lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 5 Jan 2011 19:57:16 +0100
From:	Wolfram Sang <w.sang@...gutronix.de>
To:	Greg KH <gregkh@...e.de>
Cc:	linux-kernel@...r.kernel.org,
	David Brownell <dbrownell@...rs.sourceforge.net>
Subject: Re: [PATCH 0/2] Annotate gpio-configuration with __must_check

On Tue, Jan 04, 2011 at 03:44:40PM -0800, Greg KH wrote:
> On Wed, Jan 05, 2011 at 12:05:08AM +0100, Wolfram Sang wrote:
> > 
> > > > should fail if it cannot be requested. Or not. Things get worse for
> > > > architectures I never used before. This is why I think it is really better to
> > > > let people do the fixups who have/understand the hardware in question.
> > > > Otherwise the fixups could indeed be more harmful than helpful.
> > > 
> > > Sure, they could be more harmful, but at least try.  Make the patches
> > > up, submit them to the maintainers, and if they are wrong, they will be
> > > the best to fix it up properly.
> > 
> > Well, I could generalize all cases and always issue a WARN() if the request
> > fails. But this would just move a compile-time warning into a runtime warning.
> > Also, I have my doubts that even the arch/mach-maintainers know all the boards
> > and their peculiarities. There are thousands of them.
> 
> Well, they better know the peculiarities of the hardware they write code
> for :)

For the architecture, yes certainly. But for every board? I wonder...
Even if it is possible for one person to fix all the warnings, it is
surely beyond my resources, because I believe it should be done
manually. The pity is: My main intention was not primarily to cure old
bugs, but to prevent new bugs from happening. Some CONFIG-option would
still allow that which is what I'd prefer meanwhile. Okay, I can still
apply my patches locally and simply send fixes for code which I use.
Maybe others will do, too.

> But no, a WARN() might not be that nice as it usually is never seen by
> embedded developers...

Well, not after devices are deployed. It is seen during development
which is also the time those bugs would typically appear.

Regards,

   Wolfram

-- 
Pengutronix e.K.                           | Wolfram Sang                |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |

Download attachment "signature.asc" of type "application/pgp-signature" (199 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ