[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240410060109.96131-1-kuniyu@amazon.com>
Date: Tue, 9 Apr 2024 23:01:09 -0700
From: Kuniyuki Iwashima <kuniyu@...zon.com>
To: <rao.shoaib@...cle.com>
CC: <davem@...emloft.net>, <edumazet@...gle.com>, <kuba@...nel.org>,
<kuni1840@...il.com>, <kuniyu@...zon.com>, <netdev@...r.kernel.org>,
<pabeni@...hat.com>
Subject: Re: [PATCH v1 net 3/3] af_unix: Prepare MSG_OOB deprecation.
From: Rao Shoaib <rao.shoaib@...cle.com>
Date: Tue, 9 Apr 2024 17:48:37 -0700
> On 4/9/24 17:27, Kuniyuki Iwashima wrote:
> > From: Rao Shoaib <rao.shoaib@...cle.com>
> > Date: Tue, 9 Apr 2024 17:09:24 -0700
> >> This feature was added because it was needed by Oracle products.
> >
> > I know. What's about now ?
Why do you ingore this again ?
If it's really used in Oracle products, you can just say yes,
but it seems no ?
> >
> > I just took the silence as no here.
> > https://urldefense.com/v3/__https://lore.kernel.org/netdev/472044aa-4427-40f0-9b9a-bce75d5c8aac@oracle.com/__;!!ACWV5N9M2RV99hQ!Nk1WvCk4-rstASn7PUW4QiAejf0gQ7ktNz-AhuB2UHt9Vx7yUVcfcJ82f9XM3tsDanwnWusycGdUfF4$
> >
> > As I noted in the cover letter, I'm fine to drop this patch if there's
> > a real user.
> >
> >
> >> The
> >> bugs found are corner cases and happen with new feature, at the time all
> >> tests passed.
> >
> > Yes, but the test was not sufficient.
> >
>
> Yes they were not but we ran the tests that were required and available.
> If bugs are found later we are responsible for fixing them and we will.
This is nice,
>
> >
> >> If you do not feel like fixing these bugs that is fine,
> >> let me know and I will address them,
> >
> > Please do even if I don't let you know.
> >
>
> The way we use it we have not run into these unusual test cases. If you
> or anyone runs into any bugs please report and I personally will debug
> and fix the issue, just like open source is suppose to work.
but why personally ? because Oracle products no longer use it ?
If so, why do you want to keep the feature with no user ?
> >
> >> but removing the feature completely
> >> should not be an option.
> >>
> >> Plus Amazon has it's own closed/proprietary distribution. If this is an
> >> issue please configure your repo to not include this feature. Many
> >> distributions choose not to include several features.
> >
> > The problem is that the buggy feature risks many distributions.
> > If not-well-maintained feature is really needed only for a single
> > distro, it should be rather maintained as downstream patch.
> >
> > If no one is using it, no reason to keep the attack sarface alive.
>
> Tell me one feature in Linux that does not have bugs?
I'm not talking about features with no bug. It's fine to have bugs
if it's maintained and fixed in timely manner.
I'm talking about a feature with bugs that seems not to be used by
anyone nor maintained.
> The feature if used normally works just fine, the bugs that have been
> found do not cause any stability issue, may be functional issue at best.
It caused memory leaks in some ways easily without admin privilege.
> How many applications do you know use MSG_PEEK that these tests are
> exploiting.
Security is not that way of thinking. Even when the bug is triggered
with unusual sequence of calls, it must be fixed, especially on a host
that could execute untrusted code.
>
> Plus if it is annoying to you just remove the feature from your private
> distribution and let the others decide for them selves.
If no one uses the feature that has bugs without maintenance,
it's natural to deprecate it. Then, no one need to be burdened
by unnecessary bug fixes.
Powered by blists - more mailing lists