lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Sep 2006 03:01:15 +0200 From: Adrian Bunk <bunk@...sta.de> To: Willy Tarreau <w@....eu> Cc: Greg KH <greg@...ah.com>, linux-kernel@...r.kernel.org Subject: Re: Linux 2.6.16.30-pre1 On Sun, Sep 24, 2006 at 10:02:04PM +0200, Willy Tarreau wrote: > On Sun, Sep 24, 2006 at 08:16:41PM +0200, Adrian Bunk wrote: >... > > > Anyway, the case above was even not that. It was simply that if the shiny > > > new sata_piix driver detected the sata controller, it would then steal the > > > resources first, preventing ata_piix from registering. > > > > I know that ATA is an area that requires extra care (and I don't plan > > any big updates in this area). > > > > But having: > > - two saa7134 cards in your computer and > > - one of them formerly not supported and > > - depending on one of them being the first one > > is a case you can theoretically construct, but then there's the point > > that this is highly unlikely, and OTOH the value of the added support is > > more realistic. > > I don't personaly have problems with those cards (I don't use them at all), > I was just arguing general principles in response to Greg's comments. I > think you're already taking extreme care in what you accept, but I think > that what you're currently doing is middle way between Greg's stable policy > and what yourself would really like to do. I hope that in the end, you will > not get frustrated by refraining from merging patches you would have liked > to get, while being criticized for having merged too many. > > Probably that later you will have to either maintain several other versions > (let's say 2.6.16+2.6.18) or have sort of an "enhanced" branch with more > fixes (which is easy to do with GIT). Instead of 2.6.16+2.6.18, it would be easier to simply use 2.6.18. And this is what I have in mind as a possible solution: Start a similar stable series based on e.g. 2.6.22 or 2.6.24, and announce an EOL date for 2.6.16 half a year or one year after this branch starts. Well, that's all very far in the future (even 2.6.22 + half a year will most likely be in 2008), but it's better than backporting huge updates. > > If I was as extremely regarding regressions as you describe regarding > > hardware updates, I would also have to reject any bugfixes that are not > > security fixes since they might cause regressions. > > Hmm, don't say this publicly, you'll get people saying that it is what > they expect ! I say what I want to do, and I did say the same before I started maintaining the 2.6.16 branch. > > I do know that the only value of the 2.6.16 tree lies in a lack of > > regressions and act accordingly, but I'm trying to do this in a > > pragmatic way. > > That's what I observed till now. I just wanted to warn you about the risks > of getting hit. Is someone wants to prove me wrong, he should send me the reports of regressions my changes have caused... > Cheers, > Willy cu Adrian -- "Is there not promise of rain?" Ling Tan asked suddenly out of the darkness. There had been need of rain for many days. "Only a promise," Lao Er said. Pearl S. Buck - Dragon Seed - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists