From: Matthew Wilcox <willy@infradead.org>
To: Igor Stoppa <igor.stoppa@huawei.com>
Cc: J Freyensee <why2jjj.linux@gmail.com>,
david@fromorbit.com, keescook@chromium.org, mhocko@kernel.org,
labbott@redhat.com, linux-security-module@vger.kernel.org,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
kernel-hardening@lists.openwall.com
Subject: Re: [PATCH 2/7] genalloc: selftest
Date: Mon, 26 Feb 2018 11:12:35 -0800 [thread overview]
Message-ID: <20180226191235.GA24087@bombadil.infradead.org> (raw)
In-Reply-To: <20249e10-4a13-8084-bcf2-0f98497a755f@huawei.com>
On Mon, Feb 26, 2018 at 08:00:26PM +0200, Igor Stoppa wrote:
> On 26/02/18 19:46, J Freyensee wrote:
> > That's a good question. Based upon those articles, 'yes'. But it seems
> > like a 'darned-if-you-do, darned-if-you-don't' question as couldn't you
> > also corrupt a mounted filesystem by crashing the kernel, yes/no?
>
> The idea is to do it very early in the boot phase, before early init,
> when the kernel has not gotten even close to any storage device.
>
> > If you really want a system crash, maybe just do a panic() like
> > filesystems also use?
>
> ok, if that's a more acceptable way to halt the kernel, I do not mind.
panic() halts the kernel
BUG_ON() kills the thread
WARN_ON() just prints messages
Now, if we're at boot time and we're still executing code from the init
thread, killing init is equivalent to halting the kernel.
The question is, what is appropriate for test modules? I would say
WARN_ON is not appropriate because people ignore warnings. BUG_ON is
reasonable for development. panic() is probably not.
Also, calling BUG_ON while holding a lock is not a good idea; if anything
needs to acquire that lock to shut down in a reasonable fashion, it's
going to hang.
And there's no need to do something like BUG_ON(!foo); foo->wibble = 1;
Dereferencing a NULL pointer already produces a nice informative splat.
In general, we assume other parts of the kernel are sane and if they pass
us a NULL pool, it's no good returning -EINVAL, we may as well just oops
and let somebody else debug it.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2018-02-26 19:12 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-23 14:48 [RFC PATCH v17 0/7] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-23 14:48 ` [PATCH 1/7] genalloc: track beginning of allocations Igor Stoppa
2018-02-23 22:28 ` J Freyensee
2018-02-26 12:09 ` Igor Stoppa
2018-02-26 17:32 ` J Freyensee
2018-02-26 18:44 ` Igor Stoppa
2018-02-25 3:37 ` kbuild test robot
2018-02-23 14:48 ` [PATCH 2/7] genalloc: selftest Igor Stoppa
2018-02-23 22:42 ` J Freyensee
2018-02-26 12:11 ` Igor Stoppa
2018-02-26 17:46 ` J Freyensee
2018-02-26 18:00 ` Igor Stoppa
2018-02-26 19:12 ` Matthew Wilcox [this message]
2018-02-26 19:26 ` Igor Stoppa
2018-02-23 14:48 ` [PATCH 3/7] struct page: add field for vm_struct Igor Stoppa
2018-02-25 3:38 ` Matthew Wilcox
2018-02-26 16:37 ` Igor Stoppa
2018-02-23 14:48 ` [PATCH 4/7] Protectable Memory Igor Stoppa
2018-02-24 0:10 ` J Freyensee
2018-02-26 14:28 ` Igor Stoppa
2018-02-26 18:25 ` J Freyensee
2018-02-25 2:33 ` kbuild test robot
2018-02-23 14:48 ` [PATCH 5/7] Pmalloc selftest Igor Stoppa
2018-03-06 16:59 ` J Freyensee
2018-02-23 14:48 ` [PATCH 6/7] lkdtm: crash on overwriting protected pmalloc var Igor Stoppa
2018-02-25 3:46 ` kbuild test robot
2018-03-06 17:05 ` J Freyensee
2018-03-06 17:08 ` J Freyensee
2018-02-23 14:48 ` [PATCH 7/7] Documentation for Pmalloc Igor Stoppa
2018-02-24 0:26 ` J Freyensee
2018-02-26 15:39 ` Igor Stoppa
2018-02-26 18:32 ` J Freyensee
-- strict thread matches above, loose matches on Subject: below --
2018-02-28 20:06 [RFC PATCH v18 0/7] mm: security: ro protection for dynamic data Igor Stoppa
2018-02-28 20:06 ` [PATCH 2/7] genalloc: selftest Igor Stoppa
2018-03-05 19:37 ` J Freyensee
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180226191235.GA24087@bombadil.infradead.org \
--to=willy@infradead.org \
--cc=david@fromorbit.com \
--cc=igor.stoppa@huawei.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=labbott@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mhocko@kernel.org \
--cc=why2jjj.linux@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).