lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 8 Jan 2018 11:41:01 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Tejun Heo <tj@...nel.org>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Li Zefan <lizefan@...wei.com>,
        Johannes Weiner <hannes@...xchg.org>,
        cgroups <cgroups@...r.kernel.org>
Subject: Re: [GIT PULL] cgroup fixes for v4.15-rc7

On Mon, Jan 8, 2018 at 11:28 AM, Tejun Heo <tj@...nel.org> wrote:
>
> Dang, I was reading the different str*cpy() functions and suggested
> strscpy() and then forgot about it and blindly applied strlcpy()
> blindly after the build warning report.  It'd be great to weed out the
> useless ones.  These are places where truncation is fine.  Would the
> right thing to do be adding (void) in front, which is kinda ugly?

Yeah, I don't know. The actual code looks fine, and I pulled it, but I
really hate strlcpy().

Having us have extra warnings for strscpy() that turns people off from
using the right function is all kinds of sad.

I do think KASAN was unhappy about strscpy() too, because of the
word-at-a-time optimization (even if that one is very careful to not
cross pages etc).

Ho humm. I don't know what the right fix is. But I do suspect we
could/should just remove the __must_check from strscpy(), because one
of the points of that function really is that it always does the right
thing regardless of what you pass into it.

But some people absolutely love those idiotic warnings, even when they
demonstrably result in people writing worse code due to them.

Because "not checking error returns is a bug". Bah, humbug.

If just removing the __must_check makes cgroup happy, I would suggest
you send me a patch with that removal and the strlcpy turned back into
strscpy. Because I definitely _will_ apply such a patch.

                Linus

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ