| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ZxjltAbZmzbjXnKn@pollux> Date: Wed, 23 Oct 2024 14:01:56 +0200 From: Danilo Krummrich <dakr@...nel.org> To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com> Cc: Abdiel Janulgue <abdiel.janulgue@...il.com>, rust-for-linux@...r.kernel.org, aliceryhl@...gle.com, dakr@...hat.com, linux-kernel@...r.kernel.org, airlied@...hat.com, boqun.feng@...il.com, Christian Brauner <brauner@...nel.org> Subject: Re: [PATCH v2 0/5] Introduce Owned type and Ownable trait (was: "rust: page: Add support for vmalloc_to_page") On Wed, Oct 23, 2024 at 11:51:47AM +0200, Miguel Ojeda wrote: > On Wed, Oct 23, 2024 at 10:03 AM Danilo Krummrich <dakr@...nel.org> wrote: > > > > I wonder if it would make sense to make `CLIPPY=1` the default and only disable > > it by explicitly passing `CLIPPY=0`. > > That is what I wanted, but when I asked long ago to the Clippy > maintainers if using `clippy-driver` was guaranteed to not affect > codegen, the answer was no: for instance, optimization may be affected > (at least back then), and the maintainers said the intention is that > is not to be used for normal compiling. So I sent a PR to document > that. See: > > https://github.com/rust-lang/rust-clippy/issues/8035 > https://github.com/rust-lang/rust-clippy/pull/8037 That's pretty unfortunate, I didn't know. I think for the long term it'd be good to find a way though. Once more and more subsystems / people start adding Rust code, I could imagine patches to start slipping through and fixing things up after it's been discovered in -next would be painful. > > Similarly, Christian proposed running `rustfmtcheck` unconditionally > on build and offering a way to turn it off instead. I think that would > be ideal too, but it could potentially lead to problems too, so I am > not sure either; see e.g.: > > https://lore.kernel.org/rust-for-linux/CANiq72==AkkqCDaZMENQRg8cf4zdeHpTHwdWS3sZiFWm0vyJUA@mail.gmail.com/ Yeah, that's a tricky one; if not enabled by default I'd be a bit worried about the same thing to happen as mentioned above. Additionally, for development trees where things slipped through it'd be annoying when `rustfmt` changes more stuff than expected. > > So I wonder if we should instead go with a "dev mode" like `D=1` that > enables Clippy, `rustfmtcheck`, `-Dwarnings` (even if `WERROR=n` and > applying to everything, not just kernel objects,), potentially > `rustdoc`-related warnings too, and whatever other tooling/checks in > the future (e.g. klint), and not just for Rust but potentially for C > and other bits too (e.g. `W=1`, some important subset of Coccinelle > scripts...). I think that'd be great for short / mid term, it'd make it much easier to ensure that all relevant checks were executed and hence make it less likely for things slip through. For the long term, I think it'd be great to keep looking for ways to always enable the clippy and format checks. Or at least the clippy ones if we're too concerned about `rustfmt` to break. > > That way, "normal builds" (i.e. those done by users) stay as > fast/clean/warning-free/bug-free/optimized as possible even across > compiler versions, potential bugs in the toolchain, etc. And I imagine > it would be easier for newcomers, too. > > Opinions welcome! I am happy to prepare an RFC, since it seems a few > people would like something like that. > > Cheers, > Miguel >
Powered by blists - more mailing lists