lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 14 Jul 2021 14:09:11 -0700
From:   Andrew Morton <akpm@...ux-foundation.org>
To:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc:     Sasha Levin <sashal@...nel.org>, Michal Hocko <mhocko@...nel.org>,
        Hugh Dickins <hughd@...gle.com>,
        Linus Torvalds <torvalds@...ux-foundation.org>,
        Mike Kravetz <mike.kravetz@...cle.com>,
        Miaohe Lin <linmiaohe@...wei.com>,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        stable@...r.kernel.org
Subject: Re: 5.13.2-rc and others have many not for stable

On Wed, 14 Jul 2021 15:23:50 +0200 Greg Kroah-Hartman <gregkh@...uxfoundation.org> wrote:

> > But it really feels odd that you all take the time to add a "Hey, this
> > fixes this specific commit!" tag in the changelog, yet you do not
> > actually want to go and fix the kernels that have that commit in it.
> > This is an odd signal to others that watch the changelogs for context
> > clues.  Perhaps you might not want to do that anymore.
> 
> I looked at some of these patches and it seems really odd to me that you
> all are marking them with Fixes: tags, but do not want them backported.
> 
> First example is babbbdd08af9 ("mm/huge_memory.c: don't discard hugepage
> if other processes are mapping it")
> 
> Why is this not ok to backport?
> 
> Also what about e6be37b2e7bd ("mm/huge_memory.c: add missing read-only
> THP checking in transparent_hugepage_enabled()")?
> 
> And 41eb5df1cbc9 ("mm: memcg/slab: properly set up gfp flags for objcg
> pointer array")?
> 
> And 6acfb5ba150c ("mm: migrate: fix missing update page_private to
> hugetlb_page_subpool")?
> 
> And 832b50725373 ("mm: mmap_lock: use local locks instead of disabling
> preemption")? (the RT people want that...)
> 
> And f7ec104458e0 ("mm/page_alloc: fix counting of managed_pages")?
> 
> Do you want to rely on systems where these fixes are not applied?
> 
> I can understand if you all want to send them to us later after they
> have been "tested out" in Linus's tree, that's fine, but to just not
> want them applied at all feels odd to me.

Broadly speaking: end-user impact.  If we don't have reports of the
issue causing a user-visible problem and we don't expect such things to
occur, don't backport.  Why risk causing some regression when we cannot
identify any benefit?  (and boy do my fingers get tired asking people
to describe the user-visible effects of the bug they claim to have fixed!)

Of course, screwups can happen and user-useful patches may be passed
over.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ