subject:"Proposed removal of kernel AX.25 support"

Re: Proposed removal of kernel AX.25 support

2019-07-31 Thread Iain Learmonth

Hi,

On 31/07/2019 00:53, Ben Hutchings wrote:
> Iain seems to be saying in
>  that ax25
> is now badly broken, and I don't think we should enable badly broken
> features.  (However, so far as I know the only reason it's disabled on
> arm64 is due to historical accident: it is not enabled in the top-level 
> config file but only by per-architecture config files.)

On investigation, it does appear that it is only IP over AX.25 that has
been broken, not the whole AX.25 stack. I guess this is because the IP
stack gets touched regularly and there is not enough test (automated or
manual) coverage for AX.25 to notice when things break.

For pure AX.25 the module does still seem to be reliable and free of
obvious bugs.

#783160 should probably be assigned to the kernel package and forwarded
upstream. I have no idea how to forward bugs for the Linux kernel
itself. If there's some primer on that I could read that would be handy,
or maybe the kernel team would want to do the forwarding.

> Also, every network protocol that can be auto-loaded adds to the attack
> surface of the kernel.  At the very least we should disable auto-
> loading of ax25 (and I'm a little surprised I hadn't done that
> already).

Setting up an AX.25 interface is already a pretty manual process, if it
were necessary to run modprobe or something similar to set up an
interface then this is easy enough to do and wouldn't be an unreasonable
burden on users imo.

Thanks,
Iain. (please keep me in CC, I am not subscribed)

signature.asc
Description: OpenPGP digital signature

Re: Proposed removal of kernel AX.25 support

2019-07-30 Thread Ben Hutchings

On Sun, 2019-07-28 at 21:43 +0200, Uwe Kleine-König wrote:
> On Fri, Jul 26, 2019 at 07:17:23PM +0100, Iain Learmonth wrote:
> > Hi,
> > 
> > On 26/07/2019 19:10, Iain Learmonth wrote:
> > > I am a maintainer for the libax25 and ax25-apps packages, and these
> > > packages are not in great shape. These are userspace packages that
> > > compliment the AX.25 networking support in the Linux kernel. I would
> > > like to propose that we do not ship these packages, or otherwise use the
> > > kernel AX.25 support, in the next Debian release.
> > 
> > Just wanted to draw your attention to this thread on
> > debian-h...@lists.debian.org.
> > 
> > https://lists.debian.org/330b13ec-b5b5-e27b-d694-6053c7421...@debian.org
> > 
> > The next logical step would be to disable it in the kernel if we remove
> > all userspace support.
> 
> my 2 cents: having AX.25 support enabled in the kernel isn't a burden,
> so I'd keep that enabled helping those who then compile libax25 and
> ax25-apps themselves and so get a working setup without the need to
> recompile their kernel.

Iain seems to be saying in
 that ax25
is now badly broken, and I don't think we should enable badly broken
features.  (However, so far as I know the only reason it's disabled on
arm64 is due to historical accident: it is not enabled in the top-level 
config file but only by per-architecture config files.)

Also, every network protocol that can be auto-loaded adds to the attack
surface of the kernel.  At the very least we should disable auto-
loading of ax25 (and I'm a little surprised I hadn't done that
already).

Ben.

-- 
Ben Hutchings
You can't have everything.  Where would you put it?



signature.asc
Description: This is a digitally signed message part

Re: Proposed removal of kernel AX.25 support

2019-07-28 Thread Uwe Kleine-König

On Fri, Jul 26, 2019 at 07:17:23PM +0100, Iain Learmonth wrote:
> Hi,
> 
> On 26/07/2019 19:10, Iain Learmonth wrote:
> > I am a maintainer for the libax25 and ax25-apps packages, and these
> > packages are not in great shape. These are userspace packages that
> > compliment the AX.25 networking support in the Linux kernel. I would
> > like to propose that we do not ship these packages, or otherwise use the
> > kernel AX.25 support, in the next Debian release.
> 
> Just wanted to draw your attention to this thread on
> debian-h...@lists.debian.org.
> 
> https://lists.debian.org/330b13ec-b5b5-e27b-d694-6053c7421...@debian.org
> 
> The next logical step would be to disable it in the kernel if we remove
> all userspace support.

my 2 cents: having AX.25 support enabled in the kernel isn't a burden,
so I'd keep that enabled helping those who then compile libax25 and
ax25-apps themselves and so get a working setup without the need to
recompile their kernel.

Best regards
Uwe

-- 
Pengutronix e.K.   | Uwe Kleine-König|
Industrial Linux Solutions | http://www.pengutronix.de/  |

Re: Proposed removal of kernel AX.25 support

2019-07-26 Thread Iain Learmonth

Hi,

On 26/07/2019 19:10, Iain Learmonth wrote:
> I am a maintainer for the libax25 and ax25-apps packages, and these
> packages are not in great shape. These are userspace packages that
> compliment the AX.25 networking support in the Linux kernel. I would
> like to propose that we do not ship these packages, or otherwise use the
> kernel AX.25 support, in the next Debian release.

Just wanted to draw your attention to this thread on
debian-h...@lists.debian.org.

https://lists.debian.org/330b13ec-b5b5-e27b-d694-6053c7421...@debian.org

The next logical step would be to disable it in the kernel if we remove
all userspace support.

Thanks,
Iain.



signature.asc
Description: OpenPGP digital signature

Re: Proposed removal of kernel AX.25 support

Re: Proposed removal of kernel AX.25 support

Re: Proposed removal of kernel AX.25 support

Re: Proposed removal of kernel AX.25 support

4 matches

Site Navigation

Mail list logo

Footer information