From: Greg KH <gregkh@linuxfoundation.org>
To: Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: "Emanuele Giuseppe Esposito" <eesposit@redhat.com>,
x86@kernel.org, "Thomas Gleixner" <tglx@linutronix.de>,
bluca@debian.org, lennart@poettering.net,
"Ingo Molnar" <mingo@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"Dave Hansen" <dave.hansen@linux.intel.com>,
"H. Peter Anvin" <hpa@zytor.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Masahiro Yamada" <masahiroy@kernel.org>,
"Alexander Potapenko" <glider@google.com>,
"Nick Desaulniers" <ndesaulniers@google.com>,
"Daniel P . Berrangé" <berrange@redhat.com>,
linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage
Date: Thu, 13 Jul 2023 18:58:57 +0200 [thread overview]
Message-ID: <2023071356-royal-charter-a647@gregkh> (raw)
In-Reply-To: <87wmz33j36.fsf@redhat.com>
On Thu, Jul 13, 2023 at 05:51:57PM +0200, Vitaly Kuznetsov wrote:
> Greg KH <gregkh@linuxfoundation.org> writes:
> > On Thu, Jul 13, 2023 at 10:57:45AM +0200, Vitaly Kuznetsov wrote:
> >> I don't
> >> particularly see why anyone would need to get additional sign-offs to
> >> just ask a question (which I don actually think was asked before!) and
> >> IMO an RFC/patch is usually the best way to do so.
> >
> > Again, no questions were asked.
> >
> > And when I asked questions, no one knowledgable answered them (hint, we
> > release more than 3 kernels a year...)
> >
>
> I think that getting these questions was actually the main reason to
> send out the RFC. (Personally, I don't think that stable@ is an
> insurmountable problem with an epoch-based revocation mechamism as we
> can e.g. switch module name from "linux" to e.g. "linux-stable-5.14"
> when screating a stable branch or do something like that but that's not
> the main/only problem we see here).
There was no "questions" asked about this RFC, so what should we respond
with except with what we did, "No way this is acceptable, as this was
not thought through at all"?
> > Turn it around, what would you do if you got this patch in your inbox to
> > review and you were responsible for doing kernel releases and security
> > fixes?
> >
>
> I replied to the thread not to defend the idea as after the discussion
> it is clear there's a lot to take into consideration if anyone decides
> to pursue the SBAT idea ever again (and the discussion is now well
> preserved in the archive!). I replied to disagree with "get sign-offs
> from senior people before sending RFCs" idea, I believe that asking
> questions by sending a not-fully-ready patch as "RFC" should not be
> discouraged.
On the contrary, this is EXACTLY what needs to happen here.
This developer (I'm not picking on them at all, it's not their fault),
should be taking advantage of the resources of their company when
dealing with core, critical, functionality of the kernel.
To just "throw them at the wolves" like Red Hat did, is a total
disservice to them, AND it wastes the time and resources of the
community, as it is not our job to train and teach them, it is the job
of the senior people at your company to do so.
We have a non-zero number of companies that right now who are in the
"penalty box" because their developers have had a history of throwing
crud over the wall, or having inexperienced developers submit changes
that are obviously wrong, which waste the time and energy of the kernel
community. For companies that do this, we have instituted the
requirement that they get review and acceptance of kernel changes from
the experienced developers within the company BEFORE submitting their
changes to the community, for the basic fact that this actually saves
EVERYONE time and energy.
It allows the developer to grow and learn more quickly, it saves the
energy and time of the reviewers (which is our most valuable resource
right now) and it provides a solid path forward on the corporate ladder
of using mentors well, and lifting up your own employees.
I don't think you want us to put Red Hat into this type of policy at
this point in time, but if you all keep insisting that you can just "let
loose" inexperienced developers who wish to change the core
functionality of how we operate, that can easily change.
Remember, this proposed patch directly affects how the kernel is
released, how the security team works, and how the security of Linux is
viewed by the world. Why would you NOT want your experienced developers
to review such a thing first? To not want that, means that Red Hat just
doesn't care about their developers, nor the community, which I sure
hope is not the case.
So again, yes, I am INSISTING that the next version of this change be
properly reviewed, vetted, and signed-off-by, by the senior kernel
developers at your company BEFORE you submit it again for review by
anyone in the community. Only that way can I hope that it will be
something that actually takes into account all of the questions we have
already had for this proposed 2 line change.
Funnily, I think this proposed patch takes the dubious record for "most
innocuous looking patch that will directly affect the development
procedures for the most people", an outstanding record that I hope never
gets broken :)
thanks,
greg k-h
next prev parent reply other threads:[~2023-07-13 16:59 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-11 15:44 [RFC PATCH v2] x86/boot: add .sbat section to the bzImage Emanuele Giuseppe Esposito
2023-07-12 1:21 ` H. Peter Anvin
2023-07-12 1:33 ` H. Peter Anvin
2023-07-12 6:19 ` Emanuele Giuseppe Esposito
2023-07-12 12:00 ` Borislav Petkov
2023-07-12 12:48 ` Daniel P. Berrangé
2023-07-12 13:28 ` Borislav Petkov
2023-07-12 14:06 ` Daniel P. Berrangé
2023-07-12 15:43 ` Greg KH
2023-07-12 16:23 ` Luca Boccassi
2023-07-12 16:57 ` Greg KH
2023-07-12 18:59 ` Luca Boccassi
2023-07-12 19:05 ` Greg KH
2023-07-12 19:35 ` Luca Boccassi
2023-07-12 19:42 ` Borislav Petkov
2023-07-12 19:56 ` Luca Boccassi
2023-07-12 20:01 ` Borislav Petkov
2023-07-12 20:16 ` Luca Boccassi
2023-07-12 20:07 ` Greg KH
2023-07-12 20:41 ` Luca Boccassi
2023-07-12 21:11 ` Greg KH
2023-07-12 21:12 ` Willy Tarreau
2023-07-12 22:32 ` Luca Boccassi
2023-07-12 21:20 ` Greg KH
2023-07-12 21:50 ` Luca Boccassi
2023-07-13 6:09 ` Greg KH
2023-07-14 0:29 ` Luca Boccassi
2023-07-15 6:51 ` Greg KH
2023-07-16 17:41 ` Luca Boccassi
2023-07-16 18:28 ` Greg KH
2023-07-17 9:22 ` Daniel P. Berrangé
2023-07-17 11:06 ` Peter Zijlstra
2023-07-17 11:47 ` Daniel P. Berrangé
2023-07-17 14:10 ` Greg KH
2023-07-17 11:12 ` Luca Boccassi
2023-07-17 14:11 ` Greg KH
2023-07-17 14:06 ` Greg KH
2023-07-12 15:45 ` Greg KH
2023-07-13 8:57 ` Vitaly Kuznetsov
2023-07-13 9:16 ` Peter Zijlstra
2023-07-13 14:58 ` Greg KH
2023-07-13 15:51 ` Vitaly Kuznetsov
2023-07-13 16:58 ` Greg KH [this message]
2023-07-13 20:49 ` Emanuele Giuseppe Esposito
2023-07-13 22:04 ` Greg KH
2023-07-14 6:57 ` Emanuele Giuseppe Esposito
2023-07-15 6:59 ` Greg KH
2023-07-13 13:33 ` Ard Biesheuvel
2023-07-13 13:52 ` Ard Biesheuvel
2023-07-13 20:39 ` Emanuele Giuseppe Esposito
2023-07-13 22:31 ` Luca Boccassi
2023-07-14 8:52 ` Ard Biesheuvel
2023-07-14 9:13 ` Matthew Garrett
2023-07-14 9:14 ` Ard Biesheuvel
2023-07-14 9:25 ` Luca Boccassi
2023-07-17 16:08 ` James Bottomley
2023-07-17 16:56 ` Daniel P. Berrangé
2023-07-17 17:15 ` James Bottomley
2023-07-17 18:16 ` Daniel P. Berrangé
2023-07-20 16:46 ` Eric Snowberg
2023-07-20 17:07 ` James Bottomley
2023-07-20 18:10 ` Eric Snowberg
2023-07-20 19:16 ` Luca Boccassi
2023-07-21 0:02 ` Eric Snowberg
2023-07-21 8:55 ` Luca Boccassi
2023-07-21 11:24 ` James Bottomley
2023-07-21 12:40 ` Luca Boccassi
2023-07-21 13:01 ` James Bottomley
2023-07-21 13:10 ` Luca Boccassi
2023-07-21 13:33 ` James Bottomley
2023-07-21 15:14 ` Luca Boccassi
2023-07-21 15:22 ` Luca Boccassi
2023-07-21 15:27 ` James Bottomley
2023-07-13 23:13 ` Luca Boccassi
2023-07-14 9:33 ` Ard Biesheuvel
2023-07-14 9:59 ` Daniel P. Berrangé
2023-07-14 10:40 ` Luca Boccassi
2023-07-18 13:34 ` Paolo Bonzini
2023-07-18 14:02 ` Luca Boccassi
2023-07-18 15:51 ` Paolo Bonzini
2023-07-18 16:35 ` Daniel P. Berrangé
2023-07-19 13:21 ` Paolo Bonzini
2023-07-19 13:34 ` Luca Boccassi
2023-07-19 15:11 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2023071356-royal-charter-a647@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=akpm@linux-foundation.org \
--cc=berrange@redhat.com \
--cc=bluca@debian.org \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=eesposit@redhat.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=lennart@poettering.net \
--cc=linux-kernel@vger.kernel.org \
--cc=masahiroy@kernel.org \
--cc=mingo@redhat.com \
--cc=ndesaulniers@google.com \
--cc=tglx@linutronix.de \
--cc=vkuznets@redhat.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox