lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 25 Apr 2007 13:45:19 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	netdev@...r.kernel.org
Subject: Re: sysctls

Andrew Morton <akpm@...ux-foundation.org> writes:

> I note that the networking tree is adding new sysctls:
>
> <<<<<<< HEAD/include/linux/sysctl.h
>         NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
> =======
>         NET_IPV6_OPTIMISTIC_DAD=24,
>         NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
>>>>>>>> /include/linux/sysctl.h
>
> (Well, it's trying to - there are some git rejects in net-2.6.22)
>
> But we kind-of decided a while back to stop doing that and to
> use CTL_UNNUMBERED.
>
> Frankly, I don't 100% remember the thinking - Eric, can you please remind
> us?

The thinking is this:

  Binary sysctl numbers are a problem because of patch conflicts like
  the above, and the related user space breakage they cause.

  In practice no one uses binary sysctl numbers.

So the policy should be to add new sysctl's using CTL_UNNUMBERED
(to prevent patch conflicts and user space breakage).

There may be cases where someone actually needs the binary sysctl
interface.  Once there is a demonstrated need we can go back
and very carefully add numbers for these very few cases, with
a strong review process.

Adding binary sysctl numbers should be done as carefully as and with
as much review as adding syscall numbers, and distro kernels and other
stable kernels should never get a sysctl number backport until the
number first reaches Linus's tree.  To avoid difference in meaning
between different kernels.

Given that no one except on BSD uses the binary sysctl interface
anyway my personal preference is to just freeze it and to reduce the
number of binary sysctls we support if possible.

Eric
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ