lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <76e8bbed-21d1-22e1-4148-5a5766652c0d@I-love.SAKURA.ne.jp>
Date:   Fri, 10 Apr 2020 22:12:04 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:     Dmitry Vyukov <dvyukov@...gle.com>
Cc:     Qian Cai <cai@....pw>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Stephen Rothwell <sfr@...b.auug.org.au>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Peter Xu <peterx@...hat.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Linux-MM <linux-mm@...ck.org>
Subject: Re: [PATCH 0/2] mm: Two small fixes for recent syzbot reports

On 2020/04/10 6:14, Qian Cai wrote:
> 
> 
>> On Apr 9, 2020, at 2:06 PM, Linus Torvalds <torvalds@...ux-foundation.org> wrote:
>>
>> On Thu, Apr 9, 2020 at 10:58 AM Qian Cai <cai@....pw> wrote:
>>>
>>> Agree to make a big deal part. My point is that when kicking trees of linux-next, it also could reduce the exposure of many patches (which could be bad) to linux-next and miss valuable early testing either from robots or human.
>>
>> Sure. But I'd want to be notified when something gets kicked out, so
>> that I then know not to pull it.
>>
>> So it would reduce the exposure of patches, but it would also make
>> sure those patches then don't make it upstream.
>>
>> Untested patches is fine - as long as nobody else has to suffer through them.
> 
> Excellent. It now very much depends on how Stephen will notify you when
> a tree, a patchset or even a developer should be blacklisted for some time
> to make this a success.
> 

Since patch flow forms tree structure, I don't know whether maintainers can
afford remembering which tree, patchset or developer should be blacklisted
when problems come from leaf git trees.



By the way...

Removing problematic trees might confuse "#syz test:" request, for
developers might ask syzbot to test proposed patches on a kernel which
does not contain problematic trees. In lucky case, test request fails
as patch failure or build failure. But in unlucky case, syzbot fails to
detect that proposed patch was tested on a kernel without problematic
trees. A bit related to https://github.com/google/syzkaller/issues/1609 .

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ