| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20210208185707.GC4035784@sasha-vm>
Date: Mon, 8 Feb 2021 13:57:07 -0500
From: Sasha Levin <sashal@...nel.org>
To: Avi Kivity <avi@...lladb.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
torvalds@...ux-foundation.org, stable@...r.kernel.org, lwn@....net,
jslaby@...e.cz
Subject: Re: Linux 4.9.256
On Mon, Feb 08, 2021 at 05:50:21PM +0200, Avi Kivity wrote:
>On 05/02/2021 16.26, Greg Kroah-Hartman wrote:
>>I'm announcing the release of the 4.9.256 kernel.
>>
>>This, and the 4.4.256 release are a little bit "different" than normal.
>>
>>This contains only 1 patch, just the version bump from .255 to .256 which ends
>>up causing the userspace-visable LINUX_VERSION_CODE to behave a bit differently
>>than normal due to the "overflow".
>>
>>With this release, KERNEL_VERSION(4, 9, 256) is the same as KERNEL_VERSION(4, 10, 0).
>
>
>I think this is a bad idea. Many kernel features can only be
>discovered by checking the kernel version. If a feature was introduced
>in 4.10, then an application can be tricked into thinking a 4.9 kernel
>has it.
>
>
>IMO, better to stop LINUX_VERSION_CODE at 255 and introduce a
In the upstream (and new -stable fix) we did this part.
>LINUX_VERSION_CODE_IMPROVED that has more bits for patchlevel.
Do you have a usecase where it's actually needed? i.e. userspace that
checks for -stable patchlevels?
--
Thanks,
Sasha
Powered by blists - more mailing lists