lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 25 Feb 2016 10:30:44 -0700
From:	Jerry Snitselaar <jsnitsel@...hat.com>
To:	Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc:	James Morris <jmorris@...ei.org>, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org,
	tpmdd-devel@...ts.sourceforge.net, keyrings@...r.kernel.org,
	Wilck@...el.com
Subject: Re: [tpmdd-devel] [GIT PULL] remaining tpmdd fixes for Linux 4.5

On Mon Feb 22 16, Jarkko Sakkinen wrote:
>On Mon, Feb 22, 2016 at 12:56:53PM +1100, James Morris wrote:
>> On Sat, 20 Feb 2016, Jarkko Sakkinen wrote:
>>
>> > Hi James,
>> >
>> > I'm sorry for the late pull request for 4.5. The reason for this was
>> > the latency in my previous one. I picked with care the absolutely
>> > critical fixes so that we can make a sound tpmdd release.
>> >
>> > I really hope you can still pick these as one of them is absolutely
>> > critical to get authorization policy sealing API right (kernel keeps
>> > it finger out of user space created objects).
>>
>> Pushed to next for more testing and review.
>>
>> This really is getting too late in the development cycle for so many
>> fixes.  It means the code was not ready to be merged in the first place.
>
>I fully agree what you're saying. I'll learn the lesson here and take
>factors more conservative attitude from now on. No excuses. I'm sorry
>about this.
>
>Partly the reason for recent increase in regressions has been
>increased real-world use of TPM2 and thus issues have started to pop
>up that's a lame excuse anyway.
>

Would it be worthwhile to have a tpm branch that gets pulled by -next
directly so changes will have already been going through the paces in
-next prior to the pull reuqest to James?

snits

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ