From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gdb-bounces+public-inbox=simark.ca@sourceware.org>
Received: from simark.ca
	by simark.ca with LMTP
	id AZMAHjTWMGbH0gAAWB0awg
	(envelope-from <gdb-bounces+public-inbox=simark.ca@sourceware.org>)
	for <public-inbox@simark.ca>; Tue, 30 Apr 2024 07:29:56 -0400
Authentication-Results: simark.ca;
	dkim=pass (1024-bit key; secure) header.d=sourceware.org header.i=@sourceware.org header.a=rsa-sha256 header.s=default header.b=b7ahPFJX;
	dkim-atps=neutral
Received: by simark.ca (Postfix, from userid 112)
	id 6A82B1E0C1; Tue, 30 Apr 2024 07:29:56 -0400 (EDT)
Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	by simark.ca (Postfix) with ESMTPS id 49ED51E030
	for <public-inbox@simark.ca>; Tue, 30 Apr 2024 07:29:54 -0400 (EDT)
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 9456F3846079
	for <public-inbox@simark.ca>; Tue, 30 Apr 2024 11:29:53 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 9456F3846079
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1714476593;
	bh=g57LwLc20+2Lc7bWza3PW2op2HVPPQQllIpEA2PnlsY=;
	h=Date:To:Cc:Subject:References:In-Reply-To:List-Id:
	 List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe:
	 From:Reply-To:From;
	b=b7ahPFJXVGvI4d1cKrbhboaDIBI4X8JMpfa8lLCDM5GwEDIOXwXN3ZGAcp5Ex9bQc
	 SGzr9fe3NnnIhFpL0cCM1DpX2tE6PcQASLSx1InoHi2ef0cidlyniKjDLa2lY4hQZG
	 ji2wZ89QxrdyCvl0KuwmaT8HYyYhi3TzwSSPnSbM=
Received: from sin.source.kernel.org (sin.source.kernel.org
 [IPv6:2604:1380:40e1:4800::1])
 by sourceware.org (Postfix) with ESMTPS id 2D58B3858414;
 Tue, 30 Apr 2024 11:29:03 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 2D58B3858414
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 2D58B3858414
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1714476545; cv=none;
 b=OzGY5QDXQkrUxfHpeeJT3Ayy50LmTQp2qaJvDUqVUPViI/Ss+HaPzAXBo0miKaTQ7Qu01KHhdHp3qnLptefa1Zmm7o/f2WVxNzeT/2ar8tdnb5n2mBRwMh6+Uvt/Q+iokDtLQ2ITWCAXqbg6kVlG3LmmmXd3i+86z4kzmkdFFgU=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
 t=1714476545; c=relaxed/simple;
 bh=7wBbR/ghu7hPsMj3bXLjXmRu/94RccHgUic4D9UnfTI=;
 h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version;
 b=jtRb5EUm8JRz4O8EDXypUAzQ1z2rlr8W0HgmiA7NpHyOtDBCtvXHhWmy58oS45QoAw9DObOjc0TfrybREAM+0p01ZvPohtA8Oku9uXALuPHpORP0joRG+HJYowSDt6EFczFrdA45gWZ5l4WPUm4oUoEiHqmBJCcx/pZD75TGejI=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
 by sin.source.kernel.org (Postfix) with ESMTP id 9477FCE0FE2;
 Tue, 30 Apr 2024 11:29:00 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9E58BC4AF1D;
 Tue, 30 Apr 2024 11:28:56 +0000 (UTC)
Date: Tue, 30 Apr 2024 13:28:54 +0200
To: Mark Wielaard <mark@klomp.org>
Cc: Joel Sherrill <joel@rtems.org>, Florian Weimer <fweimer@redhat.com>,
 Guinevere Larsen via Overseers <overseers@sourceware.org>,
 Sandra Loosemore <sloosemore@baylibre.com>,
 Guinevere Larsen <blarsen@redhat.com>, GCC <gcc@gcc.gnu.org>,
 binutils <binutils@sourceware.org>,
 Eli Zaretskii via Gdb <gdb@sourceware.org>, libc-alpha@sourceware.org
Subject: Re: Sourceware mitigating and preventing the next xz-backdoor
Message-ID: <ZjDV9qIkYn_-7OBU@debian>
References: <20240329203909.GS9427@gnu.wildebeest.org>
 <20240401150617.GF19478@gnu.wildebeest.org>
 <fc3d8fe6-bfec-474d-a9ed-895067654603@baylibre.com>
 <077b9dd5-0df1-4384-a9d1-58e4283caf09@redhat.com>
 <87il0ykgw5.fsf@oldenburg.str.redhat.com>
 <CAF9ehCVOBkcckhQVimfgCQBh7=EE9f_7y-7+YoWicCp=CjHUqA@mail.gmail.com>
 <Zha-uHu9f3DKEOOo@debian>
 <20240421153052.GA29957@gnu.wildebeest.org>
 <ZiV5unTogyI7rPJA@debian>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="J6+jlqNkZiLBbwRI"
Content-Disposition: inline
In-Reply-To: <ZiV5unTogyI7rPJA@debian>
X-Spam-Status: No, score=-4.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
 DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: gdb@sourceware.org
X-Mailman-Version: 2.1.30
Precedence: list
List-Id: Gdb mailing list <gdb.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/gdb>,
 <mailto:gdb-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/gdb/>
List-Post: <mailto:gdb@sourceware.org>
List-Help: <mailto:gdb-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/gdb>,
 <mailto:gdb-request@sourceware.org?subject=subscribe>
From: Alejandro Colomar via Gdb <gdb@sourceware.org>
Reply-To: Alejandro Colomar <alx@kernel.org>
Errors-To: gdb-bounces+public-inbox=simark.ca@sourceware.org
Sender: "Gdb" <gdb-bounces+public-inbox=simark.ca@sourceware.org>


--J6+jlqNkZiLBbwRI
Content-Type: text/plain; protected-headers=v1; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Date: Tue, 30 Apr 2024 13:28:54 +0200
From: Alejandro Colomar <alx@kernel.org>
To: Mark Wielaard <mark@klomp.org>
Cc: Joel Sherrill <joel@rtems.org>, Florian Weimer <fweimer@redhat.com>,
	Guinevere Larsen via Overseers <overseers@sourceware.org>,
	Sandra Loosemore <sloosemore@baylibre.com>,
	Guinevere Larsen <blarsen@redhat.com>, GCC <gcc@gcc.gnu.org>,
	binutils <binutils@sourceware.org>,
	Eli Zaretskii via Gdb <gdb@sourceware.org>,
	libc-alpha@sourceware.org
Subject: Re: Sourceware mitigating and preventing the next xz-backdoor

Hi Mark,

On Sun, Apr 21, 2024 at 10:40:14PM +0200, Alejandro Colomar wrote:

[...]

> Let's generate a v2 patch set, showing the range-diff against v1.  We
> need to check the commit IDs of the first set, which can be found in the
> mailing list archives, thanks to the trick we used.  The v1 range was
> 7ec952012^..892a12470.  So we just pass that range:
>=20
> 	$ git format-patch -o ./patches/ master..HEAD \
> 		--range-diff=3D7ec952012^..892a12470 -v2 --cover-letter;
> 	./patches/v2-0000-cover-letter.patch
> 	./patches/v2-0001-share-mk-build-fonts-unifont-Build-UnifontR-from-.patch
> 	./patches/v2-0002-share-mk-build-pdf-book-Use-Unifont.patch
> 	./patches/v2-0003-share-mk-build-fonts-unifont-Specify-space-width-.patch
>=20
> The v2 cover letter shows the changes introduced since v1:
>=20
> 	$ tail -n20 ./patches/v2-0000-cover-letter.patch=20
> 	 create mode 100644 share/mk/build/fonts/unifont/dit.mk
> 	 create mode 100644 share/mk/build/fonts/unifont/pfa.mk
> 	 create mode 100644 share/mk/configure/build-depends/fonts-unifont/unifo=
nt.otf.mk
>=20
> 	Range-diff against v1:
> 	1:  7ec952012 =3D 1:  7ec952012 share/mk/: build-fonts-unifont: Build Un=
ifontR from unifont.otf
> 	2:  d80376b08 =3D 2:  d80376b08 share/mk/: build-pdf-book: Use Unifont
> 	3:  892a12470 ! 3:  bc7fa7d92 share/mk/: build-fonts-unifont: Specify sp=
acewidth in afmtodit(1)
> 	    @@ Metadata
> 	     Author: Alejandro Colomar <alx@kernel.org>
> 	    =20
> 	      ## Commit message ##
> 	    -    share/mk/: build-fonts-unifont: Specify spacewidth in afmtodit(=
1)
> 	    +    share/mk/: build-fonts-unifont: Specify space width in afmtodit=
(1)
> 	    =20
> 		 Link: <https://lore.kernel.org/linux-man/ZiQ_mTQHPq3ig723@debian/T/#t>
> 		 Suggested-by: "G. Branden Robinson" <branden@debian.org>
> 	--=20
> 	2.43.0

I've added a recommendation in the Linux man-pages contributing
documentation that patches be sent with a range diff, and also that
patches be sent in PGP-signed mail (if the user has a PGP key).  It has
specific instructions like the above (but simplified).

<https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/tree/CONTRIBUT=
ING.d/patches?id=3D12aca537ce78a41bbcdaf485209691e10f8002d7#n91>

Feel free to copy any of that documentation.

I also recommended specific mutt(1) settings:

            set crypt_autosign =3D yes
            set crypt_protected_headers_write =3D yes

And git-send-email(1) configuration for using with neomutt(1):

           [sendemail]
               sendmailcmd =3D neomutt -C -H - && true

For all the documentation for mail and patches, see these two files:
<https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/tree/CONTRIBUT=
ING.d/patches>
<https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/tree/CONTRIBUT=
ING.d/mail>

Have a lovely day!
Alex

--=20
<https://www.alejandro-colomar.es/>

--J6+jlqNkZiLBbwRI
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE6jqH8KTroDDkXfJAnowa+77/2zIFAmYw1fYACgkQnowa+77/
2zIt6g/7B+A94mZpRhDLvPEZPgnX7nJRPXWOKrFkW2G3myo2XIS176l+4CngBBml
k7cSQ42AdrBUtEPw9ptwNpq4YEluBCiMmAQR1Su3f8XDf/EMDqFGYAWomRRAFJ0B
tP2Ju7jW+sEKQBOhb4g94/Fi8n3PzCCpFGF1VMnh5y9s6VqizrG/ts7IS8v+VHYt
VlVbFsy7sIVc1rNE5+3NIbpBO9tvIFAR01NIRCicAv2ZL+Q9RsAwIxTTasQXdW+O
g3W78PA858eQrx5iJmId1BfVZq7mFeyOBE80A1aFtEsSu8sW1ZDTy2M2uNXmHcz6
OlQC9HiVlNbrVQkl7MdX4nkeeACICsjqYLoSHS6NOt55DUJ+jdRH+mKvihuGGEMs
mlQEh8vtRJs6SI3mU8Dv/z+3yxIxrRUCDGVF27tEVm3U8XgUDgFWfhVBL8bFcWvj
KZhPhCPZ4nZhsGBDK9BFN1qucEtkYmakt0BmTwxMhUaMmn+bH+oTuwnmaZGMSajo
xwzRymFeruYeCj3iXzBwfdrOaakuFZwQ1V1TnM6O9p78eqV9KHNvxBo91RCkN5qw
oGVgw2K1CN+kEzwubzScFNTfGBLxxgWLDGDAXnuPh67mdPd5RXGSjZuvmQYafhl6
p1FnjVXQcCcU1XpjkJIVOt/tZehC5+ijYsxThYzKNj/vuR0JmiE=
=cIb7
-----END PGP SIGNATURE-----

--J6+jlqNkZiLBbwRI--