Re: [PATCH v15 00/25] Compile-time stack metadata validation
From: Ingo Molnar
Date: Wed Jan 13 2016 - 05:18:19 EST
* Borislav Petkov <bp@xxxxxxxxx> wrote:
> On Fri, Dec 18, 2015 at 06:39:14AM -0600, Josh Poimboeuf wrote:
> > This is v15 of the compile-time stack metadata validation patch set,
> > along with proposed fixes for many of the warnings it found. It's based
> > on the tip/master branch.
>
> Ok,
>
> Reviewed-by: Borislav Petkov <bp@xxxxxxx>
>
> With it applied, my .config gives ~1000 stacktool warnings.
That's way too high!
We should really strive for zero warnings on common configs - otherwise we'll just
drown in the noise of warnings, and people won't notice (and won't care about) new
warnings.
With a zero warnings baseline on a reasonable default kernel config people can
test for new warnings.
> One of the issues that bugs me recently is adding tool-specific markers
> to unrelated code and new tools tend to love doing that. But this makes
> unrelated code ugly and people touching it shouldn't have to know about
> those tools.
>
> I guess you could improve the analysis of vmlinux as stacktool is
> running post-compile and thus put the onus on the tool to do the right
> thing and not on the code.
>
> But that's for the TODO.
So if we still have 1,000 warnings, then it's more than a TODO - it's more like a
MUSTFIX! :-)
Thanks,
Ingo