lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 6 Nov 2020 15:25:37 -0800
From:   Stephen Hemminger <stephen@...workplumber.org>
To:     Alexei Starovoitov <alexei.starovoitov@...il.com>
Cc:     Andrii Nakryiko <andrii.nakryiko@...il.com>,
        Jiri Benc <jbenc@...hat.com>,
        Edward Cree <ecree@...arflare.com>,
        Hangbin Liu <haliu@...hat.com>,
        David Ahern <dsahern@...il.com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Alexei Starovoitov <ast@...nel.org>,
        Martin KaFai Lau <kafai@...com>,
        Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
        David Miller <davem@...emloft.net>,
        Jesper Dangaard Brouer <brouer@...hat.com>,
        Networking <netdev@...r.kernel.org>, bpf <bpf@...r.kernel.org>,
        Andrii Nakryiko <andrii@...nel.org>,
        Toke Høiland-Jørgensen <toke@...hat.com>
Subject: Re: [PATCHv3 iproute2-next 0/5] iproute2: add libbpf support

On Fri, 6 Nov 2020 13:04:16 -0800
Alexei Starovoitov <alexei.starovoitov@...il.com> wrote:

> On Fri, Nov 6, 2020 at 12:58 PM Andrii Nakryiko
> <andrii.nakryiko@...il.com> wrote:
> >
> > On Fri, Nov 6, 2020 at 12:44 AM Jiri Benc <jbenc@...hat.com> wrote:  
> > >
> > > On Thu, 5 Nov 2020 12:19:00 -0800, Andrii Nakryiko wrote:  
> > > > I'll just quote myself here for your convenience.  
> > >
> > > Sorry, I missed your original email for some reason.
> > >  
> > > >   Submodule is a way that I know of to make this better for end users.
> > > >   If there are other ways to pull this off with shared library use, I'm
> > > >   all for it, it will save the security angle that distros are arguing
> > > >   for. E.g., if distributions will always have the latest libbpf
> > > >   available almost as soon as it's cut upstream *and* new iproute2
> > > >   versions enforce the latest libbpf when they are packaged/released,
> > > >   then this might work equivalently for end users. If Linux distros
> > > >   would be willing to do this faithfully and promptly, I have no
> > > >   objections whatsoever. Because all that matters is BPF end user
> > > >   experience, as Daniel explained above.  
> > >
> > > That's basically what we already do, for both Fedora and RHEL.
> > >
> > > Of course, it follows the distro release cycle, i.e. no version
> > > upgrades - or very limited ones - during lifetime of a particular
> > > release. But that would not be different if libbpf was bundled in
> > > individual projects.  
> >
> > Alright. Hopefully this would be sufficient in practice.  
> 
> I think bumping the minimal version of libbpf with every iproute2 release
> is necessary as well.
> Today iproute2-next should require 0.2.0. The cycle after it should be 0.3.0
> and so on.
> This way at least some correlation between iproute2 and libbpf will be
> established.
> Otherwise it's a mess of versions and functionality from user point of view.

As long as iproute2 6.0 and libbpf 0.11.0 continues to work on older kernel
(like oldest living LTS 4.19 in 2023?); then it is fine. 

Just don't want libbpf to cause visible breakage for users.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ