[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1223996859.5193.61.camel@moss-spartans.epoch.ncsc.mil>
Date: Tue, 14 Oct 2008 11:07:39 -0400
From: Stephen Smalley <sds@...ho.nsa.gov>
To: Ingo Molnar <mingo@...e.hu>
Cc: Tejun Heo <tj@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
linux-kernel@...r.kernel.org,
Andrew Morton <akpm@...ux-foundation.org>,
Jens Axboe <jens.axboe@...cle.com>,
Thomas Gleixner <tglx@...utronix.de>,
"H. Peter Anvin" <hpa@...or.com>, Yinghai Lu <yinghai@...nel.org>,
James Morris <jmorris@...ei.org>,
Eric Paris <eparis@...isplace.org>
Subject: Re: [bug] latest -git boot hang
On Sat, 2008-10-11 at 09:19 +0200, Ingo Molnar wrote:
> * Tejun Heo <tj@...nel.org> wrote:
>
> > > It does sound like perhaps the option should be hidden more, if it's
> > > really only reasonably enabled for some very specialized distro
> > > debuggers, not normal kernel people.
> >
> > Yeap, if fedora didn't work, I think it should be hidden. Do we
> > already have place to hide things like this?
>
> in my local testing i'm using simple annotations like the one attached
> further below. Any objections against sending my BROKEN_BOOT_ALLOWED kit
> upstream, and merge my annotations for various kernel features that
> break a generic distro bootup?
>
> Right now i have about 40 such annotations for -tip testing:
>
> fs/Kconfig: depends on BROKEN_BOOT_ALLOWED
> fs/Kconfig: depends on BROKEN_BOOT_ALLOWED
> security/selinux/Kconfig: depends on BROKEN_BOOT_ALLOWED
> security/smack/Kconfig: depends on BROKEN_BOOT_ALLOWED
> security/Kconfig: depends on BROKEN_BOOT_ALLOWED
What in particular under fs/Kconfig and security/*Kconfig falls into
this category, and why? What constitutes a "generic distro bootup"?
For distros that support SELinux, it obviously shouldn't break the
bootup (there have of course been cases where it has, but those were
bugs that have been addressed, including the recent /proc/net breakage),
and for other distros, it should yield no effect as no policy will be
loaded and thus SELinux just allows everything.
> drivers/net/appletalk/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/net/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/media/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/scsi/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/watchdog/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/watchdog/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/ide/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/i2c/busses/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/block/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/console/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/video/console/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/mtd/Kconfig: depends on BROKEN_BOOT_ALLOWED
> drivers/isdn/icn/Kconfig: depends on BROKEN_BOOT_ALLOWED
> lib/Kconfig.kgdb: depends on BROKEN_BOOT_ALLOWED
> lib/Kconfig.debug: depends on BROKEN_BOOT_ALLOWED
> lib/Kconfig.debug: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig.debug: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: # depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig: depends on BROKEN_BOOT_ALLOWED
> arch/x86/Kconfig.cpu: depends on BROKEN_BOOT_ALLOWED
>
> and note the stark contrast to CONFIG_BROKEN - sometimes a given
> functionality is really not meant to be enabled on a generic system.
>
> Ingo
>
> ---------------->
> Subject: qa: no ext devt
> From: Ingo Molnar <mingo@...e.hu>
> Date: Fri Oct 10 22:54:57 CEST 2008
>
> Signed-off-by: Ingo Molnar <mingo@...e.hu>
> ---
> lib/Kconfig.debug | 2 ++
> 1 file changed, 2 insertions(+)
>
> Index: linux/lib/Kconfig.debug
> ===================================================================
> --- linux.orig/lib/Kconfig.debug
> +++ linux/lib/Kconfig.debug
> @@ -670,6 +670,8 @@ config DEBUG_BLOCK_EXT_DEVT
> bool "Force extended block device numbers and spread them"
> depends on DEBUG_KERNEL
> depends on BLOCK
> + depends on BROKEN_BOOT_ALLOWED
> + select BROKEN_BOOT
> default n
> help
> Conventionally, block device numbers are allocated from
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
--
Stephen Smalley
National Security Agency
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists