Posts
264Following
83Followers
2682
Greg K-H
gregkh
1
0
3
repeated
daniel:// stenberg://
bagder@mastodon.socialThe short summary of if it has been worth the hassle: yeah I think so. It is now easy and fast to get new CVE IDs. We have a seat at a table where I can complain loudly on the system and what I say actually might have a (small) impact.
We have yet to deny someone else's crazy CVE attempts against curl.
2
3
0
repeated
daniel:// stenberg://
bagder@mastodon.social#curl has been a CNA for a year now https://daniel.haxx.se/blog/2024/01/16/curl-is-a-cna/
2
2
0
Greg K-H
gregkh
0
0
3
1
0
0
They might have a specific PCI driver bound to them, at the function level, and if so, the parent of the device node for that class device (i.e. input, tty, drm, etc.) will then point to that PCI function. But PCI slots don't always match up to PCI bus and device numbers either, as that's a physical thing and many PCI systems don't expose or even know that information (i.e. the BIOS doesn't know.)
Also, PCI bus numbers can change at boot, so you can't know what is happening.
Driver probing can be deferred at any time by userspace for USB devices, and I think that was recently added for PCI devices too, look for the "trusted" device information in the documentation somewhere.
Good luck!
1
0
0
You have full control over device node creation in userspace, that's what udev gives you if you want (or any udev-like program). set up a whole different /dev/ with just your naming/numbering scheme. The kernel gives you the interface and the information to do this, why not take advantage of it if you need it?
1
0
0
But yes, the race condition of "parse the topology, determine the device node, and go to open it" when the device is removed and a different one added right between those last two steps is real. Luckily in real-hardware situations, almost extremely rare if not physically impossible due to hardware debounce times, and one that we explicitly did not care about when we created sysfs and udev (i.e. physical access trumps anything).
1
0
0
Greg K-H
gregkh
6
2
9
repeated
Helma
helma@mastodon.social"One fun anecdote is that companies or governments will often say they need months or years to prepare (CLEAN UP) code for open sourcing. Because on the inside, people allow themselves far worse code than they’d prefer to share with the outside world. Open source code often has higher standards, and it is a great mechanism of keeping you on track."
Says @bert_hubert in his article about long term software development #opensource #dev #coding
https://berthub.eu/articles/posts/on-long-term-software-development/
1
7
1
Greg K-H
gregkhThat machine that randomly reassigned PCI ids at boot time is no longer with me, but it was great for testing. I'm sure you can do the same with virtual machines these days, passing in different virtual pci devices to them.
Persistent naming is for userspace to handle, the kernel just uses "grab the next free number" as it's naming "policy" as that's all it can really do.
2
0
3
repeated
repeated
Mike [SEC=OFFICIAL]
mike@chinwag.org"Free Copilot in your GitHub account" is the 2020s version of "Free U2 album on your iPod".
5
25
2
Greg K-H
gregkhBut better yet, backport the fix to stable and it all happens automatically for you :)
1
0
1
Greg K-H
gregkh
0
2
6
repeated
Natalie Silvanovich
natashenka@infosec.exchangeCan you find an ITW 0-day from crash logs? Project Zero finds out
1
7
0
repeated
Thorsten Leemhuis (acct. 1/4)
kernellogger@fosstodon.orgThe #LinuxKernel's stable team extended the support timeframe for #Linux 6.11 from four to five years:
https://www.kernel.org/releases.html
To quote @gregkh from https://git.kernel.org/pub/scm/docs/kernel/website.git/commit/?id=e6083565a79c3d711c1a76d9312b8c00e06b826b:
'" Bump 6.1.y support up to 5 years.
Giving people a chance to phase in the shorter lifespans, if at all possible. Hopefully this should help a bit.'"
2
6
1