Re: Linux Kernel Audit Project?

From: Adrian Bunk
Date: Mon Jan 17 2005 - 07:39:17 EST

Next message: Geert Uytterhoeven: "Re: [PATCH] SCSI NCR53C9x.c: some cleanups"
Previous message: Hugh Dickins: "Re: Kernel bug: mm/rmap.c:483"
In reply to: John Richard Moser: "Re: Linux Kernel Audit Project?"
Next in thread: John Richard Moser: "Re: Linux Kernel Audit Project?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jan 17, 2005 at 02:47:32AM -0500, John Richard Moser wrote:
>
> Damn that sucks. I think stable releases need every patch audited
> before they get Linus' blessing, and unfortunately it seems we don't
> have the required 150+ people jumping up to volunteer. :(
>
> Yes I have unrealistic goals. Sane, but unrealistic. Perhaps
> collaboration with the major distributions to volunteer developers to do
> the auditing? We need SOMETHING; there's been too much line noise here
> about kernel security holes. Whether this is new or people are just
> noticing and overreacting now, it's still not good.
>
> Unfortunately, "Something" requires manpower. Manpower requires people
> who aren't busy doing other things, like improving preemptiveness,
> rewriting the VM system, enhancing the scheduler, or writing new
> drivers. And unfortunately, not only is everyone busy with all of that;
> but we NEED all of that too.
>
> Well, maybe you can't start up a group now, or implement audit policy;
> but perhaps the invitation needs to be there. I see there are no -audit
> or -security lists on vger; perhaps somebody should start a
> linux-kernel-audit@vger list just to get the ball rolling. If it grows
> big enough, then you can consider some policy about having the changes
> audited FIRST before releasing; for now that's just not feasible.

What exactly do you want to audit for?

If it's only for "ordinary" bugs, that's simply not feasible.
The amount of patches going into 2.6 is currently at about 3 MB every
week. You can hardly keep up with all of that - and even if you were
able to do so, some theoretically correct patch might break in practice
due to hardware bugs or bugs in some toolchain.

Regarding security audits:
They aren't a bad idea, and not bound to new patches - much legacy code
in the kernel has for sure more bugs than new code. The linus-kernel way
for such a project is not to scream "We need SOMETHING" - the
linux-kernel way is that you start with the work to get the ball rolling
(and if other people are interested to work in the same area, give them
some guidance).

cu
Adrian

--

"Is there not promise of rain?" Ling Tan asked suddenly out
of the darkness. There had been need of rain for many days.
"Only a promise," Lao Er said.
Pearl S. Buck - Dragon Seed

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Geert Uytterhoeven: "Re: [PATCH] SCSI NCR53C9x.c: some cleanups"
Previous message: Hugh Dickins: "Re: Kernel bug: mm/rmap.c:483"
In reply to: John Richard Moser: "Re: Linux Kernel Audit Project?"
Next in thread: John Richard Moser: "Re: Linux Kernel Audit Project?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]