Add RISC-V filter support #276
Conversation
This sets the LZMA2 option lp=1 by default with the RISC-V filter for 2-byte-aligned instructions. Sometimes also pb=1 would help but it varies so this keeps the default pb=2. RISC-V instructions are 2-byte aligned when the C extension (the 16-bit compressed C instructions) are used. The assumption is that usually the C extension is used. For 4-byte-aligned instructions lp=2,lc=2 would be better. The RISC-V filter requires liblzma >= 5.6.0. Conditional compilation was implemented the same way as the ARM64 filter (see 33e03bd), thus the help text includes "riscv" even when the filter isn't available. Signed-off-by: Lasse Collin <[email protected]>
|
Just to clearly state what @agiUnderground found: this PR attempts to introduce a version of xz/liblzma that has been backdoored. |
|
@dividebysandwich I'm following the discussion. At the moment to be safe I consider anything relating to the backdoored versions suspect and blocked. |
|
@dividebysandwich Also to be 100% safe I have reverted a PR from XZ Utils from November last year, commit 0becdf3 |
|
I guess that's not 100% safe as long as xz project isn't audited and you use xz wrapper |
|
Well, it's not trying to introduce the affected versions but it uses APIs from it which might still be an incentive to use it. But also, note that @Larhzu's github account is suspended so an answer is unlikely in the short term. I don't think the API will be available in an actually released version soon however. |
People are wary of using things from the past two year. You might need to go even further back to find something that isn't malicious. |
I mentioned in the commit checks went back to 2010. "Due to the on-going issues with the XZ Utils backdooring, to be This is the only PR since I wrote the original code in 2010". |
This requires liblzma >= 5.6.0. The LZMA2 options are set with the assumption that the RISC-V C extension is in use.
I have submitted the RISC-V filter to Linux. It's in the -mm mm-nonmm-unstable branch at the moment.
The ARM64 filter is there too, that is, it didn't get into Linux 6.7 or 6.8. I failed to ensure that it would get included. Sorry.
(Not about this PR but it could be good if the default LZMA2 options could be changed for the old filters too: ARM, PowerPC, and SPARC would use the same as ARM64, and ARM-Thumb the same as RISC-V. IA-64 would need pb=4,lp=4,lc=0 but the IA-64 filter was disabled in Linux 6.7, possibly by accident, when support for the IA-64 arch was removed.)