lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 08 Nov 2009 21:37:58 -0800
From: (Eric W. Biederman)
To:	Arjan van de Ven <>
Subject: Re: [PATCH 22/23] sysctl arm: Remove binary sysctl support

Arjan van de Ven <> writes:

> On Sun, 08 Nov 2009 19:27:07 -0800
> (Eric W. Biederman) wrote:
>> I just took a look and the use in linux threads that I don't warn
>> about is used by glibc-2.8 but not by glibc-2.10.  glibc-2.11 has just
>> been released. so by next year when the removal is scheduled we are
>> looking at multiple releases of glibc that don't use sys_sysctl.  So I
>> expect shortly I can warn about all uses of sys_sysctl without anyone
>> seeing a warning.
> hmmmmm it's still an ABI break, and while you say "oh it's 3 glibcs
> ago".. there's the static linking case.
> to be honest, I don't think we can ever remove things that are used by
> glibc during its startup....

The glibc pthread code that uses sysctl has no problems if sys_sysctl
is gone.  It both falls back to reading /proc/sys and it just controls
an optimization and the code works with either result.  Been there,
done that.

The only reason sys_sysctl remains is because there are a handful of
other apps that needed an appropriate warning time, and we weren't
doing anything that had a reasonable chance of notifying them.

I think it is worth getting us to the point where we can run with
sysctl disabled.  At the same time, this patchset gets 99%+ of the
benefit.  It isolates the entire binary interface into sysctl_binary.c
so outside of that one file we have no maintenance overhead in
maintaining the binary interface, and anyone who is trying to optimize
for kernel size can trivially turn it off.

Which allows the kernel development to proceed as if the sysctl binary
interface does not exist, as it has largely always done.

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

Powered by blists - more mailing lists