lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20081105.013148.156667310.davem@davemloft.net>
Date:	Wed, 05 Nov 2008 01:31:48 -0800 (PST)
From:	David Miller <davem@...emloft.net>
To:	herbert@...dor.apana.org.au
Cc:	adobriyan@...il.com, netdev@...r.kernel.org
Subject: Re: [PATCH] Fix ESP SA loading (by default)

From: Herbert Xu <herbert@...dor.apana.org.au>
Date: Mon, 3 Nov 2008 09:04:31 +0800

> On Mon, Nov 03, 2008 at 03:16:43AM +0300, Alexey Dobriyan wrote:
> >
> > Keep in mind that the only error message is "line N: returned (null)"
> > from setkey(8) or something like that and no SA created.
> > 
> > It took me full printk session to realize what's going on.
> 
> As our error passing really sucks, I'm happy to accept a patch
> to crypto_alloc_tfm which prints out a message if it fails.

As we've discussed several times it's not "passing" errors
that sucks, it's the fact that we use the same traditional
UNIX error codes for a thousand different errors. :-)

I really think we should explore the idea where the current
process can get tagged with a string when an error is going
to be returned.  Something like:

	const char *error_desc;

in the task_struct.

So when you return an error, you also can mark the task with
some descriptive text that describes what is wrong.

A task is guarenteed that when an error returns from a system
call and the very next system call they make is "sys_get_error"
or whatever we'll call it, they will the correct value of
current->error_desc

This way you don't just get "-EINVAL" returned from a
complicated IPSEC configuration operation request.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ