From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mx0a-002e3701.pphosted.com (mx0a-002e3701.pphosted.com [148.163.147.86])
 by mx.groups.io with SMTP id smtpd.web11.120.1589400856624749031
 for <devel@edk2.groups.io>;
 Wed, 13 May 2020 13:14:16 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: hpe.com, ip: 148.163.147.86, mailfrom: prvs=0402747a6d=brian.johnson@hpe.com)
Received: from pps.filterd (m0134420.ppops.net [127.0.0.1])
	by mx0b-002e3701.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 04DK2vXR006060;
	Wed, 13 May 2020 20:14:15 GMT
Received: from g9t5009.houston.hpe.com (g9t5009.houston.hpe.com [15.241.48.73])
	by mx0b-002e3701.pphosted.com with ESMTP id 3100ywhh6v-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Wed, 13 May 2020 20:14:14 +0000
Received: from g9t2301.houston.hpecorp.net (g9t2301.houston.hpecorp.net [16.220.97.129])
	by g9t5009.houston.hpe.com (Postfix) with ESMTP id 14F1F51;
	Wed, 13 May 2020 20:14:14 +0000 (UTC)
Received: from [16.214.65.213] (unknown [16.214.65.213])
	by g9t2301.houston.hpecorp.net (Postfix) with ESMTP id D84374B;
	Wed, 13 May 2020 20:14:11 +0000 (UTC)
To: devel@edk2.groups.io, bret.barkelew@microsoft.com,
        "lersek@redhat.com" <lersek@redhat.com>,
        "Kinney, Michael D" <michael.d.kinney@intel.com>,
        Vitaly Cheptsov <cheptsov@ispras.ru>
Cc: Andrew Fish <afish@apple.com>,
        =?UTF-8?Q?Marvin_H=c3=a4user?=
 <mhaeuser@outlook.de>,
        "liming.gao" <liming.gao@intel.com>,
        "Gao, Zhichao" <zhichao.gao@intel.com>
References: <20200511154121.3878-1-cheptsov@ispras.ru>
 <MN2PR11MB446155752A1BB7EADB0F8F69D2A10@MN2PR11MB4461.namprd11.prod.outlook.com>
 <44ac1ca1-953a-21a2-0c9e-c83aca153b0b@redhat.com>
 <MN2PR11MB44618F21D9B49CF915B69142D2BE0@MN2PR11MB4461.namprd11.prod.outlook.com>
 <9347b132-b0e9-5b26-f993-910aafc9d6ae@redhat.com>
 <CY4PR21MB0743D980C8E13FA85E250DE1EFBF0@CY4PR21MB0743.namprd21.prod.outlook.com>
From: "Brian J. Johnson" <brian.johnson@hpe.com>
Message-ID: <03fd8c84-ed5a-e7c9-c4bf-039d94354992@hpe.com>
Date: Wed, 13 May 2020 15:14:10 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101
 Thunderbird/68.7.0
In-Reply-To: <CY4PR21MB0743D980C8E13FA85E250DE1EFBF0@CY4PR21MB0743.namprd21.prod.outlook.com>
X-Proofpoint-UnRewURL: 0 URL was un-rewritten
MIME-Version: 1.0
X-HPE-SCL: -1
Subject: Re: [edk2-devel] [PATCH V4 00/27] Disabling safe string constraint assertions
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.216,18.0.676
 definitions=2020-05-13_09:2020-05-13,2020-05-13 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 phishscore=0
 impostorscore=0 cotscore=-2147483648 suspectscore=6 lowpriorityscore=0
 mlxlogscore=471 clxscore=1011 adultscore=0 bulkscore=0 mlxscore=0
 malwarescore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx
 scancount=1 engine=8.12.0-2004280000 definitions=main-2005130171
X-MIME-Autoconverted: from 8bit to quoted-printable by mx0b-002e3701.pphosted.com id 04DK2vXR006060
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable

As am I -- I don't see that they add value.

Brian
-------- Original Message --------
From: Bret Barkelew via groups.io=20
[mailto:bret.barkelew=3Dmicrosoft.com@groups.io]
Sent: Wednesday, May 13, 2020, 9:41 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>, lersek@redhat.com=20
<lersek@redhat.com>, Kinney, Michael D <michael.d.kinney@intel.com>,=20
Vitaly Cheptsov <cheptsov@ispras.ru>
Cc: Andrew Fish <afish@apple.com>, Marvin H=E4user <mhaeuser@outlook.de>,=
=20
liming.gao <liming.gao@intel.com>, Gao, Zhichao <zhichao.gao@intel.com>
Subject: [EXTERNAL] Re: [edk2-devel] [PATCH V4 00/27] Disabling safe=20
string constraint assertions

Ooooo. Does that mean we get to start on DebugLibEx?

In all seriousness, I=92m also in the camp of =93can=92t we just drop thes=
e
assertions=94?

- Bret
------------------------------------------------------------------------
*From:* devel@edk2.groups.io <devel@edk2.groups.io> on behalf of Laszlo
Ersek via groups.io <lersek=3Dredhat.com@groups.io>
*Sent:* Wednesday, May 13, 2020 2:16:12 AM
*To:* Kinney, Michael D <michael.d.kinney@intel.com>;
devel@edk2.groups.io <devel@edk2.groups.io>; Vitaly Cheptsov
<cheptsov@ispras.ru>
*Cc:* Andrew Fish <afish@apple.com>; Marvin H=E4user
<mhaeuser@outlook.de>; liming.gao <liming.gao@intel.com>; Gao, Zhichao
<zhichao.gao@intel.com>
*Subject:* [EXTERNAL] Re: [edk2-devel] [PATCH V4 00/27] Disabling safe
string constraint assertions
Hi Mike,

On 05/12/20 20:18, Kinney, Michael D wrote:

> What if there is a=20
> DebugLib implementation of the DebugLib class that=20
> does not depend on DebugCommonLib.

There need not be a link failure in this case either, if the DebugLib
instance in question provides the DebugCommonLib API implementations too.

Anyway I don't want to obsess about this. I'm just sad there are zero
acceptable solutions apparently to the 100% valid problem statement that
Vitaly submitted last August, in TianoCore#2054. (Asserting properties
of untrusted external data is *asinine*.) But then, if Vitaly proposes
to update all DebugLib instances one by one, that gets shot down because
"too many DebugLib instances in platforms". And if Vitaly extracts the
common bits so that only the common bits have to be updated, that gets
shot down by "we don't support this kind of dependency, please update
all DebugLib instances instead".

Let's just be honest and call DebugLib frozen forever.

Laszlo








--=20

                                                 Brian

--------------------------------------------------------------------

    "We are Microsoft. UNIX is irrelevant.  OS/2 is irrelevant. Openness
     is futile.  Prepare to be assimilated."
                                         -- prs@turing.org
                                         -- (quoted by Eric Berggren)