On Wed, Sep 7, 2016 at 2:32 PM, Kees Cook <[email protected]> wrote: > On Wed, Sep 7, 2016 at 12:15 PM, Linus Torvalds > <[email protected]> wrote: >> On Wed, Sep 7, 2016 at 11:36 AM, Kees Cook <[email protected]> wrote: >>> >>> - move page-spanning check behind a CONFIG since it's triggering false >>> positives >> >> Hmm. I pulled this, but looking at it I realized that >> >> + depends on !COMPILE_TEST >> >> doesn't make any real sense to me. >> >> All it does is make sure that "make allmodconfig" doesn't actually >> test that the PAGESPAN code compiles. >> >> It's not like that is a big cost for allmodconfig builds, but it does >> mean that it gets less coverage. >> >> And it really makes no sense to me. We *don't* want to run with that >> option enabled normally. >> >> I think what you actually meant was something like >> >> + depends on EXPERT >> >> which means that it does *not* get enabled in normal user builds. >> >> Hmm? > > I guess that's true -- I was trying to think of a way to make sure it > didn't get tested by 0-day syscall fuzzer on a randconfig, since I > didn't want the noise. But now that I double-check this, yeah, it > looks like randconfig doesn't set COMPILE_TEST. Hmpf. > > I will send another patch to flip this to EXPERT, and if 0-day finds > issues, I can add them to the __GPF_COMP hit-list. :P
Oh! Nevermind, I see you did that already. Thank you! :) -Kees -- Kees Cook Nexus Security
