lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 4 May 2021 08:33:28 +0200
From:   Christophe Leroy <christophe.leroy@...roup.eu>
To:     Arnd Bergmann <arnd@...db.de>,
        Matthew Wilcox <willy@...radead.org>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Segher Boessenkool <segher@...nel.crashing.org>,
        Joe Perches <joe@...ches.com>,
        Miguel Ojeda <miguel.ojeda.sandonis@...il.com>,
        Masahiro Yamada <masahiroy@...nel.org>,
        Albert Ou <aou@...s.berkeley.edu>,
        Linux Kbuild mailing list <linux-kbuild@...r.kernel.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Jonathan Corbet <corbet@....net>,
        Linux Doc Mailing List <linux-doc@...r.kernel.org>,
        linux-kernel <linux-kernel@...r.kernel.org>,
        Palmer Dabbelt <palmer@...belt.com>,
        Paul Walmsley <paul.walmsley@...ive.com>,
        Catalin Marinas <catalin.marinas@....com>,
        Miguel Ojeda <ojeda@...nel.org>,
        Paul Mackerras <paulus@...ba.org>,
        linux-riscv <linux-riscv@...ts.infradead.org>,
        linuxppc-dev <linuxppc-dev@...ts.ozlabs.org>,
        Will Deacon <will@...nel.org>,
        Linux ARM <linux-arm-kernel@...ts.infradead.org>
Subject: Re: [PATCH] Raise the minimum GCC version to 5.2



Le 04/05/2021 à 07:30, Alexander Dahl a écrit :
> Hello Arnd,
> 
> Am Mon, May 03, 2021 at 11:25:21AM +0200 schrieb Arnd Bergmann:
>> On Mon, May 3, 2021 at 9:35 AM Alexander Dahl <ada@...rsis.com> wrote:
>>>
>>> Desktops and servers are all nice, however I just want to make you
>>> aware, there are embedded users forced to stick to older cross
>>> toolchains for different reasons as well, e.g. in industrial
>>> environment. :-)
>>>
>>> This is no show stopper for us, I just wanted to let you be aware.
>>
>> Can you be more specific about what scenarios you are thinking of,
>> what the motivations are for using an old compiler with a new kernel
>> on embedded systems, and what you think a realistic maximum
>> time would be between compiler updates?
> 
> One reason might be certification. For certain industrial applications
> like support for complex field bus protocols, you need to get your
> devices tested by an external partner running extensive test suites.
> This is time consuming and expensive.
> 
> Changing the toolchain of your system then, would be a massive change
> which would require recertification, while you could argue just
> updating a single component like the kernel and building everything
> again, does not require the whole testing process again.

Not sure to follow you.

Our company provides systems for Air Trafic Control, so we have the same kind of assurance quality 
process, but then I can't understand why you would need to upgrade your kernel at all.

Today our system is based on GCC 5 and Kernel 4.14. At the time being we are using GCC 5.5 (Latest 
GCC 5) and kernel 4.14.232 (Latest 4.14.y). Kernel 4.14 is maintained until 2024.

The day we do an upgrade, we upgrade everything including the tool chain then we go for another 6 
years without major changes/re-qualification, because we can't afford a new qualitication every now 
and then.


So really, I can't see your approach.

Christophe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ