lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2025052607-hertz-duly-cca2@gregkh>
Date: Mon, 26 May 2025 12:25:37 +0200
From: Greg KH <greg@...ah.com>
To: Johannes Berg <johannes@...solutions.net>
Cc: Wentao Liang <vulab@...as.ac.cn>, luciano.coelho@...el.com,
	linux-wireless@...r.kernel.org, linux-kernel@...r.kernel.org,
	stable@...r.kernel.org
Subject: Re: [PATCH v2] mac80211: Add null pointer check for
 ieee80211_link_get_chanctx()

On Mon, May 26, 2025 at 11:56:16AM +0200, Johannes Berg wrote:
> On Mon, 2025-05-26 at 11:50 +0200, Johannes Berg wrote:
> > 
> > I still very much disagree with you and _will_ keep adding warnings to
> > the wireless stack. This would be one of those places where it's totally
> > warranted, because it's actually impossible that this happens, for it to
> > something else would have to be changed to go wrong in how this is
> > called, for example.
> 
> And come to think of it, cases like this are exactly why some people
> decide to crash the system on warnings. It's things that the developers
> thought were impossible, but should be double-checked. If we stop
> putting warnings on such places, then the decision to crash on warnings
> becomes entirely meaningless. So seems to me that just lashing out
> against warnings all the time is actually detrimental to the intent of
> such configurations?

If you can detect a problem, like this, and properly handle the issue,
handle the issue, do NOT crash the machine which causes the issue to be
uable to be noticed at all (all that is noticed is that the machine
rebooted.)

Only do a WARN() if this is something that you can not recover from for
whatever reason (data is lost anyway, system is hosed, etc.)  If you
just sprinkle these WARN_ON() calls around to be defensive in the
programming, that's counter-productive as you are setting yourself up to
make angry users of the system if they ever fire.

I have no problem with logging the error/issue in the kernel log, but if
a wifi driver decides to panic the box for something that it did
properly detect and could handle just fine, that's just not nice.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ