lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2b604558-ff97-78be-6534-09e20bebd0d1@datenfreihafen.org>
Date:   Wed, 31 Aug 2022 23:13:36 +0200
From:   Stefan Schmidt <stefan@...enfreihafen.org>
To:     Jakub Kicinski <kuba@...nel.org>,
        Alexander Aring <alex.aring@...il.com>
Cc:     Gal Pressman <gal@...dia.com>,
        "David S. Miller" <davem@...emloft.net>, netdev@...r.kernel.org,
        Leon Romanovsky <leonro@...dia.com>, linux-wpan@...r.kernel.org
Subject: Re: [PATCH net-next] net: ieee802154: Fix compilation error when
 CONFIG_IEEE802154_NL802154_EXPERIMENTAL is disabled


Hello Jakub.

On 31.08.22 23:09, Jakub Kicinski wrote:
> On Wed, 31 Aug 2022 22:59:14 +0200 Stefan Schmidt wrote:
>> I was swamped today and I am only now finding time to go through mail.
>>
>> Given the problem these ifdef are raising I am ok with having these
>> commands exposed without them.
>>
>> Our main reason for having this feature marked as experimental is that
>> it does not have much exposure and we fear that some of it needs rewrites.
>>
>> If that really is going to happen we will simply treat the current
>> commands as reserved/burned and come up with other ones if needed. While
>> I hope this will not be needed it is a fair plan for mitigating this.
> 
> Thanks for the replies. I keep going back and forth in my head on
> what's better - un-hiding or just using NL802154_CMD_SET_WPAN_PHY_NETNS + 1
> as the start of validation, since it's okay to break experimental commands.
> 
> Any preference?

We saw other problems with these being behind ifdefs from build and 
fuzzing bots. I say its time we un-hide and deal with them being 
formerly deprecated and replaced by something else if it really comes to 
changes for them (which we are not sure of)

regards
Stefan Schmidt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ