| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c3051fd1-2aaa-485f-b23d-d98c3579e166@efficios.com> Date: Mon, 4 Mar 2024 21:48:44 -0500 From: Mathieu Desnoyers <mathieu.desnoyers@...icios.com> To: Steven Rostedt <rostedt@...dmis.org> Cc: LKML <linux-kernel@...r.kernel.org>, Linux Trace Kernel <linux-trace-kernel@...r.kernel.org>, Masami Hiramatsu <mhiramat@...nel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Sachin Sant <sachinp@...ux.ibm.com> Subject: Re: [PATCH] tracing: Have trace_marker writes be just half of TRACE_SEQ_SIZE On 2024-03-04 21:37, Steven Rostedt wrote: > On Mon, 4 Mar 2024 21:35:38 -0500 > Steven Rostedt <rostedt@...dmis.org> wrote: > >>> And it's not for debugging, it's for validation of assumptions >>> made about an upper bound limit defined for a compile-time >>> check, so as the code evolves issues are caught early. >> >> validating is debugging. > > Did Linus put you up to this? To test me to see if I'm learning how to say "No" ;-) No, he did not. I genuinely think that validating size limits like this either at compile time or, when they can vary at runtime like in this case, with a dynamic check, decreases the cognitive load on the reviewers. We can then assume that whatever limit was put in place is actually enforced and not just wishful thinking. If the "header" size upper bound is not validated at runtime, there is not much point in adding the BUILD_BUG_ON() based on that value in the first place, and you should then just add a runtime check that you don't overflow the output buffer before writing the output to it. Thanks, Mathieu -- Mathieu Desnoyers EfficiOS Inc. https://www.efficios.com
Powered by blists - more mailing lists