lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAHk-=wj+zyWsZGhiCiopkrnu1_bkNE1Ax+82sP4Donsv9pUZuw@mail.gmail.com>
Date:   Thu, 9 Jan 2020 11:14:22 -0800
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Jiri Kosina <jikos@...nel.org>,
        Dmitry Torokhov <dmitry.torokhov@...il.com>,
        Marcel Holtmann <marcel@...tmann.org>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Benjamin Tissoires <benjamin.tissoires@...hat.com>
Subject: Re: [GIT PULL] HID fixes

On Thu, Jan 9, 2020 at 6:23 AM Jiri Kosina <jikos@...nel.org> wrote:
>
> - _poll API fixes for hidraw, from Marcel Holtmann

Why is this bogus thing sent to me as a "fix"?

It's breaking things AGAIN.

Guys, doing this is *WRONG*:

   if (readable)
       return "it's readable";
  if (error)
       return "there's some error";
  return "it's writable";

Seriously. Think about _why_ the above is wrong for five seconds please (*).

That "fix" actually introduces a bug, and the code is complete
garbage. It wasn't pretty before, but it was _less_ garbage before.

We had the exact same thing in the uinput layer recently, and it was
buggy then too.

That was Marcel that time too. And he was Cc'd on the fix back then
too, but still THIS SAME BUG gets introduced a month later in the HID
layer.

See

    https://lore.kernel.org/lkml/20191209202254.GA107567@dtor-ws/

for details, even if I haven't gotten a pull request from Dmitry since.

I've merged this HID code, BUT IT IS WRONG. Stop doing this mistake
over and over again, even when told otherwise.

I expect to see a fix, and I expect people to start thinking about it.
And Marcel, since you were told it was buggy once, why didn't you then
inform Jiri that you had sent *him* the same buggy code? How many
other people have you sent that buggy patch to without then informing
them that it was completely bogus?

            Linus

(*) If thinking about it for five seconds didn't help, then let me
just give a big clue-bat: "what if it's both readable and writable,
but the user only cares about the writable part"?

Poll is a *set* of conditions. Not just one.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ