lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <g3llwlzlhatvz2a23cntx7lscqarepq4uyaq6wne6my7ddo3mk@6b64pjcnykah>
Date: Wed, 14 Feb 2024 13:54:54 -0500
From: Kent Overstreet <kent.overstreet@...ux.dev>
To: Petr Tesařík <petr@...arici.cz>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, 
	Andrew Morton <akpm@...ux-foundation.org>, Petr Tesarik <petrtesarik@...weicloud.com>, 
	Jonathan Corbet <corbet@....net>, David Kaplan <david.kaplan@....com>, 
	Larry Dewey <larry.dewey@....com>, Elena Reshetova <elena.reshetova@...el.com>, 
	Carlos Bilbao <carlos.bilbao@....com>, "Masami Hiramatsu (Google)" <mhiramat@...nel.org>, 
	Randy Dunlap <rdunlap@...radead.org>, Petr Mladek <pmladek@...e.com>, 
	"Paul E. McKenney" <paulmck@...nel.org>, Eric DeVolder <eric.devolder@...cle.com>, 
	Marc Aurèle La France <tsi@...oix.net>, "Gustavo A. R. Silva" <gustavoars@...nel.org>, 
	Nhat Pham <nphamcs@...il.com>, "Christian Brauner (Microsoft)" <brauner@...nel.org>, 
	Douglas Anderson <dianders@...omium.org>, Luis Chamberlain <mcgrof@...nel.org>, 
	Guenter Roeck <groeck@...omium.org>, Mike Christie <michael.christie@...cle.com>, 
	Maninder Singh <maninder1.s@...sung.com>, "open list:DOCUMENTATION" <linux-doc@...r.kernel.org>, 
	open list <linux-kernel@...r.kernel.org>, Roberto Sassu <roberto.sassu@...weicloud.com>, 
	Petr Tesarik <petr.tesarik1@...wei-partners.com>
Subject: Re: [PATCH v1 5/5] sbm: SandBox Mode documentation

On Wed, Feb 14, 2024 at 05:31:12PM +0100, Petr Tesařík wrote:
> On Wed, 14 Feb 2024 16:11:05 +0100
> Greg Kroah-Hartman <gregkh@...uxfoundation.org> wrote:
> 
> > On Wed, Feb 14, 2024 at 03:55:24PM +0100, Petr Tesařík wrote:
> > > OK, so why didn't I send the whole thing?
> > > 
> > > Decomposition of the kernel requires many more changes, e.g. in linker
> > > scripts. Some of them depend on this patch series. Before I go and
> > > clean up my code into something that can be submitted, I want to get
> > > feedback from guys like you, to know if the whole idea would be even
> > > considered, aka "Fail Fast".  
> > 
> > We can't honestly consider this portion without seeing how it would
> > work, as we don't even see a working implementation that uses it to
> > verify it at all.
> > 
> > The joy of adding new frameworks is that you need a user before anyone
> > can spend the time to review it, sorry.
> 
> Thank your for a quick assessment. Will it be sufficient if I send some
> code for illustration (with some quick&dirty hacks to bridge the gaps),
> or do you need clean and nice kernel code?

Given that code is going to need a rewrite to make use of this anyways -
why not just do the rewrite in Rust?

Then you get memory safety, which seems to be what you're trying to
achieve here.

Or, you say this is for when performance isn't critical - why not a user
mode helper?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ