lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4815A721.1040101@firstfloor.org>
Date:	Mon, 28 Apr 2008 12:29:53 +0200
From:	Andi Kleen <andi@...stfloor.org>
To:	Jeff Arnold <jbarnold@....EDU>
CC:	linux-kernel@...r.kernel.org
Subject: Re: A system for rebootless kernel security updates

Jeff Arnold wrote:

> I'm certainly interested in bringing the code up to kernel coding
> standards (for example, I'd be happy to address any issues with the code
> that are brought to my attention).  I'm not sure whether submitting it
> for mainline makes sense since the software doesn't significantly
> benefit from being bundled with the kernel.

To be honest you weren't the first to come up with something like this
(although you're the first to post to l-k as far as I know). But the
usual problem of something that is kept out of tree is that it
eventually bitrots and gets forgotten. The only sane way to make such
extensions a generically usable linux feature is to merge them to mainline.

> Instead, it might be more important to 1) package the userspace
> update-construction software for common Linux distributions to make it
> easily available to interested users, and 2) to provide binary kernel
> updates for common distribution kernels so that users can simply sign up
> and get fewer "your machine needs to be rebooted now for an update to
> take effect" notifications.

(2) is a incredibly large amount of work longer time. And when
distributions merge your feature they become committed to it so even if
you go away they would still need to maintain it on their own. Since
they understand how much work this is they likely won't do it in the
first place. Really it's far  better to just merge if you want it to
make it out of the "toy" stage.

-Andi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ