lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20100801210548.23f77ff6@infradead.org>
Date:	Sun, 1 Aug 2010 21:05:48 -0700
From:	Arjan van de Ven <arjan@...radead.org>
To:	paulmck@...ux.vnet.ibm.com
Cc:	"Ted Ts'o" <tytso@....edu>, linux-pm@...ts.linux-foundation.org,
	linux-kernel@...r.kernel.org, arve@...roid.com,
	mjg59@...f.ucam.org, pavel@....cz, florian@...kler.org,
	rjw@...k.pl, stern@...land.harvard.edu, swetland@...gle.com,
	peterz@...radead.org, tglx@...utronix.de, alan@...rguk.ukuu.org.uk
Subject: Re: Attempted summary of suspend-blockers LKML thread

On Sun, 1 Aug 2010 20:03:04 -0700
"Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> wrote:
> > on application programmers to do the right thing.  That's not to
> > say that we shouldn't give up on trying to influence application
> > programmers --- but relying on that as the only strategy seems to
> > depart from the path of wisdom.
> 
> Unless someone can reliably automate whacking the moles, history is
> not on the side of the mole-whackers.  I won't say that such
> automation is impossible, but only because of all the "impossible"
> things in my lifetime that have turned out to be possible.

we have a few things going for us here though

1) It's easy to programatically detect the problems
  1a) so programmers can detect issues before they ship software,
  unlike the fsync() thing Ted mentions. History is showing this is at
  least relatively successful in open source, but not with Adobe's
  proprietary software such as Flash
2) Users can be made aware of what the bad guys are
3) The business models of many of the mobile apps gives programmers a
   strong incentive to ship well behaving. The moment your first and
   second review of your app read "this app was identified as reducing
   battery life a lot"... your revenues will not go beyond the $1.98..
   ... assuming these first two guys didn't refund their app.

Since we can detect who the bad guys are, we can also automatically
quarantine them for the common cases..... which is good news.


I'm a little worried that this whole "I need to block suspend" is
temporary. Yes today there is silicon from ARM and Intel where suspend
is a heavy operation, yet at the same time it's not all THAT heavy
anymore.... at least on the Intel side it's good enough to use pretty
much all the time (when the screen is off for now, but that's a memory
controller issue more than anything else). I'm pretty sure the ARM guys
will not be far behind.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ