| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Mar 2008 11:32:54 +1100 From: Rusty Russell <rusty@...tcorp.com.au> To: Adrian Bunk <bunk@...nel.org> Cc: LKML <linux-kernel@...r.kernel.org>, Alexey Dobriyan <adobriyan@...il.com> Subject: Re: [PATCH 2/2] modules: Whine about suspicious return values from module's ->init() hook On Thursday 06 March 2008 10:04:45 Adrian Bunk wrote: > On Tue, Mar 04, 2008 at 11:22:26PM +1100, Rusty Russell wrote: > > Subject: Whine about suspicious return values from module's ->init() hook > > Date: Mon, 11 Feb 2008 01:09:06 +0300 > > From: Alexey Dobriyan <adobriyan@...il.com> > > > > Return value convention of module's init functions is 0/-E. Sometimes, > > e.g. during forward-porting mistakes happen and buggy module created, > > where result of comparison "workqueue != NULL" is propagated all the way > > up to sys_init_module. What happens is that some other module created > > workqueue in question, our module created it again and module was > > successfully loaded. > > > > Or it could be some other bug. > > > > Let's make such mistakes much more visible. In retrospective, such > > messages would noticeably shorten some of my head-scratching sessions. > > > > Note, that dump_stack() is just a way to get attention from user. > > Sample message: > > > > sys_init_module: 'foo'->init suspiciously returned 1, it should follow > > 0/-E convention sys_init_module: loading module anyway... > >... > > While I agree with Andrew that a BUG() would not be appropriate here I'm > wondering why the module should be loaded? > > We do know that something in the module is buggy. Unfortunately not: it's a semantic change. Previously as per Unix standard, >=0 was good, < 0 was bad. This resulted in some confusion, and so Alexey proposed tightening the rules, to only allow <= 0 values. So we don't know that the module is buggy. It's possible that it's returning ENODEV instead of -ENODEV, but it's also possible that it's returning 1 to mean "ok". > And not loading the module also seems to be a good compromise between > making the user notice the problem and not doing a panic(). Depends which way the failure is. Andrew said not to break existing systems. To avoid this, we'd need an audit which noone wants to do, so we're being lazy. Hope that clarifies my thinking, Rusty. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists