lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Jun 2018 09:02:07 +0900 From: Greg KH <gregkh@...uxfoundation.org> To: Dmitry Vyukov <dvyukov@...il.com> Cc: linux-kernel@...r.kernel.org, akpm@...ux-foundation.org, torvalds@...ux-foundation.org, Dmitry Vyukov <dvyukov@...gle.com> Subject: Re: [PATCH] include/asm-generic/bug.h: clarify valid uses of WARN() On Wed, Jun 20, 2018 at 12:37:16PM +0200, Dmitry Vyukov wrote: > From: Dmitry Vyukov <dvyukov@...gle.com> > > Explicitly state that WARN*() should be used only for recoverable > kernel issues/bugs and that it should not be used for any kind of > invalid external inputs or transient conditions. > > Motivation: it's a very useful capability to be able to understand > if a particular kernel splat means a kernel bug or simply an invalid > user-space program. For the former one wants to notify kernel developers, > while notifying kernel developers for the latter is annoying. > Even a kernel developer may not know what to do with a WARNING > in an unfamiliar subsystem. This is especially critical for any automated > testing systems that may use panic_on_warn and mail kernel developers. > > The clear separation also serves as an additional documentation: > is it a condition that must never occur because of additional > checks/logic elsewhere? or is it simply a check for invalid inputs > or unfortunate conditions? > > Use of pr_err() for user messages also leads to better error messages. > "Something is wrong in file foo on line X" is not particularly useful > message for end user. pr_err() forces developers to write more meaningful > error messages for user. > > As of now we are almost there. We are doing systematic kernel testing > with panic_on_warn and are not seeing massive amounts of false positives. > But every now and then another WARN on ENOMEM or invalid inputs pops up > and leads to a lengthy argument each time. The goal of this change > is to officially document the rules. > > Signed-off-by: Dmitry Vyukov <dvyukov@...gle.com> > --- > include/asm-generic/bug.h | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) Nice! Acked-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Powered by blists - more mailing lists