* Borislav Petkov <bp@xxxxxxxxx> wrote: > On Fri, Dec 18, 2015 at 06:39:14AM -0600, Josh Poimboeuf wrote: > > This is v15 of the compile-time stack metadata validation patch set, > > along with proposed fixes for many of the warnings it found. It's based > > on the tip/master branch. > > Ok, > > Reviewed-by: Borislav Petkov <bp@xxxxxxx> > > With it applied, my .config gives ~1000 stacktool warnings. That's way too high! We should really strive for zero warnings on common configs - otherwise we'll just drown in the noise of warnings, and people won't notice (and won't care about) new warnings. With a zero warnings baseline on a reasonable default kernel config people can test for new warnings. > One of the issues that bugs me recently is adding tool-specific markers > to unrelated code and new tools tend to love doing that. But this makes > unrelated code ugly and people touching it shouldn't have to know about > those tools. > > I guess you could improve the analysis of vmlinux as stacktool is > running post-compile and thus put the onus on the tool to do the right > thing and not on the code. > > But that's for the TODO. So if we still have 1,000 warnings, then it's more than a TODO - it's more like a MUSTFIX! :-) Thanks, Ingo -- To unsubscribe from this list: send the line "unsubscribe live-patching" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html