| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Oct 2012 15:37:51 -0700 From: Kees Cook <keescook@...omium.org> To: paulmck@...ux.vnet.ibm.com Cc: Dave Jones <davej@...hat.com>, Dave Airlie <airlied@...il.com>, Frederic Weisbecker <fweisbec@...il.com>, Matthew Garrett <mjg59@...f.ucam.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, linux-kernel@...r.kernel.org, "Eric W. Biederman" <ebiederm@...ssion.com>, Serge Hallyn <serge.hallyn@...onical.com>, "David S. Miller" <davem@...emloft.net>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH] make CONFIG_EXPERIMENTAL invisible and default On Mon, Oct 8, 2012 at 3:29 PM, Paul E. McKenney <paulmck@...ux.vnet.ibm.com> wrote: > On Mon, Oct 08, 2012 at 03:07:24PM -0700, Kees Cook wrote: >> On Sun, Oct 7, 2012 at 6:04 PM, Paul E. McKenney >> <paulmck@...ux.vnet.ibm.com> wrote: >> > On Sun, Oct 07, 2012 at 04:18:54PM -0400, Dave Jones wrote: >> >> On Sun, Oct 07, 2012 at 09:30:29AM -0700, Paul E. McKenney wrote: >> >> >> >> > > I think Kconfig is mostly what distro would like to use the thing is >> >> > > the Kconfig text needs to be there upfront when its merged, not two >> >> > > months later, since then it too late for a distro to notice. >> >> > > >> >> > > I'd bet most distros would read the warnings, but in a lot of cases >> >> > > the warning don't exist until its too late. >> >> > >> >> > In the case of CONFIG_RCU_USER_QS you are quite right, the warning >> >> > should have been there from the beginning and was not. I suppose you >> >> > could argue that the warning was not sufficiently harsh in the case of >> >> > CONFIG_RCU_FAST_NO_HZ, but either way it did get ignored: >> >> >> >> Maybe if we had a universally agreed upon tag for kconfig, like >> >> "distro recommendation: N" that would make things obvious, and also allow >> >> those of us unfortunate enough to maintain distro kernels to have something >> >> to easily grep for. This would also catch the case when you eventually (hopefully) >> >> flip from an N to a Y. >> >> >> >> There will likely still be some distros that will decide they know better >> >> (and I'm pretty sure eventually I'll find reason to do so myself), but it at least >> >> gives the feature maintainer the "I told you so" clause. >> >> >> >> Something we do quite often for our in-development kernels is enable something >> >> that's shiny, new and unproven, and then when we branch for a release, we turn >> >> it back off. It would be great if a lot of this kind of thing could be more automated. >> > >> > One approach would be to have CONFIG_DISTRO, so that experimental >> > features could use "depends on !DISTRO", but also to have multiple >> > "BLEEDING" symbols. For example, given a CONFIG_DISTRO_BLEEDING_HPC >> > and CONFIG_DISTRO_BLEEDING_RT, CONFIG_RCU_USER_QS might eventually >> > use the following clause: >> > >> > depends on !DISTRO || DISTRO_BLEEDING_HPC || DISTRO_BLEEDING_RT >> > >> > A normal distro would define DISTRO, a distro looking to provide bleeding-edge >> > HPC or real-time features would also define DISTRO_BLEEDING_HPC or >> > DISTRO_BLEEDING_RT, respectively. >> > >> > Does that make sense, or am I being overly naive? >> >> I think we should avoid any global configs that disable things. We'll >> just end up in the same place with distros again. > > So you believe that we should taint the kernel or splat on boot to > warn distros off of features that might not be ready for 100 million > users? Or do you have some other approach in mind? Personally, I think taint+printk seems like the right way to go. -Kees -- Kees Cook Chrome OS Security -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists