lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20170328.221027.1436005565229924031.davem@davemloft.net>
Date:   Tue, 28 Mar 2017 22:10:27 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     benh@...nel.crashing.org
Cc:     netdev@...r.kernel.org
Subject: Re: [PATCH net] ftgmac100: Mostly rewrite the driver

From: Benjamin Herrenschmidt <benh@...nel.crashing.org>
Date: Wed, 29 Mar 2017 16:03:07 +1100

> On Tue, 2017-03-28 at 21:57 -0700, David Miller wrote:
>> This is unreviewable.
>> 
>> You must break this up into small, reviewable pieces.
>> 
>> If you didn't save the steps of your work in that way, that isn't
>> our problem.
> 
> That's not realistic, it would probably not improve the readability
> much. I basically ended up rewriting the driver almost completely
> Dave. It's not even a matter of saving my work steps, each of them
> involved pulling appart an entire side of the old driver and re-doing
> it. 
> 
> That's why I said it's better reviewed as a new driver. We have no
> other user of it in the tree anyway.
> 
> Do you prefer that I submit it as a new driver for that IP block
> instead and take out the old one later ?

You've decided to do this work in a way that makes it nearly
impossible to audit the individual changes for regressions and
whatnot.

That puts a much larger burdon upon us, and introduces much greater
potential risk.

Even a "complete driver rewrite" can and very often is done in a way
which is evolutionary rather than revolutionary.  You made a conscious
decision to just work on this internally and in such a way that one
big huge change is the result.

So, I'm sorry to say, your arguments about readability, realisticness,
etc. I do not buy at all.  You definitely could have done this work in
a way which was more reviewable, and safer, but you choose not to.

Now, what is going to happen, is that we'll have no choice but to
simply accept what you've done and try and review this monster.

Thanks a lot.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ