| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <8992766a-cc96-40bb-b8c2-60931ad0f065@app.fastmail.com>
Date: Wed, 11 Jun 2025 16:24:13 +0200
From: "Arnd Bergmann" <arnd@...db.de>
To: "Masahiro Yamada" <masahiroy@...nel.org>,
"Heiko Carstens" <hca@...ux.ibm.com>
Cc: "Linus Torvalds" <torvalds@...ux-foundation.org>,
"Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>,
"Linux Kbuild mailing list" <linux-kbuild@...r.kernel.org>
Subject: Re: [GIT PULL] Kbuild updates for v6.16-rc1
On Wed, Jun 11, 2025, at 15:32, Masahiro Yamada wrote:
> On Wed, Jun 11, 2025 at 4:55 PM Heiko Carstens <hca@...ux.ibm.com> wrote:
>>
>> Don't get me wrong, I can address all of this trivial churn for s390, however
>> enforcing so many extra warnings to everyone with W=1 builds doesn't look like
>> the right approach to me.
>
> This is what W=1 is for.
> 0day bot detects a new W=1 warning, so we can avoid new warnings coming in.
>
> People do not know which headers should be included when.
> So, this warning must exist at least until we can get rid of
> #include <linux/export.h> from include/linux/module.h,
> include/linux/linkage.h etc.
I think this makes sense in general, but the output here is
excessive if it leads to users no longer wanting to enable W=1.
There are other warnings that I think should be enabled at the
W=1 level (e.g. -Wformat-security) and eventually by default,
but that are still too noisy at that level.
My own cutoff would be at a few hundred warnings in allmodconfig
builds if there is an effort to reduce it further, but it seems
that this one is still at a few thousand, which does not seem ok.
Arnd
Powered by blists - more mailing lists