Re: Very slow clang kernel config ..

From: Miguel Ojeda
Date: Tue May 04 2021 - 17:32:57 EST

Next message: Vladimir Oltean: "Re: [net-next] net: dsa: felix: disable always guard band bit for TAS config"
Previous message: SyzScope: "Re: KASAN: use-after-free Read in v4l2_fh_open"
In reply to: Miguel Ojeda: "Re: Very slow clang kernel config .."
Next in thread: David Laight: "RE: Very slow clang kernel config .."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, May 2, 2021 at 11:31 AM Adrian Bunk <bunk@xxxxxxxxxx> wrote:
>
> Some of the new language ecosystems like Go or Rust do not offer
> shared libraries.

This is a bit misleading. Rust offers shared libraries, including the
option to offer a C ABI.

The problem are generics which, like C++ templates, cannot be swapped
at runtime. Distributions have had to deal with the STL, Boost, etc.
all these years too.

In fact, Rust improves things a bit: there are no headers that need to
be parsed from scratch every time.

> What happens if you use a program provided by your distribution that is
> written in Rust and handles untrusted input in a way that it might be
> vulnerable to exploits based on one of these CVEs?
>
> The program has a known vulnerability that will likely stay unfixed.

Why? I fail to see what is the issue rebuilding (or relinking) all
packages except distributions lacking enough compute resources.

Cheers,
Miguel

Next message: Vladimir Oltean: "Re: [net-next] net: dsa: felix: disable always guard band bit for TAS config"
Previous message: SyzScope: "Re: KASAN: use-after-free Read in v4l2_fh_open"
In reply to: Miguel Ojeda: "Re: Very slow clang kernel config .."
Next in thread: David Laight: "RE: Very slow clang kernel config .."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]