|
|
Log in / Subscribe / Register

State of the Kernel Self Protection Project

State of the Kernel Self Protection Project

Posted Sep 5, 2016 17:39 UTC (Mon) by PaXTeam (guest, #24616)
In reply to: State of the Kernel Self Protection Project by mina86
Parent article: State of the Kernel Self Protection Project

i think you simply have no experience with upstreaming code of this amount and complexity and so don't understand the amount of effort needed for it. the thousands of hours i mentioned wasn't hyperbole, it's my estimate based on observing past progress (and often lack thereof) on various attempts. of course you can call me names all you want but that doesn't change the physical reality in which i simply don't have those thousands of hours of free time to spend (dare i say, waste) on upstreaming this code and clearly noone else does as all the real progress so far was made on company time.

to post comments

State of the Kernel Self Protection Project

Posted Sep 5, 2016 18:16 UTC (Mon) by mina86 (guest, #68442) [Link] (4 responses)

I don’t understand your point then:

> the proper way to upstream our code would be for somebody to pay for that time.

This sounds to me that you’re claiming current upstreaming efforts are not proper because no one is paying for the time. Is that what you’re saying?

State of the Kernel Self Protection Project

Posted Sep 5, 2016 19:15 UTC (Mon) by PaXTeam (guest, #24616) [Link] (3 responses)

perhaps try not to take stuff out of context and also read the comment i replied that to :).

State of the Kernel Self Protection Project

Posted Sep 5, 2016 21:11 UTC (Mon) by nix (subscriber, #2304) [Link] (2 responses)

So... reading that, your complaint is that nobody is paying *you* in particular to upstream it?

This is sounding less and less high-minded by the minute.

State of the Kernel Self Protection Project

Posted Sep 5, 2016 21:15 UTC (Mon) by PaXTeam (guest, #24616) [Link]

not quite, try reading what i responded to again.

State of the Kernel Self Protection Project

Posted Sep 6, 2016 10:13 UTC (Tue) by paulj (subscriber, #341) [Link]

To be fair, even if "No one paid me to do it" is what PaX intended as a criticism, that's still quite acceptable. They spent a lot of effort on that work, and really it would be good if those who work on Linux get something towards food, shelter, etc. You can understand why he'd be miffed if others are now being supported to pick at their work and upstream bits.

E.g., every seems to be agreed PaX et al have done some good work on security. Wouldn't it be nice if some of the money going into hardening the kernel helped that work?

The question is whether the inter-personal issues at play can be overcome to make that possible. Whether PaX et al can co-operate, tackle the nits and implement review comments (which sometimes do no more than help give the reviewers a shared sense of participation and value - but we socio-insensitive techies often don't perceive the soft, socio-politics, sigh), etc. Whether the other side(s) could get over their hostility, etc. ?

Shame really for everyone, inc. the users.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds