lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <aaceef21-a38c-8fe2-88f9-a1caa32c3b37@gmail.com>
Date:   Thu, 18 Feb 2021 14:00:06 -0800
From:   Florian Fainelli <f.fainelli@...il.com>
To:     Sasha Levin <sashal@...nel.org>,
        Scott Branden <scott.branden@...adcom.com>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Willy Tarreau <w@....eu>,
        Florian Fainelli <f.fainelli@...il.com>,
        BCM Kernel Feedback <bcm-kernel-feedback-list@...adcom.com>,
        LKML <linux-kernel@...r.kernel.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: 5.10 LTS Kernel: 2 or 6 years?



On 2/18/2021 1:39 PM, Sasha Levin wrote:
> On Thu, Feb 18, 2021 at 12:16:50PM -0800, Scott Branden wrote:
>> On 2021-02-18 10:36 a.m., Greg Kroah-Hartman wrote:
>>> On Thu, Feb 18, 2021 at 07:20:50PM +0100, Willy Tarreau wrote:
>>>> On Thu, Feb 18, 2021 at 06:53:56PM +0100, Greg Kroah-Hartman wrote:
>>>>> On Thu, Feb 18, 2021 at 09:21:13AM -0800, Florian Fainelli wrote:
>>>>>> As a company, we are most likely shooting ourselves in the foot by
>>>>>> not
>>>>>> having a point of coordination with the Linux Foundation and key
>>>>>> people
>>>>>> like you, Greg and other participants in the stable kernel.
>>>>>
>>>>> What does the LF have to do with this?
>>>>>
>>>>> We are here, on the mailing lists, working with everyone.  Just
>>>>> test the
>>>>> -rc releases we make and let us know if they work or not for you, it's
>>>>> not a lot of "coordination" needed at all.
>>>>>
>>>>> Otherwise, if no one is saying that they are going to need these for 6
>>>>> years and are willing to use it in their project (i.e. and test it),
>>>>> there's no need for us to maintain it for that long, right?
>>>>
>>>> Greg, please remember I expressed I really need them for slightly
>>>> more than
>>>> 3 years (say 3.5-4) :-) I'm fine with helping a bit more as time
>>>> permits if
>>>> this saves me from having to take over these kernels after you, like
>>>> in the
>>>> past, but I cannot engage on the regularity of my availability.
>>>
>>> Ok, great!
>>>
>>> That's one person/company saying they can help out (along with what CIP
>>> has been stating.)
>>>
>>> What about others?  Broadcom started this conversation, odd that they
>>> don't seem to want to help out :)
>> Greg, I'm sorry but I'm not in a position to provide such a commitment.
>>
>> My original question arose because the 5.10 kernel is declared as 2
>> years LTS while older LTS kernels are now 6 years.
>> One problem this has created is requests to provide silicon support in
>> an older kernel version (for a new project) rather than starting from
>> a newer kernel version that more properly supports the (silicon and
>> non-silicon) features.
> 
> So this sounds like you have boatloads of out-of-tree code and need a
> stable kernel to avoid having to rebase that code. This is not why the
> LTS trees are around.
> 
> For new projects, the easiest route is to upstream your stuff and ship
> the latest kernel.

Agreed, however no matter how good you are at upstreaming your changes,
there is always a delta that you keep accumulating, it is just the
reality of things be it because a specific piece of code was just harder
to upstream you missed multiple kernel versions, or it was not suitable,
or it changed, or anything. Not everything goes upstream even if that
gets closer and closer to zero if you do a good job at it.

> 
>> If all LTS kernels were declared as 3.5-4 years as Willy commented
>> this would solve a few issues.
>> 6 year LTS kernels would only have a maximum 1 year lifespan over the
>> latest declared LTS kernel.
>> Also, many products take a year or more to develop, there isn't any
>> life left in an LTS kernel if it is only 2 years.
> 
> Products are supposed to upgrade their kernel. If you released something
> with, for example, a 5.4 kernel, doesn't mean you're forever stuck on a
> 5.4 kernel for that product.

The are lots of Android devices manufacturers that launch using of the 3
kernel versions supported by the given Android release they targeted and
they do not update the kernel version ever after that.

> 
>> After 1-3 years of kernel age the relevant parties that want to invest
>> and care about supporting specific kernel versions longer should
>> become apparent and could commit to longer support.  Perhaps you move
>> the burden of 6 years LTS elsewhere to longer term projects.  But, I'm
>> sure many are happy because you continue doing such a great job in a
>> central location, especially those whose product lifespan is around 6
>> years.
> 
> But this is exactly what's happening now: we support LTS kernels for two
> years, and after that interested parties can figure it out on their own
> if it's worth it for them to keep going.
> 

-- 
Florian

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ