| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 16 Apr 2024 16:23:43 +0200 From: Lennart Poettering <mzxreary@...inter.de> To: Christoph Hellwig <hch@....de> Cc: Keith Busch <kbusch@...nel.org>, Linux regressions mailing list <regressions@...ts.linux.dev>, linux-block@...r.kernel.org, LKML <linux-kernel@...r.kernel.org>, Jens Axboe <axboe@...nel.dk> Subject: Re: API break, sysfs "capability" file On Di, 09.04.24 16:15, Christoph Hellwig (hch@....de) wrote: 11;rgb:1717/1414/2121 > On Tue, Apr 09, 2024 at 10:19:09AM +0200, Lennart Poettering wrote: > > All I am looking for is a very simple test that returns me a boolean: > > is there kernel-level partition scanning enabled on this device or > > not. > > And we can add a trivial sysfs attribute for that. > > > At this point it's not clear to me if I can write this at all in > > a way that works reasonably correctly on any kernel since let's say > > 4.15 (which is systemd's "recommended baseline" right now). > > > > I am really not sure how to salvage this mess at all. AFAICS there's > > currently no way to write such a test correctly. > > You can't. Maybe that's a lesson to not depend on undocumented internal > flags exposed by accident by a weirdo interface. Just talk to > people. Undocumented? Internal? It's was actually one of the *best* documented kernel *public* APIs I ever came across: https://www.kernel.org/doc/html/v5.16/block/capability.html So much detail, I love it! I mean, you did good work here, documented it, with all flags in all details. I think that's great work! You should take pride in this, not try to deny its existance! > > I think it would be nice if the "capabilities" thing would be brought > > back in a limited form. For example, if it would be changed to start > > to return 0x200|0x1000 for part scanning is off, 0x1000 when it is on. > > > > That would then mean we return to compatibility with Linux <= 5.15, > > but the new 0x1000 bit would tell us that the information is > > reliable. i.e. if userspace sees 0x1000 being set we know that the > > 0x200 bit is definitely correct. That would then just mean that > > kernels >= 5.16 until today are left in the cold... > > At this point we're just better off with a clean new interface. > And you can use the old hack for < 5.15 if you care strongly enough > or just talk distros into backporting it to make their lives easier. I'll take what I can get. If API compatibility is not coming back, then sure, a new sysattr is better than nothing. Lennart -- Lennart Poettering, Berlin
Powered by blists - more mailing lists