lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Thu, 21 Jun 2018 09:02:07 +0900
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Dmitry Vyukov <dvyukov@...il.com>
Cc:     linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
        torvalds@...ux-foundation.org, Dmitry Vyukov <dvyukov@...gle.com>
Subject: Re: [PATCH] include/asm-generic/bug.h: clarify valid uses of WARN()

On Wed, Jun 20, 2018 at 12:37:16PM +0200, Dmitry Vyukov wrote:
> From: Dmitry Vyukov <dvyukov@...gle.com>
> 
> Explicitly state that WARN*() should be used only for recoverable
> kernel issues/bugs and that it should not be used for any kind of
> invalid external inputs or transient conditions.
> 
> Motivation: it's a very useful capability to be able to understand
> if a particular kernel splat means a kernel bug or simply an invalid
> user-space program. For the former one wants to notify kernel developers,
> while notifying kernel developers for the latter is annoying.
> Even a kernel developer may not know what to do with a WARNING
> in an unfamiliar subsystem. This is especially critical for any automated
> testing systems that may use panic_on_warn and mail kernel developers.
> 
> The clear separation also serves as an additional documentation:
> is it a condition that must never occur because of additional
> checks/logic elsewhere? or is it simply a check for invalid inputs
> or unfortunate conditions?
> 
> Use of pr_err() for user messages also leads to better error messages.
> "Something is wrong in file foo on line X" is not particularly useful
> message for end user. pr_err() forces developers to write more meaningful
> error messages for user.
> 
> As of now we are almost there. We are doing systematic kernel testing
> with panic_on_warn and are not seeing massive amounts of false positives.
> But every now and then another WARN on ENOMEM or invalid inputs pops up
> and leads to a lengthy argument each time. The goal of this change
> is to officially document the rules.
> 
> Signed-off-by: Dmitry Vyukov <dvyukov@...gle.com>
> ---
>  include/asm-generic/bug.h | 16 +++++++++++++---
>  1 file changed, 13 insertions(+), 3 deletions(-)

Nice!

Acked-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>

Powered by blists - more mailing lists