public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed
From: Ingo Molnar <mingo@elte.hu>
To: Matt Mackall <mpm@selenic.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Arjan van de Ven <arjan@infradead.org>, Jake Edge <jake@lwn.net>,
	security@kernel.org,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	James Morris <jmorris@namei.org>,
	linux-security-module@vger.kernel.org,
	Eric Paris <eparis@redhat.com>,
	Alan Cox <alan@lxorguk.ukuu.org.uk>,
	Roland McGrath <roland@redhat.com>,
	mingo@redhat.com, Andrew Morton <akpm@linux-foundation.org>,
	Greg KH <greg@kroah.com>, Dave Jones <davej@redhat.com>
Subject: Re: [Security] [PATCH] proc: avoid information leaks to non-privileged processes
Date: Wed, 6 May 2009 22:25:17 +0200	[thread overview]
Message-ID: <20090506202517.GA27544@elte.hu> (raw)
In-Reply-To: <20090506162543.GT31071@waste.org>


* Matt Mackall <mpm@selenic.com> wrote:

> On Wed, May 06, 2009 at 12:30:34PM +0200, Ingo Molnar wrote:
> > (Also, obviously "only" covering 95% of the Linux systems has its 
> > use as well. Most other architectures have their own cycle counters 
> > as well.)
> 
> X86 might be 95% of desktop. But it's a small fraction of Linux 
> systems once you count cell phones, video players, TVs, cameras, 
> GPS devices, cars, routers, etc. almost none of which are 
> x86-based. In fact, just Linux cell phones (with about an 8% share 
> of a 1.2billion devices per year market) dwarf Linux desktops 
> (maybe 5% of a 200m/y market).

Firstly, the cycle counter is just one out of several layers there. 
So it's a hyperbole to suggest that i'm somehow not caring about 
architectures that dont have a cycle counter. I'm simply making use 
of a cheaply accessed and fast-changing variable on hw that has it.

Also, are those systems really going to be attacked locally, 
brute-forcing a PRNG? Servers and desktops are the more likely 
targets. They both have the necessary computing power to run 
statistical analysis locally fast enough and have an actual value to 
be attacked.

And, even if we ignored those factors, ad argumendo, you would still 
be wrong IMHO: what matters really in this context isnt even any 
artificial 'share' metric - but the people willing to improve and 
fix the upstream kernel, and the reasons why they do that, and the 
platforms they use.

And amongst our contributors and testers, willing to run and improve 
the latest upstream kernel, x86 has a larger than 95% share. Look at 
kerneloops.org stats. Or bugzilla. Or lkml.

If embedded matters that much, make it show up as a real factor on 
those upstream forums. Lets call this Ingo's Law: if something 
doesnt improve the upstream kernel, directly or indirectly, it does 
not exist ;-)

	Ingo

  parent reply	other threads:[~2009-05-06 20:27 UTC|newest]

Thread overview: 60+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-05-04 18:51 [PATCH] proc: avoid information leaks to non-privileged processes Jake Edge
2009-05-04 19:00 ` [Security] " Linus Torvalds
2009-05-04 19:51   ` Arjan van de Ven
2009-05-04 20:20     ` Eric W. Biederman
2009-05-04 22:24       ` Linus Torvalds
2009-05-04 23:26         ` Arjan van de Ven
2009-05-04 23:54         ` Linus Torvalds
2009-05-05  7:51           ` Eric W. Biederman
2009-05-05 15:17             ` Linus Torvalds
2009-05-05 15:35               ` Linus Torvalds
2009-05-05 16:18                 ` Matt Mackall
2009-05-05 16:10               ` Matt Mackall
2009-05-05  5:50         ` Matt Mackall
2009-05-05  6:31           ` Ingo Molnar
2009-05-05  8:14             ` Eric W. Biederman
2009-05-05 19:52               ` Ingo Molnar
2009-05-05 20:22                 ` Matt Mackall
2009-05-05 21:20                   ` Eric W. Biederman
2009-05-06 10:33                     ` Ingo Molnar
2009-05-06 10:30                   ` Ingo Molnar
2009-05-06 16:25                     ` Matt Mackall
2009-05-06 16:48                       ` Linus Torvalds
2009-05-06 17:57                         ` Matt Mackall
2009-05-07  0:50                           ` Matt Mackall
2009-05-07 15:02                             ` Ingo Molnar
2009-05-07 18:14                               ` Matt Mackall
2009-05-07 18:21                                 ` Ingo Molnar
2009-05-07 18:41                                 ` Ingo Molnar
2009-05-07 19:24                                   ` Matt Mackall
2009-05-07 15:16                           ` Florian Weimer
2009-05-07 16:55                             ` Matt Mackall
2009-05-07 17:53                               ` Linus Torvalds
2009-05-07 18:42                                 ` Matt Mackall
2009-05-06 20:09                         ` [patch] random: make get_random_int() more random Ingo Molnar
2009-05-06 20:41                           ` Matt Mackall
2009-05-06 20:51                             ` Ingo Molnar
2009-05-06 21:10                               ` Matt Mackall
2009-05-06 21:24                                 ` Ingo Molnar
2009-05-14 22:47                           ` Jake Edge
2009-05-14 22:55                             ` [Security] " Linus Torvalds
2009-05-15 13:47                               ` Ingo Molnar
2009-05-15 15:10                                 ` Jake Edge
2009-05-16 10:00                                 ` Willy Tarreau
2009-05-16 10:39                                   ` Ingo Molnar
2009-05-16 12:02                                     ` Eric W. Biederman
2009-05-16 14:00                                       ` Michael S. Zick
2009-05-16 14:28                                         ` Michael S. Zick
2009-05-16 14:57                                           ` Arjan van de Ven
2009-05-16 15:09                                             ` Michael S. Zick
2009-05-16 14:32                                       ` Matt Mackall
2009-05-16 13:58                                     ` Willy Tarreau
2009-05-16 15:23                                       ` Linus Torvalds
2009-05-16 15:47                                         ` Willy Tarreau
2009-05-16 15:54                                         ` Oliver Neukum
2009-05-16 16:05                                           ` Linus Torvalds
2009-05-16 16:17                                             ` Linus Torvalds
2009-05-15  1:16                           ` Américo Wang
2009-05-06 20:25                       ` Ingo Molnar [this message]
2009-05-06 20:52                         ` [Security] [PATCH] proc: avoid information leaks to non-privileged processes Matt Mackall
2009-05-05  8:58           ` Andi Kleen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20090506202517.GA27544@elte.hu \
    --to=mingo@elte.hu \
    --cc=akpm@linux-foundation.org \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=arjan@infradead.org \
    --cc=davej@redhat.com \
    --cc=ebiederm@xmission.com \
    --cc=eparis@redhat.com \
    --cc=greg@kroah.com \
    --cc=jake@lwn.net \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=mpm@selenic.com \
    --cc=roland@redhat.com \
    --cc=security@kernel.org \
    --cc=torvalds@linux-foundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox