From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-lj1-x230.google.com (mail-lj1-x230.google.com [IPv6:2a00:1450:4864:20::230]) by sourceware.org (Postfix) with ESMTPS id 623333846402 for ; Wed, 3 Apr 2024 16:56:49 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 623333846402 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 623333846402 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2a00:1450:4864:20::230 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712163411; cv=none; b=wbAeBPzBvflxSLfdfALhTOoHiyQ5c963qBKrtftT5c4TVBxBGg2BlTOz5Y2pjsJSUYy61WCcESFcXSBhcE1GN93d0XRw26RlOZDbjpZ1bI52SUkcj6Kaq19MVm9Oq6+/DQKuFLFPh/dX4OOz40bhG2/jZxma51TzrTYrHHgtink= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712163411; c=relaxed/simple; bh=3NY/feCVjOMNFX9ePTCzJRq4PWmi+vl2AitrHbkTq0Y=; h=DKIM-Signature:MIME-Version:From:Date:Message-ID:Subject:To; b=HB2ypTAGVWaMueAKaOyhZHu/ANko2DkxBfCBehM2nqyeE1Oh1lFzN5NeDdF1SexfMUBtlwzfsVr/aWWJxZ+irlyt0Hf6ZZY39/J7mqa21HuxWdzNChanSWTmzUSJswZ8HcCp8AEUMjlh3j0yqZBfWTyBvNiUUpB2bZN8p8w8plo= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-lj1-x230.google.com with SMTP id 38308e7fff4ca-2d485886545so351051fa.2 for ; Wed, 03 Apr 2024 09:56:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712163408; x=1712768208; darn=gcc.gnu.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=JPqGSwQqqVw0CDbAiZ4HmCsyuUIDnBpwmUTGjzLlro8=; b=G2iDBezMviPK2n1odASwfSh3OelvvyGUH4l2+5jy17gctILRaCO3/R6uSHOGzzkFIV S7Al1d3yPzwF8Vl1tz5zyibs6ESkHinkSlAD/COKPUHskjZ4FLm6+i2jCC/TgyWZptL/ I7aUVxWMJYnzWDg8VQLpMuTKXObg52NmKzlEzCgsHes3lATb4Z9NSk1CBKNHeZUl+YLk PPTrqbKyh7TC90vBDAWaCJP/JYFWO1zYq+W0T5jkvMjSfgZZIq2sJvR2eUR9g0zc6705 YAjA8Zz2eW8hQwkSGz91Cqogp1dmKqWRZ8ihFjJdWKSyZBvj7LXFwhcUNgPexpFMrPSh x17A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712163408; x=1712768208; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=JPqGSwQqqVw0CDbAiZ4HmCsyuUIDnBpwmUTGjzLlro8=; b=VJhbjjnrWWHlZ6W6rRh7MbYOsaIjQ86Ar2CaZXFDDELoi5oFoVfZwJDWbdDgQF7wDP WfKPAFbZIFeFdpjVQTDLzt/J5hDZ+hrhOWNHRvdJ6+nre8U6C++/STEegqaKDjePoWbd xRuxov9ITliJToDH/0MhFU4+FY7M3cTWGeWlJW9aXbIjkBl5YOSv1Tb7sHj5AUB419Z/ r4dVIvugDZs54L5T/0VYrsTG/Pdn+8nz6ioRIZxsjnX05k0NjwNFu8H+/ZvQ3Zc1EpFh G1aOvM3EFoDjvWNyMC/6KikbFSENb/m5YH/dUZInjcpUWT5ci0s+kRLR8ViQwtL50gbt IpQA== X-Forwarded-Encrypted: i=1; AJvYcCWTczdM3k407EQQP6UL8lggSwfY3KrHNjIVknuYjcQO4f1/DanfxqsxEGKxGC8AN8yp22l6/LZCZknp3l96NqY= X-Gm-Message-State: AOJu0YzZ/JJJiBByB3ErrGyxd1ODd+v6p0VF6XGzmF4kayEiz6Yz0JVQ exYyu/HEp3Pt/niGZGYfRshZF1NyMwDFDSMXslIqt4dd3PO4/JAaCyW5OMr2MoM4boXAWXjVBKT I7NGC2OPsYQJOXaZfT6WFEe8Vl+w= X-Google-Smtp-Source: AGHT+IHzjx98BsYnmAja7d0mB6t4suesvUQrcPxBzmaNieyOX8eL/foFjkEX3RqvXB5ThNkK7dDIUGLd6ONttCq+wTo= X-Received: by 2002:a05:651c:1189:b0:2d5:acde:9065 with SMTP id w9-20020a05651c118900b002d5acde9065mr110370ljo.34.1712163407413; Wed, 03 Apr 2024 09:56:47 -0700 (PDT) MIME-Version: 1.0 References: <20240329203909.GS9427@gnu.wildebeest.org> <20240401150617.GF19478@gnu.wildebeest.org> <12215cd2-16db-4ee4-bd98-6a4bcf318592@cs.ucla.edu> <6239192ba9ff8aad0752309a54b633dc75a57c77.camel@tugraz.at> <8e877d2f-01e0-c786-dea5-265edbdc0c07@suse.de> In-Reply-To: From: Jonathan Wakely Date: Wed, 3 Apr 2024 17:56:35 +0100 Message-ID: Subject: Re: Sourceware mitigating and preventing the next xz-backdoor To: Martin Uecker Cc: Michael Matz , Ian Lance Taylor , Paul Koning , Paul Eggert , Sandra Loosemore , Mark Wielaard , overseers@sourceware.org, gcc@gcc.gnu.org, binutils@sourceware.org, gdb@sourceware.org, libc-alpha@sourceware.org Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Wed, 3 Apr 2024 at 15:34, Martin Uecker via Gcc wrote: > I ask a very specific question: To what extend is testing > for features instead of semantic versions and/or supported > standards still necessary? This seems like a problematic approach > that may have been necessary decades ago, but it seems it may be > time to move on. What standard or version should I check for to detect nl_langinfo_l support? It's in POSIX 2017 but macOS supports it in despite not being POSIX 2017 compliant. What about _get_osfhandle? Or fwrite_unlocked? What about whether the platform ABI allows aligning global objects to the cacheline size? Those are just a few of the most recent autoconf checks I've written for libstdc++ in the past few months, not decades ago.