[PATCH] D113991: Support using sha256 as --build-id kind
Fangrui Song via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Tue Nov 16 10:11:06 PST 2021
MaskRay added a comment.
The SHA-1 deprecation, AFIAK, is for digital signature.
ld.lld's --build-id feature, as I know, has no validation tool. It is used for "approximation of true uniqueness across all binaries that might be used by overlapping sets of people" (https://fedoraproject.org/w/index.php?title=RolandMcGrath/BuildID&oldid=16098), not for security purposes.
So I think the description
> Both sha1 and md5 are considered deprecated,
does not apply.
That said, adding the option is straightforward/simply. If useful, we can add it, but the justification needs to be higher than "Transport Layer Security has phased out SHA-1, so we follow suit"
Will GNU ld add this option?
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D113991/new/
https://reviews.llvm.org/D113991
More information about the llvm-commits
mailing list