Re: [PATCH] gcc-plugins: disable under COMPILE_TEST

From: Austin S. Hemmelgarn
Date: Mon Jun 13 2016 - 14:32:45 EST

Next message: Ebru Akagunduz: "Re: [RFC PATCH 1/3] mm, thp: revert allocstall comparing"
Previous message: Ben Hutchings: "Re: [STABLE] kernel oops which can be fixed by peterz's patches"
In reply to: Emese Revfy: "Re: [PATCH] gcc-plugins: disable under COMPILE_TEST"
Next in thread: Kees Cook: "Re: [PATCH] gcc-plugins: disable under COMPILE_TEST"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2016-06-12 20:18, Emese Revfy wrote:

On Sun, 12 Jun 2016 15:25:39 -0700
Kees Cook <keescook@xxxxxxxxxxxx> wrote:

I don't like this because it means if someone specifically selects
some plugins in their .config, and the headers are missing, the kernel
will successfully compile. For many plugins, this results in a kernel
that lacks the requested security features, and that I really do not
want to have happening. I'm okay leaving these disabled for compile
tests for now. We can revisit this once more distros have plugins
enabled by default.

You are right. Your patch is safer.

Why not make it so that if COMPILE_TEST is enabled, the build warns if it can't find the headers, otherwise it fails? That way, people who are doing all*config builds but don't have the headers will still get some build coverage, and the people who are enabling it as a security feature will still get build failures.

Next message: Ebru Akagunduz: "Re: [RFC PATCH 1/3] mm, thp: revert allocstall comparing"
Previous message: Ben Hutchings: "Re: [STABLE] kernel oops which can be fixed by peterz's patches"
In reply to: Emese Revfy: "Re: [PATCH] gcc-plugins: disable under COMPILE_TEST"
Next in thread: Kees Cook: "Re: [PATCH] gcc-plugins: disable under COMPILE_TEST"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]