| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 9 Oct 2023 10:17:33 -0700 From: Kees Cook <keescook@...omium.org> To: Mark Brown <broonie@...nel.org> Cc: Martin PoviĊĦer <povik+lin@...ebit.org>, Liam Girdwood <lgirdwood@...il.com>, Jaroslav Kysela <perex@...ex.cz>, Takashi Iwai <tiwai@...e.com>, asahi@...ts.linux.dev, alsa-devel@...a-project.org, Nathan Chancellor <nathan@...nel.org>, Nick Desaulniers <ndesaulniers@...gle.com>, Tom Rix <trix@...hat.com>, linux-kernel@...r.kernel.org, llvm@...ts.linux.dev, linux-hardening@...r.kernel.org Subject: Re: [PATCH] ASoC: apple: mca: Annotate struct mca_data with __counted_by On Fri, Oct 06, 2023 at 09:53:49PM +0100, Mark Brown wrote: > On Fri, Oct 06, 2023 at 01:22:55PM -0700, Kees Cook wrote: > > On Fri, Sep 22, 2023 at 10:50:50AM -0700, Kees Cook wrote: > > > > Prepare for the coming implementation by GCC and Clang of the __counted_by > > > attribute. Flexible array members annotated with __counted_by can have > > > their accesses bounds-checked at run-time checking via CONFIG_UBSAN_BOUNDS > > > (for array indexing) and CONFIG_FORTIFY_SOURCE (for strcpy/memcpy-family > > > functions). > > > > > > As found with Coccinelle[1], add __counted_by for struct mca_data. > > > > Friendly ping. Mark, can you pick this up please? > > Please don't send content free pings and please allow a reasonable time > for review. People get busy, go on holiday, attend conferences and so > on so unless there is some reason for urgency (like critical bug fixes) > please allow at least a couple of weeks for review. If there have been > review comments then people may be waiting for those to be addressed. > > Sending content free pings adds to the mail volume (if they are seen at > all) which is often the problem and since they can't be reviewed > directly if something has gone wrong you'll have to resend the patches > anyway, so sending again is generally a better approach though there are > some other maintainers who like them - if in doubt look at how patches > for the subsystem are normally handled. I'm happy to do whatever you'd like for this kind of thing, but I'm annoyed by this likely automated response seems to ask for the things that have already happened or generally don't make sense. :P - It _has_ been 2 weeks. - Review comments have _not_ required changes. - Sending a no-change patch is just as much email as sending a ping. - It's not content-free: I'm asking if you're going to take it; patches have gotten lost in the past, so it's a valid question. - I'm not interested in other subsystems, I'm interested in yours. :P You've made it clear you don't want me to pick up these kinds of trivial patches that would normally go through your tree, so I'm left waiting with no indication if you've seen the patch. My normal routine with treewide changes is to pick up trivial stuff that has gotten review but the traditional maintainer hasn't responded to in 2 weeks. Do you want these kinds of patches to be re-sent every 2 weeks if they haven't been replied to by you? -Kees -- Kees Cook
Powered by blists - more mailing lists