From: ebiederm@xmission.com (Eric W. Biederman)
To: Arnd Bergmann <arnd@arndb.de>
Cc: Andi Kleen <andi@firstfloor.org>,
Arjan van de Ven <arjan@infradead.org>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 22/23] sysctl arm: Remove binary sysctl support
Date: Mon, 09 Nov 2009 20:42:47 -0800 [thread overview]
Message-ID: <m1ocnbrnw8.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <200911091723.23785.arnd@arndb.de> (Arnd Bergmann's message of "Mon\, 9 Nov 2009 17\:23\:23 +0100")
Arnd Bergmann <arnd@arndb.de> writes:
> On Monday 09 November 2009, Andi Kleen wrote:
>> >
>> > So? Most users of old glibc are also using old kernels, and they
>>
>> How do you know? At least here it's quite common to use new kernels
>> with old user land.
>
> If by 'here' you mean kernel developers, sure. Other people I'd
> assume typically run whatever comes with the distro, and that
> usually includes both a libc and a kernel.
The question with respect to my patchset. Is the increase in time
a measurable performace regression or is the cost lost in the noise?
Andi do you know of a way to measure this?
Doing a special case for /proc/sys/kernel/version if someone can
measure the overhead seem sane. But the double maintenance isn't
my idea of fun.
The code involved would need to look something like:
if (len > sizeof(current->nsporxy->uts_ns.name.version)
len = sizeof(current->nsporxy->uts_ns.name.version);
down_read(&uts_sem);
ret = copy_to_user(buf, current->nsproxy->uts_ns.name.version, len);
up_read(&uts_sem);
That isn't a particular pretty expression, and it has a much higher chance
of bitrotting than what I have now.
>> > can still use the config option for the compatibility code.
>> > There wouldn't even be a performance penalty over new glibc with
>> > new kernels which already use procfs.
>>
>> When he drops the sysctl(2) API completely the old userland will
>> be unhappy.
>
> I did not get the impression that this was the plan. Maybe I missed
> something, but the work that Eric did seemed to be strategic for
> leaving the code around for a really long time without causing any
> maintainance pain that the current code does.
>
> It will be years before we can really remove that code, but distros
> can start disabling it (or making it modular) earlier than that
> when they feel the time has come to stop support for static binaries
> using sysctl (there should really be few of those).
There is always the question if we can get away with it. I intend to
submit a patch that changes the default to off. Beyond that I don't
don't know. I expect folks doing enterprise distro would want to turn
of sys_sysctl because it is a typically buggy. Why chance bitrot leading
to a security hole?
Eric
next prev parent reply other threads:[~2009-11-10 4:42 UTC|newest]
Thread overview: 53+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-08 12:16 [PATCH 00/23] Removal of binary sysctl support Eric W. Biederman
2009-11-08 12:21 ` [PATCH 01/23] sysctl: Remove the unused frv sysctl unumbers Eric W. Biederman
2009-11-08 12:21 ` [PATCH 02/23] sysctl: Stop using binary sysctl numbers in arlan Eric W. Biederman
2009-11-11 21:07 ` John W. Linville
2009-11-08 12:21 ` [PATCH 03/23] sysctl: Reduce sys_sysctl to a compatibility wrapper around /proc/sys Eric W. Biederman
2009-11-08 12:21 ` [PATCH 04/23] sysctl: Neuter the generic sysctl strategy routines Eric W. Biederman
2009-11-08 12:21 ` [PATCH 05/23] sysctl: Remove dead code from sysctl_check Eric W. Biederman
2009-11-08 12:21 ` [PATCH 06/23] sysctl: Remove references to ctl_name and strategy from the generic sysctl table Eric W. Biederman
2009-11-08 12:21 ` [PATCH 07/23] sysctl: Don't look at ctl_name and strategy in the generic code Eric W. Biederman
2009-11-08 12:21 ` [PATCH 08/23] sysctl ipc: Remove dead binary sysctl support code Eric W. Biederman
2009-11-08 12:21 ` [PATCH 09/23] sysctl net: Remove unused binary sysctl code Eric W. Biederman
2009-11-08 12:21 ` [PATCH 10/23] sysctl fs: Remove dead binary sysctl support Eric W. Biederman
2009-11-08 12:21 ` [PATCH 11/23] sysctl kernel: Remove binary sysctl logic Eric W. Biederman
2009-11-08 12:21 ` [PATCH 12/23] sysctl security/keys: Remove dead binary sysctl support Eric W. Biederman
2009-11-08 12:22 ` [PATCH 13/23] sysctl crypto: " Eric W. Biederman
2009-11-08 15:44 ` Herbert Xu
2009-11-08 12:22 ` [PATCH 14/23] sysctl drivers: " Eric W. Biederman
2009-11-09 8:17 ` Clemens Ladisch
2009-11-08 12:22 ` [PATCH 15/23] sysctl mips/lasat: " Eric W. Biederman
2009-11-09 14:10 ` Ralf Baechle
2009-11-08 12:22 ` [PATCH 16/23] sysctl frv: " Eric W. Biederman
2009-11-08 12:22 ` [PATCH 17/23] sysctl s390: Remove dead sysctl binary support Eric W. Biederman
2009-11-08 12:22 ` [PATCH 18/23] sysctl ia64: Remove dead binary sysctl support Eric W. Biederman
2009-11-08 12:22 ` [PATCH 19/23] sysctl powerpc: " Eric W. Biederman
2009-11-08 20:44 ` Benjamin Herrenschmidt
2009-11-08 12:22 ` [PATCH 20/23] sysctl sh: " Eric W. Biederman
2009-11-08 12:22 ` [PATCH 21/23] sysctl x86: " Eric W. Biederman
2009-11-08 12:22 ` [PATCH 22/23] sysctl arm: Remove " Eric W. Biederman
2009-11-08 12:34 ` Russell King
2009-11-08 22:45 ` Eric W. Biederman
2009-11-08 22:56 ` Russell King
2009-11-08 23:31 ` Eric W. Biederman
2009-11-08 23:34 ` Russell King
2009-11-08 23:05 ` Eric W. Biederman
2009-11-09 0:48 ` Arjan van de Ven
2009-11-09 3:27 ` Eric W. Biederman
2009-11-09 4:57 ` Arjan van de Ven
2009-11-09 5:37 ` Eric W. Biederman
2009-11-09 9:38 ` Andi Kleen
2009-11-09 11:45 ` Eric W. Biederman
2009-11-09 12:04 ` Andi Kleen
2009-11-09 12:41 ` Eric W. Biederman
2009-11-09 13:28 ` Andi Kleen
2009-11-09 15:28 ` Arnd Bergmann
2009-11-09 15:46 ` Andi Kleen
2009-11-09 16:23 ` Arnd Bergmann
2009-11-10 4:42 ` Eric W. Biederman [this message]
2009-11-10 8:01 ` Eric W. Biederman
2009-11-11 2:31 ` Eric W. Biederman
2009-11-09 12:42 ` Eric W. Biederman
2009-11-08 12:22 ` [PATCH 23/23] sysctl: Remove the last of the generic " Eric W. Biederman
2009-11-08 13:06 ` [PATCH 00/23] Removal of " Arnd Bergmann
2009-11-09 3:44 ` Eric W. Biederman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1ocnbrnw8.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=andi@firstfloor.org \
--cc=arjan@infradead.org \
--cc=arnd@arndb.de \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox