lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAHk-=wiTE+k8WkHoDLzxX2Qz8ko7W+BsXOhirS_j0FZaBMxDdA@mail.gmail.com>
Date:   Mon, 24 Dec 2018 10:06:54 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Dmitry Torokhov <dmitry.torokhov@...il.com>
Cc:     Greg KH <gregkh@...uxfoundation.org>,
        Gabriel C <nix.or.die@...il.com>,
        Christian Brauner <christian@...uner.io>,
        Marcus Meissner <christian.brauner@...onical.com>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: FYI: Userland breakage caused by udev bind commit

On Mon, Dec 24, 2018 at 9:34 AM Dmitry Torokhov
<dmitry.torokhov@...il.com> wrote:
>
> Well, it appears that we can no longer extend uevent interface with new
> types of uevents, at least not until we go and fix up all
> udev-derivatives and give some time for things to settle.

How about having the users "opt in" for new events some way?

Do all the legacy events by default, but then if some user wants a
"bind" event (or some other new event) add a model for the uevent
interface to actually enable it.

Not using kernel versioning (nothing should *ever* look at the kernel
version, since that makes things like backports a huge and
insurmountable pain), but simply using some specific control channel.

> I guess reverting is the right solution here. I wish folks would yell
> earlier though...

So nobody is actually using the new "bind" event, I take it? It's
about a year and a half, and it's in 4.14 which is widely used, so
reverting it has a risk too.

Which is why I too would hope people would be much more vocal about
"that broke my setup".

But reverting does sound like the right thing to do if nobody is using
it. It sounds like systemd udev does not, and if eudev is actively
broken by this then how many other cases might there be?

I assume any locally modified udev rules would still be ok with the
revert (since presumably any udev rule modification people did was to
just ignore the bind/unbind events that no longer would be sent).

                Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ