lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 4 Aug 2022 02:11:17 +0200
From:   Pablo Neira Ayuso <>
To:     Linus Torvalds <>
Cc:     Paolo Abeni <>, Vlad Buslov <>,
        Oz Shlomo <>,,,,
Subject: Re: [GIT PULL] Networking for 6.0

On Wed, Aug 03, 2022 at 04:52:32PM -0700, Linus Torvalds wrote:
> On Wed, Aug 3, 2022 at 3:15 AM Paolo Abeni <> wrote:
> >
> >   git:// tags/net-next-6.0
> Hmm. Another thing I note about this.
> It adds a new NF_FLOW_TABLE_PROCFS option, and that one has two problems:
>  - it is 'default y'. Why?
>  - it has 'depends on PROC_FS' etc, but guess what it does *not*
> depend on? NF_FLOW_TABLE itself.

For these two questions, this new Kconfig toggle was copied from:

        bool "Supply CT list in procfs (OBSOLETE)"
        default y
        depends on PROC_FS

which is under:


but the copy and paste was missing this.

> So not only does this new code try to enable itself by default, which
> is a no-no. We do "default y" if it's an old feature that got split
> out as a config option, or if it's something that everybody *really*
> should have, but I don't see that being the case here.
> But it also asks the user that question even when the user doesn't
> even have NF_FLOW_TABLE at all. Which seems entirely crazy.
> Am I missing something? Because it looks *completely* broken.
> I've said this before, and I'll say this again: our kernel config is
> hard on users as-is, and we really shouldn't make it worse by making
> it ask invalid questions or have invalid defaults.

Completely agree. Patch:

Thanks for reviewing.

Powered by blists - more mailing lists