From: Maxime Ripard <maxime.ripard@bootlin.com>
To: Kees Cook <keescook@chromium.org>
Cc: ksummit <ksummit-discuss@lists.linuxfoundation.org>
Subject: Re: [Ksummit-discuss] [MAINTAINERS SUMMIT] API replacement/deprecation
Date: Fri, 7 Sep 2018 10:40:39 +0200 [thread overview]
Message-ID: <20180907084039.kqvnlamrfjll7zae@flea> (raw)
In-Reply-To: <CAGXu5jKfbVUcyGu6U1dVR8dKjGK0sY7=pLdmYXUC9_G8KmgZ0A@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 2707 bytes --]
Hi Kees,
On Thu, Sep 06, 2018 at 11:24:11AM -0700, Kees Cook wrote:
> On Wed, Sep 5, 2018 at 7:24 PM, Steven Rostedt <rostedt@goodmis.org> wrote:
> > On Thu, 6 Sep 2018 09:41:58 +1000
> > Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> >> On Wed, 5 Sep 2018 15:57:02 -0700 Kees Cook <keescook@chromium.org> wrote:
> >> >
> >> > I'd like to discuss ways that we could deprecate APIs more sanely. At
> >> > present I've seen (and used) two approaches, fast and slow:
> >>
> >> As the one who often has the "fun" of coping with API changes, I would
> >> like to be involved in this discussion.
> >>
> >> My first point would be that (almost) every time someone has tried the
> >> "ultra fast" method (i.e. add new interface, convert everyone in the
> >> current kernel, remove the old interface all in one go) we have had new
> >> users of the old interface introduced at the same time. (pain for the
> >> linux-next bunny :-()
> >
> > Can this be solved with a script on kernel.org? Or a zero-day bot that
> > checks new commits (and perhaps patches to LKML) that checks for
> > deprecated functions being added by new code (like strcpy) and the
> > author would then get a nasty email about adding deprecated interfaces.
> >
> > This would solve the issue of not everyone using the latest checkpatch,
> > as this wouldn't be a voluntary self-check. It would also quickly
> > educate developers on what code is not acceptable to be added.
>
> I think this boils down to how our development ecosystem works. Things
> are pretty "voluntary" right now: one could easily ignore zero-day or
> checkpatch all the time, and if a maintainer isn't checking these
> things, a patch will go in.
I have the feeling that the problem is a bit different than what
you're actually describing. It's not so much that we ignore (as in
voluntarily ignore) these new deprecated functions, but more that it's
quite easy to overlook them if you're not following closely the
current effort being done, especially when you don't really have a
security culture.
And then, there's some changes where the benefit is really not obvious
(kmalloc_array comes to my mind).
Polling actively some file isn't going to work, since well, we're all
too busy and lazy to actually do that, but maybe adding
warnings/errors to checkpatch would help, in a similar way than what's
being done for the msleep vs mdelay warning, with a link to the
documentation to explain why that is needed in the first place.
I think that this would help to address the discoverability of those
API changes.
Maxime
--
Maxime Ripard, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2018-09-07 8:40 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-05 22:57 Kees Cook
2018-09-05 23:41 ` Stephen Rothwell
2018-09-06 2:24 ` Steven Rostedt
2018-09-06 6:12 ` Julia Lawall
2018-09-06 18:24 ` Kees Cook
2018-09-06 23:18 ` Stephen Rothwell
2018-09-06 23:24 ` Kees Cook
2018-09-07 7:03 ` Takashi Iwai
2018-09-07 7:20 ` Johannes Berg
2018-09-07 7:31 ` Takashi Iwai
2018-09-07 9:42 ` Julia Lawall
2018-09-07 8:04 ` Jani Nikula
2018-09-07 9:38 ` Julia Lawall
2018-09-07 9:54 ` Jani Nikula
2018-09-07 10:05 ` Julia Lawall
2018-09-07 10:43 ` Jani Nikula
2018-09-07 10:25 ` Alexandre Belloni
2018-09-07 11:44 ` Mark Brown
2018-09-10 12:51 ` Mauro Carvalho Chehab
2018-09-11 8:10 ` Jani Nikula
2018-09-11 9:34 ` Mauro Carvalho Chehab
2018-09-11 11:08 ` Arnd Bergmann
2018-09-07 8:19 ` Jan Kara
2018-09-07 14:33 ` Theodore Y. Ts'o
2018-09-07 16:10 ` Kees Cook
2018-09-07 20:30 ` Arnd Bergmann
2018-09-07 20:56 ` Theodore Y. Ts'o
2018-09-08 8:15 ` Geert Uytterhoeven
2018-09-08 15:19 ` Theodore Y. Ts'o
2018-09-10 12:28 ` Mauro Carvalho Chehab
2018-09-10 16:09 ` Kees Cook
2018-09-07 10:14 ` Dan Carpenter
2018-09-07 10:40 ` Geert Uytterhoeven
2018-09-07 8:40 ` Maxime Ripard [this message]
2018-09-06 4:44 ` Julia Lawall
2018-09-06 10:04 ` Linus Walleij
2018-09-06 10:11 ` Geert Uytterhoeven
2018-09-06 14:59 ` Kees Cook
2018-09-06 15:06 ` Geert Uytterhoeven
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180907084039.kqvnlamrfjll7zae@flea \
--to=maxime.ripard@bootlin.com \
--cc=keescook@chromium.org \
--cc=ksummit-discuss@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox