lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240115092841.19dc32f6.alex.williamson@redhat.com>
Date: Mon, 15 Jan 2024 09:28:41 -0700
From: Alex Williamson <alex.williamson@...hat.com>
To: "Wang, Wei W" <wei.w.wang@...el.com>
Cc: Kunwu Chan <chentao@...inos.cn>, "kvm@...r.kernel.org"
 <kvm@...r.kernel.org>, "linux-kernel@...r.kernel.org"
 <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] vfio: Use WARN_ON for low-probability allocation
 failure issue in vfio_pci_bus_notifier

On Mon, 15 Jan 2024 15:41:02 +0000
"Wang, Wei W" <wei.w.wang@...el.com> wrote:

> On Monday, January 15, 2024 2:35 PM, Kunwu Chan wrote:
> > kasprintf() returns a pointer to dynamically allocated memory which can be
> > NULL upon failure.
> > 
> > This is a blocking notifier callback, so errno isn't a proper return value. Use
> > WARN_ON to small allocation failures.
> > 
> > Signed-off-by: Kunwu Chan <chentao@...inos.cn>
> > ---
> > v2: Use WARN_ON instead of return errno
> > ---
> >  drivers/vfio/pci/vfio_pci_core.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/drivers/vfio/pci/vfio_pci_core.c b/drivers/vfio/pci/vfio_pci_core.c
> > index 1cbc990d42e0..61aa19666050 100644
> > --- a/drivers/vfio/pci/vfio_pci_core.c
> > +++ b/drivers/vfio/pci/vfio_pci_core.c
> > @@ -2047,6 +2047,7 @@ static int vfio_pci_bus_notifier(struct notifier_block
> > *nb,
> >  			 pci_name(pdev));
> >  		pdev->driver_override = kasprintf(GFP_KERNEL, "%s",
> >  						  vdev->vdev.ops->name);
> > +		WARN_ON(!pdev->driver_override);  
> 
> Saw Alex's comments on v1. Curious why not return "NOTIFY_BAD" on errors though
> less likely? Similar examples could be found in kvm_pm_notifier_call, kasan_mem_notifier etc.

If the statement is that there are notifier call chains that return
NOTIFY_BAD, I would absolutely agree, but the return value needs to be
examined from the context of the caller.  BUS_NOTIFY_ADD_DEVICE is
notified via bus_notify() in device_add().  What does it accomplish to
return NOTIFY_BAD in a chain that ignores the return value?  At best
we're preventing callbacks further down the chain from being called.
That doesn't seem obviously beneficial either.

The scenario here is similar to that in fail_iommu_bus_notify() where
they've chosen to trigger a pr_warn() if they're unable to crease sysfs
entries.  In fact, a pci_warn(), maybe even pci_err() might be a better
alternative here than a WARN_ON().  Thanks,

Alex


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ