2001-04-11 02:30:29

by Miles Lane

[permalink] [raw]
Subject: 2.5 module development mailing list needed? [Fwd: Linux Security Module Interface]

Hi,

Since the 2.5 kernel development will require continued module
architecture changes to accomodate power management, pluggable
security and PCMCIA in the kernel tree, it would seem to make
sense that the various groups that are doing module related
architecture changes collaborate and be aware of what each
other are doing, so that changes can be coordinated.

Groups that contain individuals who might be interested
might include:

[email protected]
[email protected]
[email protected]
[email protected]
LKML

Comments?

Miles

Crispin Cowan wrote:
>
> One of the byproducts of the Linux 2.5 Kernel Summit
> http://lwn.net/2001/features/KernelSummit/ was the notion of an
> enhancement of the loadable kernel module interface to facilitate
> security-oriented kernel modules. The purpose is to ease the tension
> between folks (such as Immunix and SELinux) who want to add substantial
> security capabilities to the kernel, and other folks who want to
> minimize kernel bloat & have no use for such security extensions.
>
> Modules that can be loaded, or not, are the obvious solution, but the
> current LKM does not export sufficient hooks to support many security
> mechanisms. Thus many current security enhancements end up existing as
> kernel patches, which marginalizes their utility by making distribution
> problematic. The proposed solution is to enhance the LKM with a variety
> of new kernel elements exported to the module interface, so as to
> support a reasonable variety of security enhancements.
>
> We have started a new mailing list called linux-security-module. The
> charter is to design, implement, and maintain suitable enhancements to
> the LKM to support a reasonable set of security enhancement packages.
> The prototypical module to be produced would be to port the POSIX Privs
> code out of the kernel and make it a module. An essential part of this
> project will be that the resulting work is acceptable for the mainline
> Linux kernel.
>
> The list is open to all. You can subscribe here
> http://mail.wirex.com/mailman/listinfo/linux-security-module or by
> sending e-mail to [email protected] with a subject
> of "subscribe".


2001-04-11 09:20:34

by Matti Aarnio

[permalink] [raw]
Subject: Re: 2.5 module development mailing list needed? [Fwd: Linux Security Module Interface]

On Tue, Apr 10, 2001 at 07:30:36PM -0700, Miles Lane wrote:
> Hi,
>
> [email protected]
> [email protected]
> [email protected]
> [email protected]
> LKML
>
> Comments?

Proper place to do this discussion is [email protected]

The amount of traffic won't probably be very high in comparison
to the average flow (150-250 emails per day at peak) of L-K.


The more you split things around, the less the people who really
need to follow it up can follow it.

As this is free world, nothing prevents you from going ahead and
creating some linux-25@xyz list somewhere. Just don't expect
everybody to rush into it.

> Miles

/Matti Aarnio

2001-04-11 17:07:13

by Miles Lane

[permalink] [raw]
Subject: Re: 2.5 module development mailing list needed? [Fwd: Linux Security Module Interface]

Matti Aarnio wrote:

> On Tue, Apr 10, 2001 at 07:30:36PM -0700, Miles Lane wrote:
>
>> Hi,
>>
>> [email protected]
>> [email protected]
>> [email protected]
>> [email protected]
>> LKML
>>
>> Comments?
>
>
> Proper place to do this discussion is [email protected]

It sounds good in theory. In practice, though, almost all of the
design discussions have been occuring in private e-mail.
For example, I have seen none of the messages discussing
the changes planned for the power management stuff in 2.5,
even though these changes will apparantly touch every single
modular driver. I know for a fact that the changes planned
to enable better implementation of PCMCIA support have
gone on between only a few developers. Also, from the
announcement from the Security Module folks, I gather that
there discussions haven't been held on LKML and aren't
planned to migrate here.

So, if you really think that all these module-related design
discussions should happen on LKML, we're going to have
to convince a bunch of people to move their discussions
here. This will not necessarily be easy. I know that the
reason that many of these discussions occur between only
a few people is that these folks want a decent signal to
noise ratio. That's why I proposed a "2.5-module-devel"
list. It would allow people who really care about this stuff
to coordinate their work.


> The amount of traffic won't probably be very high in comparison
> to the average flow (150-250 emails per day at peak) of L-K.

Well, I'd say it's more like 250-750/day. :-)


> The more you split things around, the less the people who really
> need to follow it up can follow it.

Well, there are probably two sets of audiences. The initial design
teams, who need to collaborate and the modular driver developers.
The driver developers could come into the loop later, if they please.
Although there would be value in their contribution earlier on.


> As this is free world, nothing prevents you from going ahead and
> creating some linux-25@xyz list somewhere. Just don't expect
> everybody to rush into it.

Well, I'll do that, if a few people say they'll move their design
discussions there and out of private e-mail and other lists.

>> Miles
>
>
> /Matti Aarnio


2001-04-11 20:06:51

by Rik van Riel

[permalink] [raw]
Subject: Re: 2.5 module development mailing list needed? [Fwd: Linux Security Module Interface]

On Wed, 11 Apr 2001, Miles Lane wrote:
> Matti Aarnio wrote:

> > Proper place to do this discussion is [email protected]
>
> It sounds good in theory. In practice, though, almost all of the
> design discussions have been occuring in private e-mail.

Actually, I tried to setup a mailing list ([email protected])
for discussions about future ideas for Linux, etc...

In practice most discussions just came back to linux-kernel or to
subsystem lists every once in a while. If you feel you want to
ramble about long-term ideas or random OS ideas you think might be
cool to have in Linux sometime in the future, feel free to use that
list I made (it's still around), but most serious discussion will
end up here sooner or later ...

regards,

Rik
--
Virtual memory is like a game you can't win;
However, without VM there's truly nothing to lose...

http://www.surriel.com/
http://www.conectiva.com/ http://distro.conectiva.com.br/