lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFw7Ti3=51vVzNO5QEmPYP-znM95OqvZV9TX=mRcwaOCrA@mail.gmail.com>
Date:	Fri, 12 Jul 2013 08:22:27 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Guenter Roeck <linux@...ck-us.net>
Cc:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Dave Jones <davej@...hat.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	stable <stable@...r.kernel.org>
Subject: Re: [ 00/19] 3.10.1-stable review

On Fri, Jul 12, 2013 at 7:15 AM, Guenter Roeck <linux@...ck-us.net> wrote:
>> >
>> > I get the impression as soon as we hit -rc1, some maintainers immediately
>> > go into "OH SHIT, I CAN'T SEND PATCHES OR LINUS WILL SHOUT AT ME" mode.
>>
>> I agree.  But it seems that I need to now start shouting at them :(
>
> Just like others, I now have a cutoff-point for -stable patches. Depending on
> the severity of a bug, it is somewhere between -rc4 and -rc6. After -rc6 I only
> push regressions and crash fixes; the rest has to wait for the commit window.

So regressions, crash fixes (and security issues) is exactly what I
want to get after -rc3 or so. And yes, I will start shouting at people
if other things show up.

However, I think your comments clearly show the problem:

> So, yes, there are a couple of hwmon patches in your list.
>
> From a maintainer perspective, seems to me we are stuck between a rock and a
> hard place. Yes, I would prefer to push all -stable material even late in the
> -rc game, but that is not how things work nowadays anymore.

That's f*cking sad. You know *why* it's sad?

Go read the rules for stable patches. Really.

Because the rules for stable patches are the rules _I_ use for that
late -rc stuff, and is pretty much exactly what you yourself described
as "this is what I send Linus after -rc4".

Now, that should make you think about THE ABSOLUTE CRAP YOU MARK FOR -stable!

If it isn't important enough to send to me after -rc4, then it damn
well isn't important enough to mark for stable either!

It really is that simple.

> This should really be discussed at the Kernel Summit. Overall, I don't really
> care too much how to handle it. Just tell me. The outlook of "Either Linus
> will shout at you or Greg will" doesn't sound like a good solution, though.

Listen to yourself. In fact, there is a damn good solution": don't
mark crap for stable, and don't send crap to me after -rc4.

If it doesn't fit the stable rules, they should go in the next merge
window. It really is that simple. You even (unwittingly) pretty much
described the stable rules, but then you apparently didn't understand
that those were the rules for -stable too.

Of course, I suspect I see why this happens. Greg doesn't shout as
much as me, and he has been taking any random patches into -stable. So
the end result is that people think it's easier to mark things for
-stable than it is to show that it actualy *is* stable, and they are
trying to use -stable as a way to get any random late fixes in.

That is not how stable should work. When stable started, it had some
rather clear rules. It's not for "fixes". It was meant to be solely
for big issues.

The thing you just described that you put a stable tag on is *EXACTLY*
the things that should not be marked for stable. For *EXACTLY* the
same reason that you realized you shouldn't push it to me after -rc4.

Do you really not see this?

Greg, the reason you get a lot of stable patches seems to be that you
make it easy to act as a door-mat. Clearly at least some people say "I
know this patch isn't important enough to send to Linus, but I know
Greg will silently accept it after the fact, so I'll just wait and
mark it for stable".

You may need to learn to shout at people.

                   Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ