Don't know. Only focus on Android now so don't pay much attention to stuff like this or areas covered by SELinux.
-
-
MODHARDEN is one of many grsecurity features that are very useful on desktops but not at all for the niche we focus on.
1 reply 0 retweets 0 likes -
Actually applies to *most* of the named grsecurity features that it adds on top of PaX, but there are unnamed changes.
1 reply 0 retweets 0 likes -
KSTACKOVERFLOW was one of the exceptions but that's now copied in an inferior way (debugging it sucks) upstream.
1 reply 0 retweets 0 likes -
Replying to @CopperheadOS @solardiz
grsec's is x86 only, in 2 parts: thread_info move & vmap stack. upstream has both on x86 and former on arm64 & s390
1 reply 0 retweets 0 likes -
the NIH'd version of vmap stack is full of bugs, still a whack-a-mole game a few releases later.
1 reply 2 retweets 1 like -
Understood. There are many paths to getting things into upstream and stabilization can be one of the costs.
1 reply 0 retweets 0 likes -
IMHO bugs due to entirely avoidable design errors (NIH) are simply irresponsible and bad engineering.
1 reply 0 retweets 1 like -
As you know, the way to change upstream Linux kernel engineering practices is to participate directly :)
1 reply 0 retweets 0 likes -
pointless when stuff like __ro_after_init and now refcount_t can go in despite being bad engineering...
1 reply 0 retweets 1 like
I don't share your "bad engineering" opinion, and I think your involvement wouldn't be pointless at all.
-
-
i did discuss those two (mis)features at the time to no avail. guess we just have different standards ;).
0 replies 0 retweets 0 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.