> -----Original Message----- > From: Matheus Bernardino (QUIC) <quic_mathb...@quicinc.com> > Sent: Thursday, April 4, 2024 12:57 PM > To: m...@klomp.org > Cc: Brian Cain <bc...@quicinc.com>; elfutils-devel@sourceware.org; Andrew > Pinski (QUIC) <quic_apin...@quicinc.com>; Matheus Bernardino (QUIC) > <quic_mathb...@quicinc.com>; Sid Manning <sidn...@quicinc.com> > Subject: Re: [PATCH v3] Hexagon: implement machine flag check > > On Thu, Apr 04, 2024 at 21:43:11 +0200, Mark Wielaard wrote: > > > > > > Note that we also have a public-inbox instance, which is useful in > > some cases since you can address patches by message-id: > > https://inbox.sourceware.org/elfutils- > devel/d198f1806a486bd5129c996f10 > > 680b947ecdc581.1712087613.git.quic_mathb...@quicinc.com/ > > Awesome! I much rather prefer the public-inbox interface :) Thanks! > > BTW, just out of curiosity, since the last incident with xz's backdoor (which > apparently involved malicious code disguised as a test binary), has the > elfutils > community already considered using something like Dockerfiles to generate > the tests/*.ko.bz2 binaries instead of checking than in the git repo? Just > something that crossed my mind while I was developing these patches.
That came across my mind too. Especially after Mark wrote backdoor on what might need to be improved for sourceware and what tooling is needed for the projects hosted on sourceware (which is most of the GNU toolchain): https://inbox.sourceware.org/gcc/20240329203909.gs9...@gnu.wildebeest.org/T/#mc980204081b149132aeace4bf3d83cf35dad72d8 Thanks, Andrew Pinski
