lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 14 Aug 2019 14:45:21 -0700
From:   Gerd Rausch <gerd.rausch@...cle.com>
To:     David Miller <davem@...emloft.net>, santosh.shilimkar@...cle.com
Cc:     dledford@...hat.com, netdev@...r.kernel.org,
        linux-rdma@...r.kernel.org, rds-devel@....oracle.com
Subject: Re: [PATCH net-next 1/5] RDS: Re-add pf/sol access via sysctl

Hi David,

On 14/08/2019 14.31, David Miller wrote:
> From: santosh.shilimkar@...cle.com
> Date: Wed, 14 Aug 2019 11:36:19 -0700
> 
>> On 8/14/19 11:21 AM, David Miller wrote:
>>> From: santosh.shilimkar@...cle.com
>>> Date: Wed, 14 Aug 2019 11:01:36 -0700
>>>
>>>> Some of the application software was released before 2009 and ended up
>>>> using these proc entries from downstream kernel. The newer lib/app
>>>> using RDS don't use these. Unfortunately lot of customer still use
>>>> Oracle 9, 10, 11 which were released before 2007 and run these apps
>>>> on modern kernels.
>>> So those apps are using proc entries that were never upstream...
>>>
>>> Sorry, this is completely and utterly inappropriate.
>>>
>> Agree. Unfortunately one of the legacy application library didn't
>> get upgraded even after the ports were registered with IANA.
>> Oracle 11 is still very active release and hence this patch.
>>
>> It is fine to drop $subject patch from this series.
> 
> The appropriate procedure is to resubmit the series with the patch
> removed.
> 

For my understanding:
Are you saying that...

a) It is utterly inappropriate to have Oracle applications
   rely on a /proc/sys API that was kept out of Upstream-Linux
   for this long

b) It is utterly inappropriate to include such a /proc/sys API
   that Oracle applications have depended on this late

c) ... something else ...

At first I read your comment as "a)", which would then imply
that this commit shall be included now (albeit late).

If your answer is "not a)", or implies that Oracle ought to continue
to carry this change in our own repository only, please let me know,
and I will re-submit the series without this patch, to follow
appropriate procedure.

Thanks,

  Gerd

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ