lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 28 Jul 2022 19:14:43 +0300
From:   Fedor Pchelkin <pchelkin@...ras.ru>
To:     Oleksij Rempel <o.rempel@...gutronix.de>
Cc:     Robin van der Gracht <robin@...tonic.nl>,
        Oleksij Rempel <linux@...pel-privat.de>,
        Pengutronix Kernel Team <kernel@...gutronix.de>,
        Oliver Hartkopp <socketcan@...tkopp.net>,
        Marc Kleine-Budde <mkl@...gutronix.de>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Elenita Hinds <ecathinds@...il.com>,
        Kurt Van Dijck <dev.kurt@...dijck-laurijssen.be>,
        linux-can@...r.kernel.org, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Alexey Khoroshilov <khoroshilov@...ras.ru>,
        ldv-project@...uxtesting.org
Subject: Re: [PATCH] can: j1939: Remove unnecessary WARN_ON_ONCE in
 j1939_sk_queue_activate_next_locked()

Hello Oleksij,

I'm sorry for late answering.

On 20.07.2022 22:13, Oleksij Rempel wrote:
>> Are you working on some system where this use case is valid?

No, we are fuzzing the kernel and analyzing different warnings and
crashes.

On 20.07.2022 22:13, Oleksij Rempel wrote:
 > yes

Well, there is a long story about where and for which purposes the
kernel warning macros should be correctly used and, overall,
WARN_ON_ONCE is not intended for user-space notification.

Linus Torvalds wrote:
 > WARN_ON() should only be used for "This cannot happen, but if it does,
 > I want to know how we got here".
 >
 > So if that j1939 thing is something that can be triggered by a user,
 > then the backtrace should be reported to the driver maintainer, and
 > then either
 >
 > (a) the WARN_ON_ONCE() should just be removed ("ok, this can happen,
 > we understand why it can happen, and it's fine")
 >
 > (b) the problem the WARN_ON_ONCE() reports about should be made
 > impossible some way
 >
 > (c) it might be downgraded to a pr_warn() if people really want to
 > tell user space that "guys, you're doing something wrong" and it's
 > considered a useful warning.

So WARN_ON_ONCE should be replaced with a more gentle variant - I think
pr_warn_once would suit this case. I've prepared a new patch for that,
it will follow this email.

Could you also look at the patch - [PATCH] can: j1939: fix memory leak 
of skbs - which I sent you on 08.07.2022, please?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ