lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <87iks06w17.fsf@DESKTOP-5N7EMDA>
Date: Wed, 04 Dec 2024 10:07:16 +0800
From: "Huang, Ying" <ying.huang@...ux.alibaba.com>
To: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc: Raghavendra K T <raghavendra.kt@....com>,  linux-kernel@...r.kernel.org,
  linux-cxl@...r.kernel.org,  bharata@....com,  Andrew Morton
 <akpm@...ux-foundation.org>,  Dan Williams <dan.j.williams@...el.com>,
  David Hildenbrand <david@...hat.com>,  Davidlohr Bueso
 <dave@...olabs.net>,  Jonathan Cameron <jonathan.cameron@...wei.com>,
  Dave Jiang <dave.jiang@...el.com>,  Alison Schofield
 <alison.schofield@...el.com>,  Vishal Verma <vishal.l.verma@...el.com>,
  Ira Weiny <ira.weiny@...el.com>,  Alistair Popple <apopple@...dia.com>,
  Bjorn Helgaas <bhelgaas@...gle.com>,  Baoquan He <bhe@...hat.com>,
  ilpo.jarvinen@...ux.intel.com,  Mika Westerberg
 <mika.westerberg@...ux.intel.com>,  Fontenot Nathan
 <Nathan.Fontenot@....com>,  Wei Huang <wei.huang2@....com>
Subject: Re: [RFC PATCH] resource: Fix CXL node not populated issue

Hi, Andy,

Andy Shevchenko <andriy.shevchenko@...ux.intel.com> writes:

> On Tue, Dec 03, 2024 at 02:26:52PM +0800, Huang, Ying wrote:
>> Raghavendra K T <raghavendra.kt@....com> writes:
>
> ...
>
>> > git bisect had led to below commit
>> > Fixes: b4afe4183ec7 ("resource: fix region_intersects() vs add_memory_driver_managed()")
>> 
>> This breaks you case, sorry about that.  But this also fixed a real bug
>> too.  So, it's not appropriate just to revert it blindly.
>
> Linus was clear about this recently. Even if it fixes a bug, regression is
> still regression and might (*) lead to a revert.
> https://lwn.net/Articles/990599/
>
> (*) in general fixes are better than reverts, but depends on the timing in
>     the release cycle the revert may be the only option.

I don't think that the timing is so tight that we should not work on
proper fix firstly.  I'm trying to work with the reporter on this.

BTW, the commit b4afe4183ec7 ("resource: fix region_intersects() vs
add_memory_driver_managed()") fixed a security related bug.  The bug
weakened the protection to prevent users read/write system memory via
/dev/mem.  So, IMO, we need to be more careful about this.

---
Best Regards,
Huang, Ying

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ