Re: [PATCH] kernel/groups.c: consider about NULL for 'group_info' in all related extern functions

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Chen Gang <gang.chen@asianux.com>
To: Tejun Heo <tj@kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	Michael Kerrisk <mtk.manpages@gmail.com>
Subject: Re: [PATCH] kernel/groups.c: consider about NULL for 'group_info' in all related extern functions
Date: Fri, 27 Sep 2013 09:30:13 +0800	[thread overview]
Message-ID: <5244DFA5.5090200@asianux.com> (raw)
In-Reply-To: <20130926131544.GB31249@mtj.dyndns.org>

On 09/26/2013 09:15 PM, Tejun Heo wrote:
> Hello, Chen.
> 
> On Thu, Sep 26, 2013 at 02:30:31PM +0800, Chen Gang wrote:
>>> Oh, not cause issue, the reason is "'groups' exports extern variable
>>> 'init_groups', when start process, default 'cred' will set it to be
>>> sure of groups always be initialized".
>>>
>>> Hmm... but after all, I still think this file need be improved: "remove
>>> the group_info checking in groups_search()", please help check, thanks.
> 
> Given the track record upto this point and how marginal the benefit of
> the suggested change is, I'd rather not.  It's quite possible that we
> had specific issue where that extra conditional is necessary and I
> don't feel comfortable trusting your evaluation and analysis on the
> subject at the moment, so the benefit / risk ratio seems way off from
> my pov.
> 
>>>   If groups_alloc() fails, the caller must not call any related API again
>>>   with the related invalid 'group_info'.
>>>
>>>
>>> Signed-off-by: Chen Gang <gang.chen@asianux.com>
> 
> Nacked-by: Tejun Heo <tj@kernel.org>
> 

The caller should not 'generate' a new 'groups_info' by itself, so, if
invalid 'groups_info' should not pass to groups_free(), of cause it
should not pass groups_search(), either.

If permit passing an invalid 'groups_info' to groups_search(), caller
also can pass this invalid 'groups_info' to groups_free(), too.

The original author exported extern variable 'init_groups', that means
'groups' wants no duty to be sure 'group_info' whether valid, caller
should be sure of that (or it is caller's bug, not 'groups' bug).

In my opinion, it is enough to know 'groups' interface is inconsistent,
it needs improvement (in fact, I don't think it's a good idea to export
'init_groups', neither good to let caller sure of 'group_info' valid).

As an integrator or large source code maintainer, we cannot only depend
on testing, or tracing log, or some short directly causes; we also need
find and solve issues by checking sub-systems' interface or documents.

> Thanks.
> 

Thanks.
-- 
Chen Gang

next prev parent reply	other threads:[~2013-09-27  1:31 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-08-20  3:01 [PATCH] kernel/groups.c: consider about NULL for 'group_info' in all related extern functions Chen Gang
2013-08-20  3:03 ` Chen Gang
2013-09-03  5:23   ` Chen Gang
2013-09-23 15:06 ` Tejun Heo
2013-09-24  3:42   ` Chen Gang
2013-09-24  4:06     ` Tejun Heo
2013-09-24  4:27       ` Chen Gang
2013-09-24 12:04         ` Tejun Heo
2013-09-25  0:49           ` Chen Gang
2013-09-25  0:58             ` Tejun Heo
2013-09-25  1:06               ` Chen Gang
2013-09-25  1:14                 ` Tejun Heo
2013-09-25  1:47                   ` Chen Gang
2013-09-25  4:34                     ` Chen Gang
2013-09-26  5:58                       ` Chen Gang
2013-09-26  6:30                         ` Chen Gang
2013-09-26 13:15                           ` Tejun Heo
2013-09-27  1:30                             ` Chen Gang [this message]
2013-09-27  3:36                               ` Tejun Heo
2013-09-27  7:16                                 ` Chen Gang
2013-09-27 11:53                                   ` Tejun Heo
2013-09-27 12:19                                     ` Chen Gang
2013-09-29  2:50                                       ` Chen Gang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5244DFA5.5090200@asianux.com \
    --to=gang.chen@asianux.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mtk.manpages@gmail.com \
    --cc=tj@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox