From: Olof Johansson <olof@lixom.net>
To: "Theodore Ts'o" <tytso@mit.edu>
Cc: James Bottomley <James.Bottomley@hansenpartnership.com>,
Trond Myklebust <trondmy@primarydata.com>,
"ksummit-discuss@lists.linuxfoundation.org"
<ksummit-discuss@lists.linuxfoundation.org>
Subject: Re: [Ksummit-discuss] [CORE TOPIC] stable workflow
Date: Sun, 10 Jul 2016 18:18:50 -0700 [thread overview]
Message-ID: <CAOesGMgjmVNneiU3Om617HwnLiXP7igEon3wVRVgHS1=0=GC5w@mail.gmail.com> (raw)
In-Reply-To: <20160710144224.GF26097@thunk.org>
[-- Attachment #1: Type: text/plain, Size: 3764 bytes --]
On Sun, Jul 10, 2016 at 7:42 AM, Theodore Ts'o <tytso@mit.edu> wrote:
> On Sat, Jul 09, 2016 at 11:19:39PM -0700, Olof Johansson wrote:
> >
> > The in-house developers on a certain subsystem didn't trust the
> > upstream maintainers to not regress their drivers -- in particular
> > they had seen some painful regressions on older chipsets when newer
> > hardware support was picked up. Esoteric bugs that had been fixed with
> > the help of the support team weren't folded in properly in the
> > upstream sources, or when they did they looked sufficiently different
> > that when -stable came around they didn't want to revert back to that
> > version, or they weren't yet picked up for upstream and now other
> > fixes were touching the same code and that seemed risky. They had a
> > code base that worked for the use cases they cared about (with the fix
> > applied that the support team had provided), and very little interest
> > in risking a regression from switching to the upstream version.
>
> Hrm. That's interesting color commentary, thanks.
As mentioned downthread already: This wasn't actually for a BSP-based
embedded chipset/driver. This was for common hardware found in many laptops
(at the time).
> This won't help
> for those devices that are't using BSP kernels from SOC vendors, but
> for those platforms where kernels from vendors are available, do you
> know off-hand if they are tracking -stable? Because if they are,
> presumably at least the SOC vendors would have the capability of doing
> the necessary testing.
>
> OTOH, the problem with that is once the SOC vendors have stopped
> selling a particular chip version, they probably don't have any
> interest in continuing to do QA for stable kernels for that particular
> SOC set. So I'm guessing the answer is "no", it won't help, but I'd
> love to be pleasantly surprised to the contrary.
>
Optimizing our workflow for what some random SoC manufacturer does with
their BSP is probably not a useful exercise. As you say, once they're done
with the product they usually move on to the next generation.
As arm-soc maintainer, it's very rare that we see fixes targeted to
-stable, often because I don't think there are many downstream users of the
upstream tree for embedded platforms, so including fixes there doesn't mean
it shows up in product trees. As platforms do get more and more support, it
will get better over time but it's not there yet.
> > Instead, what the team started doing was using -stable as a source for
> > fixes -- when looking at a bug, first think you looked for was to see
> > if someone had touched that code/subsystem in -stable. It's not ideal
> > in the sense that you have to hit the bug and someone has to look at
> > it, but it was the state we ended up in on that project. It means
> > -stable still has substanial value even though it's not merged
> > directly.
>
> The concern with this approach is that it won't necessary get security
> fixes, since that implies that the product team is only looking at
> -stable once a bug has been reported.
>
That's true. For fixes that get CVE labels there's sometimes tracking that
happens and things get picked up, but for "silent" security fixes there's
not.
> I could tell interested product teams that there are patches that will
> prevent an maliciously crafted SD card from hanging a system or
> causing a memory bounds overrun possibly leading to a privilege
> escalation attack (for example), but that really doesn't scale, and
> unless the maintainer uses out-of-band notification methods, how would
> the product team know to look in -stable?
>
By tracking CVEs or having representation on the security lists. Only large
projects tend to have resources to do so, unfortunately.
-Olof
[-- Attachment #2: Type: text/html, Size: 4949 bytes --]
next prev parent reply other threads:[~2016-07-11 1:18 UTC|newest]
Thread overview: 259+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-08 22:35 Jiri Kosina
2016-07-08 23:12 ` Guenter Roeck
2016-07-08 23:38 ` Luck, Tony
2016-07-09 8:34 ` Jiri Kosina
2016-07-09 8:58 ` Guenter Roeck
2016-07-09 9:29 ` Johannes Berg
2016-07-09 15:19 ` Jason Cooper
2016-07-09 16:04 ` Guenter Roeck
2016-07-09 19:15 ` Vlastimil Babka
2016-08-01 9:32 ` Johannes Berg
2016-08-01 11:10 ` Vlastimil Babka
2016-07-09 18:39 ` Andrew Lunn
2016-07-10 1:22 ` Rafael J. Wysocki
2016-07-08 23:52 ` Rafael J. Wysocki
2016-07-09 0:06 ` Dmitry Torokhov
2016-07-09 8:37 ` Jiri Kosina
2016-07-09 9:12 ` Mark Brown
2016-07-09 0:10 ` Dmitry Torokhov
2016-07-09 0:37 ` Rafael J. Wysocki
2016-07-09 0:43 ` Dmitry Torokhov
2016-07-09 1:53 ` Guenter Roeck
2016-07-09 10:05 ` James Bottomley
2016-07-09 15:49 ` Trond Myklebust
2016-07-09 22:41 ` Dan Williams
2016-07-10 1:34 ` James Bottomley
2016-07-10 1:43 ` Trond Myklebust
2016-07-10 1:56 ` James Bottomley
2016-07-10 2:12 ` Trond Myklebust
2016-07-10 2:15 ` Rafael J. Wysocki
2016-07-10 3:00 ` James Bottomley
2016-07-10 3:07 ` Trond Myklebust
2016-07-26 13:35 ` David Woodhouse
2016-07-26 13:44 ` Guenter Roeck
2016-07-26 14:33 ` David Woodhouse
2016-07-26 15:52 ` Guenter Roeck
2016-07-28 21:02 ` Laurent Pinchart
2016-07-29 0:10 ` Steven Rostedt
2016-07-29 8:59 ` Laurent Pinchart
2016-07-29 14:28 ` Steven Rostedt
2016-08-01 13:53 ` Shuah Khan
2016-08-03 4:47 ` Bird, Timothy
2016-07-29 15:12 ` Mark Brown
2016-07-29 15:20 ` Steven Rostedt
2016-07-29 15:50 ` Mark Brown
2016-07-29 16:06 ` Steven Rostedt
2016-07-29 16:48 ` Mark Brown
2016-07-29 17:02 ` Steven Rostedt
2016-07-29 21:07 ` Alexandre Belloni
2016-07-29 21:40 ` Steven Rostedt
2016-08-01 13:41 ` Laurent Pinchart
2016-07-30 16:19 ` Luis R. Rodriguez
2016-08-01 13:35 ` Laurent Pinchart
2016-08-01 14:24 ` Mark Brown
2016-08-02 14:12 ` Jani Nikula
2016-08-02 15:34 ` Mark Brown
2016-08-02 23:17 ` Rafael J. Wysocki
2016-08-03 9:36 ` Jani Nikula
2016-08-03 11:09 ` Greg KH
2016-08-03 13:05 ` Jani Nikula
2016-08-03 13:26 ` Greg KH
2016-08-03 13:48 ` Jiri Kosina
2016-08-03 13:57 ` James Bottomley
2016-08-03 13:59 ` Jiri Kosina
2016-08-03 14:04 ` James Bottomley
2016-08-03 14:10 ` Jiri Kosina
2016-08-04 1:23 ` Steven Rostedt
2016-08-04 8:20 ` Greg KH
2016-08-04 13:33 ` Steven Rostedt
2016-08-04 15:32 ` Takashi Iwai
2016-08-04 15:40 ` Steven Rostedt
2016-08-04 15:47 ` Jiri Kosina
2016-08-04 16:18 ` Takashi Iwai
2016-08-04 16:26 ` Steven Rostedt
2016-08-04 15:44 ` Mark Brown
2016-08-04 15:56 ` James Bottomley
2016-08-04 17:01 ` Mark Brown
2016-08-04 17:11 ` Steven Rostedt
2016-08-04 17:53 ` Mark Brown
2016-08-05 8:16 ` Jani Nikula
2016-08-04 16:14 ` Steven Rostedt
2016-08-04 17:51 ` Mark Brown
2016-08-04 18:16 ` Geert Uytterhoeven
2016-08-04 18:44 ` Steven Rostedt
2016-08-04 18:48 ` Geert Uytterhoeven
2016-08-04 19:06 ` Mark Brown
2016-08-04 18:52 ` Laurent Pinchart
2016-08-04 19:30 ` Steven Rostedt
2016-08-03 14:45 ` Mark Brown
2016-08-04 13:48 ` Geert Uytterhoeven
2016-08-03 14:19 ` Greg KH
2016-08-03 14:45 ` Jiri Kosina
2016-08-03 15:48 ` Guenter Roeck
2016-08-03 16:12 ` Dmitry Torokhov
2016-08-03 16:44 ` Guenter Roeck
2016-08-03 17:20 ` Dmitry Torokhov
2016-08-03 18:21 ` Guenter Roeck
2016-08-03 18:59 ` Dmitry Torokhov
2016-08-03 21:25 ` Jiri Kosina
2016-08-03 21:31 ` Dmitry Torokhov
2016-08-03 21:36 ` Jiri Kosina
2016-08-04 3:06 ` Steven Rostedt
2016-08-03 22:25 ` Guenter Roeck
2016-08-04 14:02 ` Jan Kara
2016-08-03 18:57 ` Jiri Kosina
2016-08-03 22:16 ` Guenter Roeck
2016-08-04 3:14 ` Steven Rostedt
2016-08-04 3:32 ` Dmitry Torokhov
2016-08-04 4:05 ` Steven Rostedt
2016-08-04 8:27 ` Greg KH
2016-08-04 8:21 ` Greg KH
2016-08-05 4:46 ` Jonathan Cameron
2016-08-03 14:12 ` Jani Nikula
2016-08-03 14:33 ` Daniel Vetter
2016-08-03 13:20 ` Rafael J. Wysocki
2016-08-03 13:21 ` Jiri Kosina
2016-08-04 1:05 ` Rafael J. Wysocki
2016-08-03 13:39 ` Greg KH
2016-08-03 14:10 ` Chris Mason
2016-08-04 0:37 ` Rafael J. Wysocki
2016-08-03 15:47 ` Guenter Roeck
2016-08-04 8:25 ` Greg KH
2016-08-03 11:12 ` Mark Brown
2016-07-10 2:27 ` Dan Williams
2016-07-10 6:10 ` Guenter Roeck
2016-07-11 4:03 ` [Ksummit-discuss] [CORE TOPIC] kernel unit testing Trond Myklebust
2016-07-11 4:22 ` James Bottomley
2016-07-11 4:30 ` Trond Myklebust
2016-07-11 5:23 ` Guenter Roeck
2016-07-11 8:56 ` Hannes Reinecke
2016-07-11 16:20 ` Mark Brown
2016-07-11 19:58 ` Dan Williams
2016-07-12 9:35 ` Jan Kara
2016-07-13 4:56 ` Dan Williams
2016-07-13 9:04 ` Jan Kara
2016-07-11 20:24 ` Kevin Hilman
2016-07-11 23:03 ` Guenter Roeck
2016-07-18 7:44 ` Christian Borntraeger
2016-07-18 8:44 ` Hannes Reinecke
2016-07-28 21:09 ` Laurent Pinchart
2016-07-28 21:33 ` Bird, Timothy
2016-08-02 18:42 ` Kevin Hilman
2016-08-02 19:44 ` Laurent Pinchart
2016-08-02 20:33 ` Mark Brown
2016-07-13 4:48 ` Alex Shi
2016-07-13 9:07 ` Greg KH
2016-07-13 12:37 ` Alex Shi
2016-07-13 19:59 ` Olof Johansson
2016-07-13 22:23 ` Alex Shi
2016-07-14 1:19 ` Greg KH
2016-07-14 9:48 ` Alex Shi
2016-07-14 9:54 ` Ard Biesheuvel
2016-07-14 14:13 ` Alex Shi
2016-07-13 14:34 ` Mark Brown
2016-07-14 3:17 ` Greg KH
2016-07-14 10:06 ` Mark Brown
2016-07-15 0:22 ` Greg KH
2016-07-15 0:51 ` Guenter Roeck
2016-07-15 1:41 ` Greg KH
2016-07-15 2:56 ` Guenter Roeck
2016-07-15 4:29 ` Greg KH
2016-07-15 5:52 ` NeilBrown
2016-07-15 6:14 ` Greg KH
2016-07-15 7:02 ` Jiri Kosina
2016-07-15 11:42 ` Greg KH
2016-07-15 11:47 ` Jiri Kosina
2016-07-15 12:17 ` Geert Uytterhoeven
2016-07-15 6:19 ` Rik van Riel
2016-07-15 12:17 ` Mark Brown
2016-07-26 13:45 ` David Woodhouse
2016-07-15 6:32 ` James Bottomley
2016-07-15 7:01 ` NeilBrown
2016-07-15 7:28 ` James Bottomley
2016-07-15 7:36 ` Dmitry Torokhov
2016-07-15 9:29 ` NeilBrown
2016-07-15 16:08 ` Dmitry Torokhov
2016-07-15 11:05 ` Geert Uytterhoeven
2016-07-15 12:35 ` James Bottomley
2016-07-15 12:44 ` Geert Uytterhoeven
2016-07-15 11:24 ` Vlastimil Babka
2016-07-28 22:07 ` Laurent Pinchart
2016-07-21 7:13 ` Daniel Vetter
2016-07-21 7:44 ` Josh Triplett
2016-07-15 11:10 ` Mark Brown
2016-07-15 11:40 ` Greg KH
2016-07-15 12:38 ` Mark Brown
2016-07-10 2:07 ` [Ksummit-discuss] [CORE TOPIC] stable workflow Rafael J. Wysocki
2016-07-10 6:19 ` Olof Johansson
2016-07-10 14:42 ` Theodore Ts'o
2016-07-11 1:18 ` Olof Johansson [this message]
2016-07-10 7:29 ` Takashi Iwai
2016-07-10 10:20 ` Jiri Kosina
2016-07-10 13:33 ` Guenter Roeck
2016-07-15 9:27 ` Zefan Li
2016-07-15 13:52 ` Guenter Roeck
2016-07-26 13:08 ` David Woodhouse
2016-07-10 7:37 ` Takashi Iwai
2016-07-09 0:06 ` Jason Cooper
2016-07-09 0:42 ` James Bottomley
2016-07-09 8:43 ` Jiri Kosina
2016-07-09 9:36 ` Mark Brown
2016-07-09 15:13 ` Guenter Roeck
2016-07-09 19:40 ` Sudip Mukherjee
2016-07-11 8:14 ` Jiri Kosina
2016-07-09 21:21 ` Theodore Ts'o
2016-07-11 15:13 ` Mark Brown
2016-07-11 17:03 ` Theodore Ts'o
2016-07-11 17:07 ` Justin Forbes
2016-07-11 17:11 ` Mark Brown
2016-07-11 17:13 ` Olof Johansson
2016-07-11 17:17 ` Mark Brown
2016-07-11 17:24 ` Guenter Roeck
2016-07-11 17:44 ` Mark Brown
2016-07-13 1:08 ` Geert Uytterhoeven
2016-07-11 17:15 ` Dmitry Torokhov
2016-07-11 17:20 ` Theodore Ts'o
2016-07-11 17:26 ` Dmitry Torokhov
2016-07-11 17:27 ` Olof Johansson
2016-07-11 23:13 ` Guenter Roeck
2016-07-11 17:17 ` Josh Boyer
2016-07-11 22:42 ` James Bottomley
2016-07-20 17:50 ` Stephen Hemminger
2016-07-11 8:18 ` Jiri Kosina
2016-07-11 23:32 ` Guenter Roeck
2016-07-11 14:22 ` Mark Brown
2016-07-10 16:22 ` Vinod Koul
2016-07-10 17:01 ` Theodore Ts'o
2016-07-10 18:28 ` Guenter Roeck
2016-07-10 22:38 ` Rafael J. Wysocki
2016-07-11 8:47 ` Jiri Kosina
2016-07-27 3:19 ` Steven Rostedt
2016-07-10 22:39 ` Theodore Ts'o
2016-07-11 1:12 ` Olof Johansson
2016-07-11 5:00 ` Vinod Koul
2016-07-11 5:13 ` Theodore Ts'o
2016-07-11 10:57 ` Luis de Bethencourt
2016-07-11 14:18 ` Vinod Koul
2016-07-11 17:34 ` Guenter Roeck
2016-07-27 3:12 ` Steven Rostedt
2016-07-27 4:36 ` Vinod Koul
2016-07-09 14:57 ` Jason Cooper
2016-07-09 22:51 ` Jonathan Corbet
2016-07-10 7:21 ` Takashi Iwai
2016-07-11 7:44 ` Christian Borntraeger
2016-08-02 13:49 ` Jani Nikula
-- strict thread matches above, loose matches on Subject: below --
2014-05-02 19:42 Jiri Kosina
2014-05-02 19:43 ` Josh Boyer
2014-05-02 20:09 ` Steven Rostedt
2014-05-02 20:12 ` Jiri Kosina
2014-05-02 20:22 ` Josh Boyer
2014-05-02 20:27 ` Steven Rostedt
2014-05-02 20:30 ` Jiri Kosina
2014-05-03 15:20 ` Greg Kroah-Hartman
2014-05-03 15:40 ` Greg Kroah-Hartman
2014-05-02 22:16 ` Jan Kara
2014-05-02 20:33 ` Ben Hutchings
2014-05-02 20:51 ` Paul E. McKenney
2014-05-02 20:57 ` Mark Brown
2014-05-02 23:35 ` Guenter Roeck
2014-05-03 15:22 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOesGMgjmVNneiU3Om617HwnLiXP7igEon3wVRVgHS1=0=GC5w@mail.gmail.com' \
--to=olof@lixom.net \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ksummit-discuss@lists.linuxfoundation.org \
--cc=trondmy@primarydata.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox