lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Fri, 05 Feb 2016 16:07:12 +0100
From:	Lubomir Rintel <lkundrak@...sk>
To:	Bjørn Mork <bjorn@...k.no>,
	David Miller <davem@...emloft.net>
Cc:	jay.vosburgh@...onical.com, netdev@...r.kernel.org,
	linux-kernel@...r.kernel.org, vfalico@...il.com,
	gospo@...ulusnetworks.com
Subject: Re: [PATCH 3/3] bonding: make device count build-time configurable

Hi Bjørn,

On Tue, 2016-01-12 at 22:40 +0100, Bjørn Mork wrote:
> David Miller <davem@...emloft.net> writes:
> > From: Lubomir Rintel <lkundrak@...sk>
> > Date: Tue, 12 Jan 2016 18:19:49 +0100
> > 
> > > It's still an improvement to let the distributions decide if
> > > they're
> > > keeping "ip link add" broken or possibly affecting the scripts.
> > 
> > That it is "broken" is your opinion.
> > 
> > Document the behavior.  It is not broken if the user is told to be
> > mindful of what devices are created by default.
> > 
> > There is way too much downside to changing this.
> 
> Besides, distributions or admins can already change that behaviour if
> they consider it "broken", using the existing module parameter:
> 
>  # echo "options bonding max_bonds=0" >/etc/modprobe.d/bonding.conf
>  # rmmod bonding
>  # ip link add bond0 type bond
>  (no error here)
> 
> This method should be well known and understood by most users,
> contrary
> to some odd CONFIG_ build time setting.

Yes, that's an alternative solution. We may end up shipping such
configuration file, though it's not really clear what package should
ship it (probably systemd?).

I'd still prefer a kernel build-time option. It's more likely for
distributions to do the decision they prefer when running make
oldconfig. I'm assuming most distros would like to drop the legacy
behavior; at this point noone probably relies on it anyway, given
NetworkManager works around this by manually loading the module with
the maxbonds=0 manually.

Also, there's prior art to addressing this in kernel; the block
loopback.

> Bjørn

Regards,
Lubo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ