lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20101017054008.GA16383@elte.hu>
Date:	Sun, 17 Oct 2010 07:40:08 +0200
From:	Ingo Molnar <mingo@...e.hu>
To:	Christoph Hellwig <hch@...radead.org>
Cc:	"H. Peter Anvin" <hpa@...or.com>, kernel@...ts.fedoraproject.org,
	Mimi Zohar <zohar@...ibm.com>, warthog9@...nel.org,
	Dave Chinner <david@...morbit.com>,
	linux-kernel@...r.kernel.org, Serge Hallyn <serue@...ibm.com>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	James Morris <jmorris@...ei.org>,
	Kyle McMartin <kyle@...artin.ca>
Subject: Re: ima: use of radix tree cache indexing == massive waste of memory?


* Christoph Hellwig <hch@...radead.org> wrote:

> On Sat, Oct 16, 2010 at 02:10:29PM -0700, H. Peter Anvin wrote:
>
> > "Christoph Hellwig" <hch@...radead.org> wrote:
> >
> > > Besides the algorithmic problems with ima, why is kernel.org using 
> > > IMA to start with?  Except for IBM looking for a reason to jusity 
> > > why TPM isn't a completely waster of ressources it's pointless.  
> > > And it was only merged under the premise that it would not affect 
> > > innocent normal users.
> >
> > I'm confused ... what makes you think we are?  This might have been 
> > an unintentional misconfiguration...
> 
> I didn't mean to imply you enabled it intentionally.  In fact it looks 
> like the inode tracking in IMA is always on once it's compiled in, 
> which totally defeats the purpose of doing it's on iternal inode 
> tracking instead of bloating the inode what they originally proposed.  
> IMA really needs a kernel parameter to only enabled this crap when 
> people actually use it.

That is true.

> And whoever turned it on in Fedora needs some serious wahcking.

And that is false.

This security feature was merged upstream last year, it's not in 
drivers/staging/ and the Kconfig help text does not contain any warning 
that this is 'crap', so how were the Fedora people supposed to know?

If you are suggesting that distribution kernel maintainers should not 
trust upstream kernel feature decisions and are expected to do a line by 
line review of the ~40,000 commits that go upstream every year, to make 
sure there's no hidden 'crap' in them (and failing that be labeled 
incompetent idiots), then you are out of your mind.

It's just not possible to do that nor is it reasonable or efficient: 
crap should be caught via hierarchical filtering: when the developer 
posts the first patches to lkml, or when it merged into a maintainer 
tree, or when it goes upstream or when it is upstream and then, as the 
very last (and most expensive) line of defense, it will be caught when 
it gets exposure in distributions. Which seems to be precisely what 
happened here.

Fact is that Kyle did Linux a _favor_ by enabling the feature in Fedora, 
as it allowed the bug/inefficiency/crap to be found by Dave. Linux got 
richer as a result as we learned about a bug that affects many people. 
Your gratuitous insults against him are highly misguided.

Thanks,

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ