lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YXkfaGlmbkXXJGih@smile.fi.intel.com>
Date:   Wed, 27 Oct 2021 12:44:08 +0300
From:   Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To:     Qian Cai <quic_qiancai@...cinc.com>
Cc:     Yury Norov <yury.norov@...il.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Rasmus Villemoes <linux@...musvillemoes.dk>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] bitmap: simplify GENMASK(size - 1, 0) lines

On Tue, Oct 26, 2021 at 03:54:26PM -0400, Qian Cai wrote:
> On 10/26/21 3:42 PM, Andy Shevchenko wrote:
> > Now, I have checked that email appearance in the upstream:
> > 
> > $ git log --oneline --author="quic_qiancai@...cinc.com"
> > 95cadae320be fortify: strlen: Avoid shadowing previous locals
> > 94560f6156fe Revert "arm pl011 serial: support multi-irq request"
> > 
> > While first one perhaps okay, although it also refers to W=2,
> > I have now doubts if the "Revert" was really thought through
> > and not just yet another UMN-like experiment.
> > 
> > Greg, what do you think is the best course of actions here?
> 
> Perhaps, a little sympathy towards a stranger might get us a better
> community.

Agree, but you see a problem here, W=2, for example, is high due to
a lot of non-sense (or very little sense) noise. The warning you got
is hidden on purpose. On top of that, the code has not been thought
through at all, despite missed test run. This is easy to catch.

What I expect from "a stranger" who is in doubt (obviously) how this
code works to ask and then decide how to act.

And on top of all these, we used to have UMN case which makes me
first think of bad experiments on the community (I really haven't
believed that this patch was sent consciously).

So, please be careful next time and better ask first before acting,
if in doubt.

> Feel free to audit my previous works.
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/?qt=author&q=Qian+Cai

Yes, after above patch these all in doubt (to me personally), but
I have no time to revisit all of them, esp. they do not touched my
area of interests in the Linux kernel.

-- 
With Best Regards,
Andy Shevchenko


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ