lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <bed6f04f-48ab-4cd9-8342-e4f619c91369@lunn.ch>
Date: Fri, 27 Oct 2023 15:09:01 +0200
From: Andrew Lunn <andrew@...n.ch>
To: Miguel Ojeda <miguel.ojeda.sandonis@...il.com>
Cc: Boqun Feng <boqun.feng@...il.com>,
	FUJITA Tomonori <fujita.tomonori@...il.com>, netdev@...r.kernel.org,
	rust-for-linux@...r.kernel.org, tmgross@...ch.edu,
	benno.lossin@...ton.me, wedsonaf@...il.com
Subject: Re: [PATCH net-next v7 0/5] Rust abstractions for network PHY drivers

On Fri, Oct 27, 2023 at 12:22:07PM +0200, Miguel Ojeda wrote:
> On Fri, Oct 27, 2023 at 4:47 AM Andrew Lunn <andrew@...n.ch> wrote:
> >
> > It should also be noted, patches don't need reviews to be merged. If
> > there is no feedback within three days, and it passes the CI tests, it
> > likely will be merged. Real problems can be fixed up later, if need
> > be.
> 
> Passing CI tests does not tell you whether abstractions are
> well-designed or sound, which is the key property Rust abstractions
> need.

We see CI as a tool to do the boring stuff. Does the code even compile
without adding errors/warnings. Does it have the needed signed-off-by,
does checkpatch spot anything nasty going on. Part of being able to
handle the volume of patches in netdev is automating all this sort of
stuff.

> And I hope by "don't need reviews to be merged" you mean "at least
> somebody, perhaps the applier, has taken a look".

A human is always involved, looking at the CI results, and if nothing
bad is reported, looking at the code if there are no Acked-by, or
Reviewed-by from trusted people.

The API being unsound is just another bug. I nobody spots the problem
it can be fixed, just like any other bug. 

	Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ