From: Oliver Neukum <oneukum@suse.com>
To: Alan Stern <stern@rowland.harvard.edu>, Johan Hovold <johan@kernel.org>
Cc: gregkh@linuxfoundation.org, linux-usb@vger.kernel.org
Subject: USB: change dev_WARN to dev_err triggerable from user space
Date: Wed, 05 Sep 2018 09:40:23 +0200 [thread overview]
Message-ID: <1536133223.19040.1.camel@suse.com> (raw)
On Di, 2018-09-04 at 15:18 -0400, Alan Stern wrote:
> On Tue, 4 Sep 2018, Johan Hovold wrote:
>
> > On Tue, Sep 04, 2018 at 12:21:09PM +0200, Oliver Neukum wrote:
> > > On Di, 2018-09-04 at 11:31 +0200, Johan Hovold wrote:
> > > > On Tue, Sep 04, 2018 at 10:44:41AM +0200, Oliver Neukum wrote:
> > > > > For those people who run with panic_on_warn a WARN() triggered
> > > > > from user space is a DOS. It is worth returning to dev_err()
> > > >
> > > > I think this should be dev_warn() unless you want to bring back the
> > > > returning of errors on these conditions as well (i.e. as was the case
> > > > prior to 0cb54a3e47cb ("USB: debugging code shouldn't alter control
> > > > flow")).
> > >
> > > Should I? A warning in syslog is pretty hardcore, so I have no idea
> > > whether dev_warn() is enough.
> >
> > Perhaps there are two sides to this. If something really should not be
> > happening and needs to be addressed (i.e. it's a driver bug) that
> > dev_WARN is warranted. If user space can be pass in bogus flags that
> > gets propagated to USB core, perhaps those need to be sanitised sooner
> > (in the vain of "don't trust anything coming from user space").
>
> I'd go along with this. The usbfs code should fix or reject URBs
> submitted from userspace with bogus flags or an incorrect pipe value.
> (In fact, we already sanitize the flags to some extent, but we could do
> more: ISO_ASAP should apply only to isochronous URBs, and ZERO_PACKET
> should apply only to bulk-OUT URBS.)
>
> Similar errors coming from kernel drivers should be reported as actual
> bugs.
Very well, I am making a patch to do that.
Regards
Oliver
next reply other threads:[~2018-09-05 7:40 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-05 7:40 Oliver Neukum [this message]
-- strict thread matches above, loose matches on Subject: below --
2018-09-04 19:18 USB: change dev_WARN to dev_err triggerable from user space Alan Stern
2018-09-04 11:15 Johan Hovold
2018-09-04 10:21 Oliver Neukum
2018-09-04 9:31 Johan Hovold
2018-09-04 8:44 Oliver Neukum
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1536133223.19040.1.camel@suse.com \
--to=oneukum@suse.com \
--cc=gregkh@linuxfoundation.org \
--cc=johan@kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).