lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YzxX7ks+YD7U1dcl@magnolia>
Date:   Tue, 4 Oct 2022 08:57:34 -0700
From:   "Darrick J. Wong" <djwong@...nel.org>
To:     Stephen Rothwell <sfr@...b.auug.org.au>
Cc:     Dave Chinner <david@...morbit.com>, linux-xfs@...r.kernel.org,
        Stephen Zhang <starzhangzsd@...il.com>,
        Shida Zhang <zhangshida@...inos.cn>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Next Mailing List <linux-next@...r.kernel.org>
Subject: Re: linux-next: Signed-off-by missing for commit in the xfs tree

On Tue, Oct 04, 2022 at 10:50:12PM +1100, Stephen Rothwell wrote:
> Hi Dave,
> 
> On Tue, 4 Oct 2022 09:21:03 +1100 Dave Chinner <david@...morbit.com> wrote:
> >
> > The commit matches exactly what was sent to the list. It's just
> > that the patch was sent from a personal email address with a
> > corporate signoff.
> > 
> > Since when has that been an issue?  I -personally- have been doing
> > this for well over a decade and I'm pretty sure there are lots of
> > other people who also do this.
> 
> If you are happy (as the maintainer), then fine.  My script just could
> not connect those 2 email addresses.  I check for matches between the
> address itself (the part between the <>) or a match between the "name"
> part (before the <>).  If either matches (or it is obvious) then I
> don't report it.
> 
> I have reported very few of these.

My checkpatch is happier if the whole "name <email>" string matches, but
it'll accept name matches.  This ofc rests upon the assumption that
I can spot the deepcake'd Dave Chinners hawking phones in Russia or
whatever. ;)

That said... I think we should get in the habit of asking patch authors
to make sure that at least one of the email or name strings match
between the From and SOB tags.  I can see how people who grok even less
about how Chinese names work than I do (read: lawyers) might get fussy
about this kind of thing.

--D

> > Hence if this is wrong, then we've got a tooling problem with b4.
> > Why does b4 allow this rather than warn/fail if it's not actually
> > allowed in the linux-next tree?
> 
> These reports are more of "is this right/was this a slipup?" rather
> than "this is not allowed" i.e.. there are circumstances under which
> the actual author does not (or cannot) provide a Signed-off-by and that
> is OK.
> -- 
> Cheers,
> Stephen Rothwell


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ