lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20080316234929.GA456@tv-sign.ru>
Date:	Mon, 17 Mar 2008 02:49:29 +0300
From:	Oleg Nesterov <oleg@...sign.ru>
To:	Roland McGrath <roland@...hat.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Davide Libenzi <davidel@...ilserver.org>,
	"Eric W. Biederman" <ebiederm@...ssion.com>,
	Ingo Molnar <mingo@...e.hu>,
	Laurent Riffard <laurent.riffard@...e.fr>,
	Pavel Emelyanov <xemul@...nvz.org>,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4/5] don't panic if /sbin/init exits or killed

On 03/16, Roland McGrath wrote:
>
> > But panic() isn't better? It doesn't provide any useful info.
> 
> It is not misleading in the same way.  It's clear that going to look at the
> kernel source is not the place to find the root of the problem.
> 
> > Well, I think the generic "if we have a chance to survive, we should try
> > to survive" rule is good.
> > 
> > If the boot init dies, at least the admin has a chance to figure out what
> > has happened, and -o remount,ro /.
> 
> For me and you, I agree.  I think the common case is that there is no admin
> prepared to do any such thing, but just someone expecting a reboot to fix
> things and preferring that a failing system reboot itself in the middle of
> the night rather than wedge.

Agreed,

> > Every BUG/BUG_ON in fact means the system is not useable, but still it does
> > not panic(), but tries to proceed.
> 
> Many production systems probably set panic_on_oops.  Having the init panic
> behavior keyed on that seems fine to me.  I just don't like the "kernel bug
> at this source line" output when it's not true.

Ah, OK. We can change this to dump_stack() without BUG().

(but again! panic() isn't better, it also looks like a kernel bug).

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ