| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2012 01:42:14 -0700 (PDT) From: david@...g.hm To: Ingo Molnar <mingo@...nel.org> cc: Linus Torvalds <torvalds@...ux-foundation.org>, Borislav Petkov <bp@...64.org>, Cyrill Gorcunov <gorcunov@...nvz.org>, Pekka Enberg <penberg@...nel.org>, richard -rw- weinberger <richard.weinberger@...il.com>, "Myklebust, Trond" <Trond.Myklebust@...app.com>, Dave Jones <davej@...hat.com>, Greg Kroah-Hartman <greg@...ah.com>, Ubuntu Kernel Team <kernel-team@...ts.ubuntu.com>, Debian Kernel Team <debian-kernel@...ts.debian.org>, OpenSUSE Kernel Team <opensuse-kernel@...nsuse.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>, Sasha Levin <levinsasha928@...il.com>, Asias He <asias.hejun@...il.com>, Pavel Emelyanov <xemul@...allels.com> Subject: Re: [opensuse-kernel] Re: [RFC] Simplifying kernel configuration for distro issues On Wed, 18 Jul 2012, Ingo Molnar wrote: > * david@...g.hm <david@...g.hm> wrote: > >>> Anybody who says "I want to run Fedora without SELINUX >>> because I do my own security development" is by *definition* >>> not relevant to the whole feature. >> >> Don't mistake the example for the feature. the SELINUX thing >> is just an example. As Alan Cox commented, taking a distro >> config and disabling one thing is a common troubleshooting >> request from kernel developers. > > It's still irrelevant: > > - if a user chooses a distro config it means that he is using > that distro. Disabling an essential component of the distro > config, even if a kernel developer asks for it, will likely > break that distro and is thus a dumb thing to do. (the > typical user will also be unlikely to be *able* to edit a > .config and make sure it works.) that's assuming that everything listed really is essential. The history of features defaulting to 'Y' in the existing kernel config doesn't give me great confidence that reality will be anywhere close to this ideal. > - Furthermore, there's *already* over ten thousand select's in > our Kconfig's, and it's already hard at times to disable > dependent options. > > - I've been using what Linus suggested for many years via > private patches to do bootable randconfig testing and the > concept works just fine - enabling a distro specific > minconfig is absolutely useful, I'm glad it's being pursued > upstream as well... > > So what you are arguing about is IMO irrelevant, it is > immaterial to the problem at hand and the concept works just > fine in practice. Shrug, you guys have to maintain the result, I'm just a user. But I don't see why the same logic that kept the kernel installation outside of the makefiles and created /sbin/installkernel wouldn't also apply here. using a separate miniconfig in a known place would seem to be less code, distribute the work better (as every distro can use it without having to patch the same files in the kernel source), and be more flexible. Flexibility has a way of being leveraged in ways never imagined initially, so if it can be gained without complicating the code (and it's maintinance), and the initial use case, I always tend to push for the more flexible option. David Lang -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists