From: Oleg Nesterov <oleg@redhat.com>
To: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Cc: Ingo Molnar <mingo@elte.hu>,
Peter Zijlstra <peterz@infradead.org>,
Ananth N Mavinakayanahalli <ananth@in.ibm.com>,
Anton Arapov <anton@redhat.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/7] uprobes: Kill the pointless inode/uc checks in register/unregister
Date: Mon, 10 Dec 2012 20:12:32 +0100 [thread overview]
Message-ID: <20121210191232.GA32462@redhat.com> (raw)
In-Reply-To: <20121210061901.GF22164@linux.vnet.ibm.com>
On 12/10, Srikar Dronamraju wrote:
>
> * Oleg Nesterov <oleg@redhat.com> [2012-11-23 21:28:06]:
>
> > register/unregister verifies that inode/uc != NULL. For what?
> > This really looks like "hide the potential problem", the caller
> > should pass the valid data.
> >
>
> Agree that users should pass valid data.
> I do understand that we expect the users to be knowledge-able.
> Also users are routed thro in-kernel api that does this check.
>
> However from an api perspective, if a user passes invalid data, do we
> want the system to crash.
>
> Esp if kernel can identify that users has indeed passed wrong info. I do agree
> that users can still pass invalid data that kernel maynot be able to
> identify in most cases.
inode != NULL can't verify that it actually points to the valid inode,
NULL is only one example of invalid data.
I agree, sometimes it makes sense to protect against the stupid mistakes,
but if we want to check against NULL we should do
if (WARN_ON(!inode))
return;
Especially in uprobe_unregister(). The current code is really "hide
the possible problem" and nothing more. It is better to crash imho
than silently return.
> > register() also checks uc->next == NULL, probably to prevent the
> > double-register but the caller can do other stupid/wrong things.
>
> Users can surely do more stupid things. But this is again something that
> kernel can identify. By allowing a double-register of a consumer, thats
> already registered, we might end up allowing circular loop of consumers.
I understand. But in this case we should document that uc->next must
be cleared before uprobe_register(). Or add init_consumer().
And we should change uprobe_unregister() to clear uc->next as well.
I think that the code like this
uprobe_register(uc);
uprobe_unregister(uc);
uprobe_register(uc);
should work. Currently it doesn't because of this check.
So I still think these checks are pointless and (at least in unregister)
even harmful.
But I won't insist too much, I can drop this patch if you do not change
your mind.
Oleg.
next prev parent reply other threads:[~2012-12-10 19:12 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-11-23 20:27 [PATCH 0/7] uprobes: register/unregister preparations for filtering Oleg Nesterov
2012-11-23 20:28 ` [PATCH 1/7] uprobes: Move __set_bit(UPROBE_SKIP_SSTEP) into alloc_uprobe() Oleg Nesterov
2012-12-10 5:56 ` Srikar Dronamraju
2012-11-23 20:28 ` [PATCH 2/7] uprobes: Kill the "uprobe != NULL" check in uprobe_unregister() Oleg Nesterov
2012-12-10 6:00 ` Srikar Dronamraju
2012-11-23 20:28 ` [PATCH 3/7] uprobes: Kill the pointless inode/uc checks in register/unregister Oleg Nesterov
2012-12-10 6:19 ` Srikar Dronamraju
2012-12-10 19:12 ` Oleg Nesterov [this message]
2012-12-13 10:35 ` Srikar Dronamraju
2012-12-13 13:15 ` Oleg Nesterov
2012-12-13 14:08 ` Srikar Dronamraju
2012-12-13 14:12 ` Srikar Dronamraju
2012-11-23 20:28 ` [PATCH 4/7] uprobes: Kill uprobe_consumer->filter() Oleg Nesterov
2012-12-10 12:02 ` Srikar Dronamraju
2012-11-23 20:28 ` [PATCH 5/7] uprobes: Introduce filter_chain() Oleg Nesterov
2012-11-24 16:08 ` Oleg Nesterov
2012-12-10 12:04 ` Srikar Dronamraju
2012-11-23 20:28 ` [PATCH 6/7] uprobes: _unregister() should always do register_for_each_vma(false) Oleg Nesterov
2012-11-23 20:28 ` [PATCH 7/7] uprobes: _register() should always do register_for_each_vma(true) Oleg Nesterov
2012-12-13 10:26 ` Srikar Dronamraju
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20121210191232.GA32462@redhat.com \
--to=oleg@redhat.com \
--cc=ananth@in.ibm.com \
--cc=anton@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=peterz@infradead.org \
--cc=srikar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.