verdev.osuosl.org, dm-devel@...hat.com,
drbd-dev@...ts.linbit.com, dri-devel@...ts.freedesktop.org,
GR-everest-linux-l2@...vell.com, GR-Linux-NIC-Dev@...vell.com,
intel-gfx@...ts.freedesktop.org, intel-wired-lan@...ts.osuosl.org,
keyrings@...r.kernel.org, linux1394-devel@...ts.sourceforge.net,
linux-acpi@...r.kernel.org, linux-afs@...ts.infradead.org,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
linux-arm-msm@...r.kernel.org,
linux-atm-general@...ts.sourceforge.net,
linux-block@...r.kernel.org, linux-can@...r.kernel.org,
linux-cifs@...r.kernel.org,
Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
linux-decnet-user@...ts.sourceforge.net,
Ext4 Developers List <linux-ext4@...r.kernel.org>,
linux-fbdev@...r.kernel.org, linux-geode@...ts.infradead.org,
linux-gpio@...r.kernel.org, linux-hams@...r.kernel.org,
linux-hwmon@...r.kernel.org, linux-i3c@...ts.infradead.org,
linux-ide@...r.kernel.org, linux-iio@...r.kernel.org,
linux-input <linux-input@...r.kernel.org>,
linux-integrity@...r.kernel.org,
linux-mediatek@...ts.infradead.org,
Linux Media Mailing List <linux-media@...r.kernel.org>,
linux-mmc@...r.kernel.org, Linux-MM <linux-mm@...ck.org>,
linux-mtd@...ts.infradead.org, linux-nfs@...r.kernel.org,
linux-rdma@...r.kernel.org, linux-renesas-soc@...r.kernel.org,
linux-scsi@...r.kernel.org, linux-sctp@...r.kernel.org,
linux-security-module@...r.kernel.org,
linux-stm32@...md-mailman.stormreply.com,
linux-usb@...r.kernel.org, linux-watchdog@...r.kernel.org,
linux-wireless <linux-wireless@...r.kernel.org>,
Network Development <netdev@...r.kernel.org>,
netfilter-devel@...r.kernel.org, nouveau@...ts.freedesktop.org,
op-tee@...ts.trustedfirmware.org, oss-drivers@...ronome.com,
patches@...nsource.cirrus.com, rds-devel@....oracle.com,
reiserfs-devel@...r.kernel.org, samba-technical@...ts.samba.org,
selinux@...r.kernel.org, target-devel@...r.kernel.org,
tipc-discussion@...ts.sourceforge.net,
usb-storage@...ts.one-eyed-alien.net,
virtualization@...ts.linux-foundation.org,
wcn36xx@...ts.infradead.org,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
xen-devel@...ts.xenproject.org, linux-hardening@...r.kernel.org,
Nick Desaulniers <ndesaulniers@...gle.com>,
Nathan Chancellor <natechancellor@...il.com>,
Miguel Ojeda <ojeda@...nel.org>, Joe Perches <joe@...ches.com>
Subject: Re: [PATCH 000/141] Fix fall-through warnings for Clang
On Mon, Nov 23, 2020 at 4:58 PM James Bottomley
<James.Bottomley@...senpartnership.com> wrote:
>
> Well, I used git. It says that as of today in Linus' tree we have 889
> patches related to fall throughs and the first series went in in
> october 2017 ... ignoring a couple of outliers back to February.
I can see ~10k insertions over ~1k commits and 15 years that mention a
fallthrough in the entire repo. That is including some commits (like
the biggest one, 960 insertions) that have nothing to do with C
fallthrough. A single kernel release has an order of magnitude more
changes than this...
But if we do the math, for an author, at even 1 minute per line change
and assuming nothing can be automated at all, it would take 1 month of
work. For maintainers, a couple of trivial lines is noise compared to
many other patches.
In fact, this discussion probably took more time than the time it
would take to review the 200 lines. :-)
> We're also complaining about the inability to recruit maintainers:
>
> https://www.theregister.com/2020/06/30/hard_to_find_linux_maintainers_says_torvalds/
>
> And burn out:
>
> http://antirez.com/news/129
Accepting trivial and useful 1-line patches is not what makes a
voluntary maintainer quit... Thankless work with demanding deadlines is.
> The whole crux of your argument seems to be maintainers' time isn't
> important so we should accept all trivial patches
I have not said that, at all. In fact, I am a voluntary one and I
welcome patches like this. It takes very little effort on my side to
review and it helps the kernel overall. Paid maintainers are the ones
that can take care of big features/reviews.
> What I'm actually trying to articulate is a way of measuring value of
> the patch vs cost ... it has nothing really to do with who foots the
> actual bill.
I understand your point, but you were the one putting it in terms of a
junior FTE. In my view, 1 month-work (worst case) is very much worth
removing a class of errors from a critical codebase.
> One thesis I'm actually starting to formulate is that this continual
> devaluing of maintainers is why we have so much difficulty keeping and
> recruiting them.
That may very well be true, but I don't feel anybody has devalued
maintainers in this discussion.
Cheers,
Miguel
Powered by blists - more mailing lists