lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2025111950-early-grumbly-b1e4@gregkh>
Date: Wed, 19 Nov 2025 16:27:29 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Clint George <clintbgeorge@...il.com>
Cc: stern@...land.harvard.edu, linux-usb@...r.kernel.org,
	linux-kernel@...r.kernel.org, david.hunter.linux@...il.com,
	linux-kernel-mentees@...ts.linux.dev, skhan@...uxfoundation.org,
	khalid@...nel.org
Subject: Re: [PATCH 1/8] usb: gadget: dummy_hcd: replace BUG() with
 WARN_ON_ONCE()

On Wed, Nov 19, 2025 at 06:38:33PM +0530, Clint George wrote:
> Replace BUG() with WARN_ON_ONCE() in dummy_validate_stream()
> when stream_id exceeds max_streams. This allows the kernel to
> continue running with a warning instead of crashing.

Nope, you still crashed given that BILLIONS of devices out there have
panic-on-warn enabled :(

> 
> Signed-off-by: Clint George <clintbgeorge@...il.com>
> ---
> 
> Testing:
> - The function dummy_validate_stream() was tested using a test module
>   that i created where i sent value of urb->stream_id greater than
>   max_streams. When using BUG(), the kernel-space used to crash but
>   after using WARN_ON_ONCE() the kernel-space does not crash and the
>   module terminates gracefully
> - Ensured that the module builds properly
> 
>  drivers/usb/gadget/udc/dummy_hcd.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/usb/gadget/udc/dummy_hcd.c b/drivers/usb/gadget/udc/dummy_hcd.c
> index 1cefca660..41b7b6907 100644
> --- a/drivers/usb/gadget/udc/dummy_hcd.c
> +++ b/drivers/usb/gadget/udc/dummy_hcd.c
> @@ -1254,7 +1254,7 @@ static int dummy_validate_stream(struct dummy_hcd *dum_hcd, struct urb *urb)
>  	if (urb->stream_id > max_streams) {
>  		dev_err(dummy_dev(dum_hcd), "Stream id %d is out of range.\n",
>  				urb->stream_id);
> -		BUG();
> +		WARN_ON_ONCE(1);

If this can actually be hit, PROPERLY HANDLE THE ISSUE!

Don't paper over bugs in the code, handle them correctly.  This change
does not do any of that as obviously the author thought that if the
code path got here, the system was so broken it needed to be halted.
Your change could cause it to continue on, in a very vulnerable state
(i.e. broken.)

So I can't take this, sorry.  Nor should you want me to take it :)

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ