| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 29 Jan 2014 08:12:53 -0800 From: Eric Dumazet <eric.dumazet@...il.com> To: Oliver Hartkopp <socketcan@...tkopp.net> Cc: David Miller <davem@...emloft.net>, Linux Netdev List <netdev@...r.kernel.org>, Andre Naujoks <nautsch2@...il.com> Subject: Re: [PATCH stable 3.11+] can: use private sk reference to detect originating socket On Wed, 2014-01-29 at 14:44 +0100, Oliver Hartkopp wrote: > ps. I would suggest to move the BUG() in WARN_ON_ONCE() to fulfill the > requirement to detect a possible misuse but not kill the entire machine. > BUG() is intended to be used when there's no way to continue any reasonable > operation. Detecting and fixing this issue half a year after the "temporary > sanity check" has been integrated is a bad example for using BUG() IMO. I find worrying it took 6 months for CAN developers to hit this problem. A WARN_ON_ONCE() has almost no chance being noticed in the embedded world, and makes no pressure on developers to fix the bugs. Patch is 6 months old, and will be reverted when we have confidence that all offenders are fixed. Your feedback shows that we shall wait 10 years just to make sure, and maybe we wont revert it. All BUG() in the kernel have the property to potentially halt a perfectly working machine, at a bad time, yes. But they make us build a better kernel. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists