lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180501101435.GA18574@amd>
Date:   Tue, 1 May 2018 12:14:35 +0200
From:   Pavel Machek <pavel@....cz>
To:     Greg KH <gregkh@...uxfoundation.org>
Cc:     Ondrej Zary <linux@...nbow-software.org>,
        Matthew Wilcox <willy@...radead.org>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: Moving unmaintained filesystems to staging

On Sun 2018-04-29 16:37:37, Greg KH wrote:
> On Sun, Apr 29, 2018 at 10:07:26PM +0200, Ondrej Zary wrote:
> > On Sunday 29 April 2018 14:07:05 Greg KH wrote:
> > > On Thu, Apr 26, 2018 at 08:11:08AM +0200, Pavel Machek wrote:
> > > > On Wed 2018-04-25 08:46:02, Matthew Wilcox wrote:
> > > > > Recently ncpfs got moved to staging.  Also recently, we had some fuzzer
> > > > > developers report bugs in hfs, which they deem a security hole because
> > > > > Ubuntu attempts to automount an inserted USB device as hfs.
> > > >
> > > > We promise "no-regressions" for code in main repository, no such
> > > > promise for staging. We have quite a lot of code without maintainer.
> > > >
> > > > Moving code to staging means it will get broken -- staging was not
> > > > designed for this. I believe moving anything there is bad idea.
> > > >
> > > > Staging is for ugly code, not for code that needs new maintainter.
> > >
> > > Staging is used for getting code _out_ of the kernel tree as well as
> > > _in_.  We use it all the time to move code there, see if anyone shows up
> > > in 6-8 months to say "I will fix this!", and if not, we delete it.
> > >
> > > Look at what just happened to IRDA in the 4.17-rc1 release as an example
> > > of this.
> > 
> > Really a "great" example of deleting working code :( 
> 
> What do you mean?  The irda code was broken and not working at all.
> There were loads of bug reports about it for years, with no developers
> or maintainers willing to do the work on it to get it to actually work
> again.
> 
> If someone does want to step up and do it, great!  It's a simple revert
> of two git commits and they are back in business.

> Dropping code from the tree is not like it is gone for forever.  If
> someone wants to pick it up, it is trivial to do so.

That is a lie and you know it.

In particular, having code moved to staging means it is going to
bitrot, because it will not be updated with global changes.

Plus coding standards change over time, so if you simply revert,
you'll not be able to simply merge it back.

Plus that revert means bisection is no longer easy/possible to find
the real breakages.

									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ