lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Mar 2017 23:02:31 +0900
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Daniel Vetter <daniel.vetter@...el.com>,
        Jani Nikula <jani.nikula@...ux.intel.com>,
        intel-gfx <intel-gfx@...ts.freedesktop.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        stable <stable@...r.kernel.org>
Subject: Re: [Intel-gfx] The i915 stable patch marking is totally broken

On Thu, Mar 16, 2017 at 08:38:30AM +0100, Daniel Vetter wrote:
> Hi Greg,
> 
> On Mon, Mar 13, 2017 at 07:40:50AM +0100, Daniel Vetter wrote:
> > On Sun, Mar 12, 2017 at 11:01 PM, Greg KH <gregkh@...uxfoundation.org> wrote:
> > > So if a commit says "cherry-pick", I guess I can always assume it's safe
> > > to add, right?  If not, _then_ I have to run the "search backwards"
> > > logic, right?
> > >
> > > Ok, let me think about this a bit to see if that's possible to script...
> > 
> > Yes, but it shouldn't be hard to avoid the linear search:
> > 
> > 1. make sure you have the latest linux-next (to make sure all the sha1
> > commit-ish resolve to something meaningful). You probably want to do
> > that before you board a plane :-)
> > 
> > 2. When you parse an upstream commit that says "commit cherry-picked
> > from $original_sha1", then add a git note for $original_sha1 that
> > you've seen it already and can ignore it.
> > 
> > 3. Run that script over v4.9..v4.10 to backfill your git notes branch.
> > 
> > 4. Make sure you sync that git notes branch (and if you use git notes
> > already, just use a different git notes branch name to avoid
> > conflicts).
> > 
> > 5. When you spot a patch with cc: stable, check for a git note that
> > says you've looked at it (or one of it's cherry-picks) already, if so,
> > silently ignore it.
> > 
> > That should massively drop the ratio of failed patches, at least every
> > time I look at your failed patche mail I think they're just
> > double-applied ones. There's ofc a few patches that fail to apply, 3
> > months of drm/i915 development even wreak the context of simple
> > bugfixes sometimes, but most are not (which is btw why you don't get
> > replies for most of these).
> 
> Are you implementing this? If you need inspiration, we also have a fairly
> generic cherry-pick branch command, which filters out duplicated cherry
> picks already with:
> 
>     git log drm-intel-fixes --format=format:%h --after=6months \
> 		    --grep="cherry picked .* $commit"
> 
> See https://cgit.freedesktop.org/drm-intel/tree/dim?h=maintainer-tools#n713
> 
> Please make sure you have something like this ready soon, otherwise we're
> going to have this exact conversation again, like we did for the last few
> merge windows ... :(
> 
> If you can't implement this, then I guess we have to try to avoid
> double-tagging stuff with cc: stable. But that will work against 10+ years
> of "pls cc: stable bugfixes" training from you. And we'd need to predict
> when exactly the merge window cutoff is. Which is going to get it wrong by
> 1-2 weeks each release, so trying to fix this on our side will be at best
> an 80% solution, after 1y of hard re-trainig work :(

Sorry, I haven't had the chance to look at this again.

But, I still think this is wrong, you are getting commits into Linus's
tree that have git commit ids that hopefully show up 3 months later.
That feels bad from a "consistency" point of view.

Why not switch it around, and apply the patch to your "stable" branch
and then cherry-pick it to your "next" branch?  That way I can just
ignore any patch that has "cherry-pick" in it, not ever need to mess
with 'git notes' (not that I probably would anyway, they are horrid),
and the tree is always semi-sane.  And it would prevent me from having
to mess with linux-next, which I also don't want to have to do.
Especially for stable work, that just feels so wrong, as stable stuff
should not be depending on stuff that hasn't even hit Linus's tree yet,
and might never.

And again, you all are the only ones that have this issue.  You might
find a handfull of patches for stable that come in twice in the rest of
the kernel, but your "little" driver dwarfs that by an order of
magnitude.  I really think you are doing it wrong, no one else seems to
have this issue...

I'll be back home next week and look into writing some scripts for this,
but please consider just switching your "which branch does it go into
first" model, which would really save me a ton of time, and remove
confusion from anyone who ever runs across one of these cherry-pick
messages.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ