lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Z0_F8EuGpxPPytFM@smile.fi.intel.com>
Date: Wed, 4 Dec 2024 05:01:04 +0200
From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To: "Huang, Ying" <ying.huang@...ux.alibaba.com>
Cc: Raghavendra K T <raghavendra.kt@....com>, linux-kernel@...r.kernel.org,
	linux-cxl@...r.kernel.org, bharata@....com,
	Andrew Morton <akpm@...ux-foundation.org>,
	Dan Williams <dan.j.williams@...el.com>,
	David Hildenbrand <david@...hat.com>,
	Davidlohr Bueso <dave@...olabs.net>,
	Jonathan Cameron <jonathan.cameron@...wei.com>,
	Dave Jiang <dave.jiang@...el.com>,
	Alison Schofield <alison.schofield@...el.com>,
	Vishal Verma <vishal.l.verma@...el.com>,
	Ira Weiny <ira.weiny@...el.com>,
	Alistair Popple <apopple@...dia.com>,
	Bjorn Helgaas <bhelgaas@...gle.com>, Baoquan He <bhe@...hat.com>,
	ilpo.jarvinen@...ux.intel.com,
	Mika Westerberg <mika.westerberg@...ux.intel.com>,
	Fontenot Nathan <Nathan.Fontenot@....com>,
	Wei Huang <wei.huang2@....com>
Subject: Re: [RFC PATCH] resource: Fix CXL node not populated issue

On Wed, Dec 04, 2024 at 10:07:16AM +0800, Huang, Ying wrote:
> Andy Shevchenko <andriy.shevchenko@...ux.intel.com> writes:
> > On Tue, Dec 03, 2024 at 02:26:52PM +0800, Huang, Ying wrote:
> >> Raghavendra K T <raghavendra.kt@....com> writes:

...

> >> > git bisect had led to below commit
> >> > Fixes: b4afe4183ec7 ("resource: fix region_intersects() vs add_memory_driver_managed()")
> >> 
> >> This breaks you case, sorry about that.  But this also fixed a real bug
> >> too.  So, it's not appropriate just to revert it blindly.
> >
> > Linus was clear about this recently. Even if it fixes a bug, regression is
> > still regression and might (*) lead to a revert.
> > https://lwn.net/Articles/990599/
> >
> > (*) in general fixes are better than reverts, but depends on the timing in
> >     the release cycle the revert may be the only option.
> 
> I don't think that the timing is so tight that we should not work on
> proper fix firstly.  I'm trying to work with the reporter on this.

I agree on this, please do.

> BTW, the commit b4afe4183ec7 ("resource: fix region_intersects() vs
> add_memory_driver_managed()") fixed a security related bug.  The bug
> weakened the protection to prevent users read/write system memory via
> /dev/mem.  So, IMO, we need to be more careful about this.

My point was that the regression is obvious and it needs to be fixed.
That's all. Revert is a last resort in this sense.

-- 
With Best Regards,
Andy Shevchenko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ