lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ab203d1c-7a56-4d44-813d-e4a884bf4e43@lunn.ch>
Date: Mon, 6 Oct 2025 18:21:49 +0200
From: Andrew Lunn <andrew@...n.ch>
To: Pavan Chebbi <pavan.chebbi@...adcom.com>
Cc: Jakub Kicinski <kuba@...nel.org>, jgg@...pe.ca,
	Michael Chan <michael.chan@...adcom.com>,
	Dave Jiang <dave.jiang@...el.com>,
	Saeed Mahameed <saeedm@...dia.com>,
	Jonathan Cameron <Jonathan.Cameron@...wei.com>,
	"David S . Miller" <davem@...emloft.net>,
	Jonathan Corbet <corbet@....net>,
	Eric Dumazet <edumazet@...gle.com>,
	Andrew Gospodarek <gospo@...adcom.com>,
	Linux Netdev List <netdev@...r.kernel.org>,
	Paolo Abeni <pabeni@...hat.com>,
	Andrew Lunn <andrew+netdev@...n.ch>,
	Selvin Xavier <selvin.xavier@...adcom.com>,
	Leon Romanovsky <leon@...nel.org>,
	Kalesh Anakkur Purayil <kalesh-anakkur.purayil@...adcom.com>
Subject: Re: [PATCH net-next v4 0/5] bnxt_fwctl: fwctl for Broadcom Netxtreme
 devices

On Tue, Sep 30, 2025 at 05:55:38AM +0530, Pavan Chebbi wrote:
> 
> 
> On Tue, 30 Sept, 2025, 12:16 am Jakub Kicinski, <kuba@...nel.org> wrote:
> 
>     On Sun, 28 Sep 2025 12:05:36 +0530 Pavan Chebbi wrote:
>     > Dear maintainers, my not-yet-reviewed v4 series is moved to 'Changes
>     Requested'.
>     > I am not sure if I missed anything. Can you pls help me know!
> 
>     There is
> 
>     drivers/fwctl/bnxt/main.c:303:14-21: WARNING opportunity for memdup_user
> 
> 
> Shouldn't it be treated more as a suggestion than a real warning? Are you
> insisting that I should change to use it? 

There is some danger of "Cannot see the forest for the trees". If you
ignore this warning, are you going to miss other warnings which should
be addressed because you have got used to just ignoring warnings? It
is much better if your code is totally free of warnings.

	Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ