| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1352305752.3140.4449.camel@edumazet-glaptop> Date: Wed, 07 Nov 2012 08:29:12 -0800 From: Eric Dumazet <eric.dumazet@...il.com> To: Dave Jones <davej@...hat.com> Cc: Julius Werner <jwerner@...omium.org>, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, Patrick McHardy <kaber@...sh.net>, Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>, James Morris <jmorris@...ei.org>, Alexey Kuznetsov <kuznet@....inr.ac.ru>, "David S. Miller" <davem@...emloft.net>, Sameer Nanda <snanda@...omium.org>, Mandeep Singh Baines <msb@...omium.org>, Eric Dumazet <edumazet@...omium.org> Subject: Re: [PATCH] tcp: Replace infinite loop on recvmsg bug with proper crashusers On Wed, 2012-11-07 at 10:54 -0500, Dave Jones wrote: > It sounds more appropriate to me, instead of silently wedging the box. > At least with that approach we have a chance of finding out what happened. Its quite the opposite. If bug is still there 6 months after the commits that broke the drivers, (making an old bug visible) that means that people never realized the bug was there. I understand a distro maintainer has its own choices, but for upstream kernel we want to have early reports. This bug is fatal and a security issue. BUG() is appropriate. If the driver cant be fixed, it should be marked broken. So I personally NACKed patch to hide the bug, trying to be friendly to the user. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists