On 2020-07-30 09:13, Thomas Petazzoni wrote:
Hello,
On Thu, 30 Jul 2020 00:17:28 +0200
<m...@adrianschmutzler.de> wrote:
your dm-verity patchset is in our patchwork since November 2019 (v2).
Unfortunately, nobody seemed to be particularly interested in
reviewing/merging it.
Since I don't see a reason why this should change in another 8
months, I'm going to finally mark it as Rejected now. After all, our
resources are limited.
Isn't there some deferred or other state that better expresses the
actual situation?
I'm sorry, and although I fear a similar fate will hit the SELinux
effort, I still hope you will not feel repelled and continue to
contribute to OpenWrt in the future.
This is overall quite unfortunate. Initially, I have done this work for
a customer that was using an old vendor-modified OpenWrt version.
Instead of doing like most companies do: simply hack the old
vendor-modified OpenWrt and keep the changes private, I instead took an
upstream compatible approach: I did all my development on the latest
OpenWrt upstream, submitted it to the community, and only then
backported it to my customer vendor-specific OpenWrt.
It is therefore quite sad that despite this intention of being a good
open-source citizen and try to do the "right" thing, OpenWrt as an
upstream project is not interested. Such security features are more and
more commonly needed, and it will at some point be a problem for
OpenWrt to not have such features supported.
This is another reason why OpenWRT IMHO should become a Yocto layer (or
set of layers preferably). It would relief the OpenWRT community from
maintaining a lot of generic infrastructure and open source packages.
Freeing up their resources to work on what distinguishes OpenWRT from a
generic Linux distribution.
Things like dm-verity and SELinux for smaller and targeted embedded
devices could than be picked up by the much larger Yocto community and
become available for OpenWRT almost for free or there would be at least
the benefit of the main infrastructure being there.
FYI: there is already such a layer
(https://github.com/kraj/meta-openwrt), but still very limited.
Best regards,
Thomas Petazzoni
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
