lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 28 May 2021 07:59:17 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Justin Forbes' <jforbes@...hat.com>, Jens Axboe <axboe@...nel.dk>
CC:     "asml.silence@...il.com" <asml.silence@...il.com>,
        "io-uring@...r.kernel.org" <io-uring@...r.kernel.org>,
        "Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] io_uring: Remove CONFIG_EXPERT

From: Justin Forbes
> Sent: 27 May 2021 17:01
> 
> On Thu, May 27, 2021 at 9:19 AM Jens Axboe <axboe@...nel.dk> wrote:
> >
> > On 5/27/21 8:12 AM, Justin Forbes wrote:
> > > On Thu, May 27, 2021 at 8:43 AM Jens Axboe <axboe@...nel.dk> wrote:
> > >>
> > >> On 5/26/21 4:34 PM, Justin M. Forbes wrote:
> > >>> While IO_URING has been in fairly heavy development, it is hidden behind
> > >>> CONFIG_EXPERT with a default of on.  It has been long enough now that I
> > >>> think we should remove EXPERT and allow users and distros to decide how
> > >>> they want this config option set without jumping through hoops.
> > >>
> > >> The whole point of EXPERT is to ensure that it doesn't get turned off
> > >> "by accident". It's a core feature, and something that more and more
> > >> apps or libraries are relying on. It's not something I intended to ever
> > >> go away, just like it would never go away for eg futex or epoll support.
> > >>
> > >
> > > I am not arguing with that, I don't expect it will go away. I
> > > certainly do not have an issue with it defaulting to on, and I didn't
> > > even submit this with intention to turn it off for default Fedora. I
> > > do think that there are cases where people might not wish it turned on
> > > at this point in time. Hiding it behind EXPERT makes it much more
> > > difficult than it needs to be.  There are plenty of config options
> > > that are largely expected default and not hidden behind EXPERT.
> >
> > Right there are, but not really core kernel features like the ones
> > I mentioned. Hence my argument for why it's correct as-is and I
> > don't think it should be changed.
> >
> 
> Honestly, this is fair, and I understand your concerns behind it. I
> think my real issue is that there is no simple way to override one
> EXPERT setting without having to set them all.  It would be nice if
> expert were a "visible if" menu, setting defaults if not selected,
> which allows direct override with a config file. Perhaps I will try to
> fix this in kbuild.

Someone might want to disable things like IO_URING for an embedded
system just to remove code that might have possible attack vectors
and isn't required by the subset of kernel features they need.

If turning on 'EXPERT' makes extra config options visible this is ok.
But if that changes the defaults it gets to be a real PITA.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ