Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758791Ab3DZJBi (ORCPT ); Fri, 26 Apr 2013 05:01:38 -0400 Received: from mail-wg0-f45.google.com ([74.125.82.45]:37645 "EHLO mail-wg0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932087Ab3DZJBf (ORCPT ); Fri, 26 Apr 2013 05:01:35 -0400 Message-ID: <517A426C.6020701@intel.com> Date: Fri, 26 Apr 2013 10:01:32 +0100 From: Matt Fleming Organization: Intel Corporation (UK) Ltd. - Registered No. 1134945 - Pipers Way, Swindon SN3 1RJ User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130329 Thunderbird/17.0.5 MIME-Version: 1.0 To: Ingo Molnar CC: Matthew Garrett , Linus Torvalds , "H. Peter Anvin" , Borislav Petkov , "H. Peter Anvin" , Ingo Molnar , Josh Boyer , Linux Kernel Mailing List , Paul Bolle , Thomas Gleixner Subject: Re: [GIT PULL] x86 fixes for 3.9 References: <201304252144.r3PLihDe025383@terminus.zytor.com> <1366928604.9976.3.camel@x230> <20130426072919.GA31557@gmail.com> In-Reply-To: <20130426072919.GA31557@gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1214 Lines: 25 On 26/04/13 08:29, Ingo Molnar wrote: > I'm worried about the fragility of this code - this is firmware code ... > > I think firmware code should be fundamentally paranoid and robust, and in > this case treat all EFI-provided data as hostile and do a much sanity > checking of it as possible - and provide an actionable error message if > the checks fail, not just 'crash'. > > Even if no-one complained, yet. I'm not sure how much more robust checking for NULL makes it, it's not going to save us from garbage pointers, etc. Instead of the pointer being NULL a more likely bug is that query_variable_info() exists (for those firmware that implement the relevant spec version), but doesn't work correctly. That's the kind of bug we've been seeing in other functions. To be fair to Josh, his original submission did include the NULL check, but I asked him to remove it. If someone really wants to re-add the check for a NULL pointer, I'm not super opposed to it. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/