| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <isd5ptllbyya5rqzyr75w7b6vasnpyomnub22prdegr2jdodrv@75qx5eg5bppn> Date: Sat, 15 Mar 2025 18:49:54 -0700 From: Josh Poimboeuf <jpoimboe@...nel.org> To: Ingo Molnar <mingo@...nel.org> Cc: x86@...nel.org, linux-kernel@...r.kernel.org, Peter Zijlstra <peterz@...radead.org>, Brendan Jackman <jackmanb@...gle.com>, Nathan Chancellor <nathan@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: [PATCH 13/13] objtool: Add CONFIG_OBJTOOL_WERROR On Sun, Mar 16, 2025 at 01:41:43AM +0100, Ingo Molnar wrote: > > +config OBJTOOL_WERROR > > + bool "Upgrade objtool warnings to errors" > > + default y > > + depends on OBJTOOL && !COMPILE_TEST > > + help > > + Fail the build on objtool warnings. > > This is *way* too aggressive: objtool false positives are still common, I'm not sure what false positives you'd be referring to, these days the vast majority of warnings I see are actual bugs. > and an 'allmodconfig' should not fail the build IMO. In fact it doesn't: allmodconfig sets COMPILE_TEST which prevents OBJTOOL_WERROR. I've had complaints from people who spent days debugging a broken kernel only to discover it was related to an ignored objtool warning. For non-bot builds which actually get run on a system, many of the warnings should most definitely not be ignored. Especially since objtool is directly involved in some critical kernel infrastructure like static calls/jumps and CPU mitigations. All that said, I really don't know whether this default is too aggressive. But I do wonder if running it through a linux-next cycle after the next merge window might help answer that question. -- Josh
Powered by blists - more mailing lists