Received: by 10.192.165.156 with SMTP id m28csp1010367imm; Mon, 16 Apr 2018 12:26:07 -0700 (PDT) X-Google-Smtp-Source: AIpwx48SE2Ykbj4MnkqPKZXWIE9K3055+OvqWoFYdADtKysbiGetrJ9Bu9xc2z8Y2jNEAyML+U3Y X-Received: by 2002:a17:902:24e:: with SMTP id 72-v6mr5519793plc.87.1523906767803; Mon, 16 Apr 2018 12:26:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523906767; cv=none; d=google.com; s=arc-20160816; b=CzmFtuFYuSHYztAZn42QYDhc3t77zfZ6FgMFvKOkcq/WIcu4M43fKos9lIcYKg279O psanQxyZaevteEJsnUcFKpGKZgjtqYnZwhKPuzE69WyuNtSNuyehhUJS2aNb0SCb2Vmz 4QegjP6TfawzRCaOVsgMvn5Zt7pBPXEBcNeuiCPJdQVv8NZeEMqWyora34V88CG74t6j DDVNXjonZs9PGzuLxZ0iQGfIjkeZkWedPXmon/JMQ2hSU2nZuOIWXd5rvLHoXBWFPZeT HR0V0bE4uxQj/Ae2TC/gGgmVxMRCK1v0Xy+1/p5S1SOWh4aQfxxRYwFWS997qDChRSgf UI6Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date :dmarc-filter:arc-authentication-results; bh=2B4h+mLjyoD+QYwGTdw4cZPvZ/Gi6HNYhMQ/JHSiMqo=; b=0IlVdd2AT20mO3zdwtFlaLXAtDgy+DO/221BvuPY4cfnEbiCG6I4OqyCj/Qww7hVz2 /na/8tj7wWsjKeJbygZfH643ClWcwq2pv0qiiZQEt9/BxR+NZR4L0L9NfA9Z12XUAZw5 vjB238WG7kfUBwtipnWmUqRwb+TN8lhFHzbLhIDhVHhn3hyoyCPBHFv8itbgC7FkyYo1 FQw9qG7nZ5RxAAk7zZOY707Se0hFHjF6H1AEUeTIL41SwALWvzT9++LmE4NI9z1T9FSF ZFoof69DKG9EbH7QKf4KhVKZCwYYB15FFDciYbLBkH2q7mCkHYk26IJHh7xylTVWn2O+ OkyQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q8si1956914pgf.293.2018.04.16.12.25.54; Mon, 16 Apr 2018 12:26:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753391AbeDPTYg (ORCPT + 99 others); Mon, 16 Apr 2018 15:24:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:48494 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752308AbeDPTYe (ORCPT ); Mon, 16 Apr 2018 15:24:34 -0400 Received: from gandalf.local.home (cpe-66-24-56-78.stny.res.rr.com [66.24.56.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A44D52175C; Mon, 16 Apr 2018 19:24:31 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org A44D52175C Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=goodmis.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=rostedt@goodmis.org Date: Mon, 16 Apr 2018 15:24:29 -0400 From: Steven Rostedt To: Linus Torvalds Cc: Sasha Levin , Pavel Machek , Petr Mladek , "stable@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "akpm@linux-foundation.org" , "linux-mm@kvack.org" , Cong Wang , Dave Hansen , Johannes Weiner , Mel Gorman , Michal Hocko , Vlastimil Babka , Peter Zijlstra , Jan Kara , Mathieu Desnoyers , Tetsuo Handa , Byungchul Park , Tejun Heo , Greg KH Subject: Re: [PATCH AUTOSEL for 4.14 015/161] printk: Add console owner and waiter logic to load balance console writes Message-ID: <20180416152429.529e3cba@gandalf.local.home> In-Reply-To: References: <20180416153031.GA5039@amd> <20180416155031.GX2341@sasha-vm> <20180416160608.GA7071@amd> <20180416122019.1c175925@gandalf.local.home> <20180416162757.GB2341@sasha-vm> <20180416163952.GA8740@amd> <20180416164310.GF2341@sasha-vm> <20180416125307.0c4f6f28@gandalf.local.home> <20180416170936.GI2341@sasha-vm> <20180416133321.40a166a4@gandalf.local.home> <20180416174236.GL2341@sasha-vm> <20180416142653.0f017647@gandalf.local.home> <20180416144117.5757ee70@gandalf.local.home> X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.32; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 16 Apr 2018 11:52:48 -0700 Linus Torvalds wrote: > On Mon, Apr 16, 2018 at 11:41 AM, Steven Rostedt wrote: > > > >I never said the second > > bug fix should not have been backported. I even said that the first bug > > "didn't go far enough". > > You're still not getting it. > > The "didn't go far enough" means that the bug fix is *BUGGY*. It needs > to be reverted. It wasn't reverted. Look at the code in question. Commit d63c7dd5bcb +++ b/drivers/scsi/ipr.c @@ -4003,13 +4003,12 @@ static ssize_t ipr_store_update_fw(struct device *dev, struct ipr_sglist *sglist; char fname[100]; char *src; - int len, result, dnld_size; + int result, dnld_size; if (!capable(CAP_SYS_ADMIN)) return -EACCES; - len = snprintf(fname, 99, "%s", buf); - fname[len-1] = '\0'; + snprintf(fname, sizeof(fname), "%s", buf); if (request_firmware(&fw_entry, fname, &ioa_cfg->pdev->dev)) { dev_err(&ioa_cfg->pdev->dev, "Firmware file %s not found\n", fname); The bug is that len returned by snprintf() can be much larger than 100. That fname[len-1] = '\0' can allow a user to decide where to write zeros. That patch never got reverted in mainline. It was fixed with this: Commit 21b81716c6bf --- a/drivers/scsi/ipr.c +++ b/drivers/scsi/ipr.c @@ -4002,6 +4002,7 @@ static ssize_t ipr_store_update_fw(struct device *dev, struct ipr_sglist *sglist; char fname[100]; char *src; + char *endline; int result, dnld_size; if (!capable(CAP_SYS_ADMIN)) @@ -4009,6 +4010,10 @@ static ssize_t ipr_store_update_fw(struct device *dev, snprintf(fname, sizeof(fname), "%s", buf); + endline = strchr(fname, '\n'); + if (endline) + *endline = '\0'; + if (request_firmware(&fw_entry, fname, &ioa_cfg->pdev->dev)) { dev_err(&ioa_cfg->pdev->dev, "Firmware file %s not found\n", fname); return -EIO; > > > I hope the answer was not to revert the bug and put back the possible > > bad memory access in to keep API. > > But that very must *IS* the answer. If there isn't a fix for the ABI > breakage, then the first bugfix needs to be reverted. It wasn't reverted and that was my point. It just wasn't a complete fix. And I'm saying that once the API breakage became apparent, the second fix should have been backported as well. I'm not saying that we should allow API breakage to fix a critical bug. I'm saying that the API breakage was really a secondary bug that needed to be addressed. My point is the first fix was NOT reverted! > > Really. There is no such thing as "but the fix was more important than > the bug it introduced". I'm not saying that. > > This is why we started with the whole "actively revert things that > introduce regressions". Because people always kept claiming that "but > but I fixed a worse bug, and it's better to fix the worse bug even if > it then introduces another problem, because the other problem is > lesser". > > NO. Right, but the fix to the API was also trivial. I don't understand why you are arguing with me. I agree with you. I'm talking about this specific instance. Where a bug was fixed, and the API breakage was another fix that needed to be backported. Are you saying if code could allow userspace to write zeros anywhere in memory, that we should keep it to allow API compatibility? > > We're better off making *no* progress, than making "unsteady progress". > > Really. Seriously. > > If you cannot fix a bug without introducing another one, don't do it. > Don't do kernel development. Um, I think that's impossible. As the example shows. Not many people would have caught the original fix would caused another bug. That requirement would pretty much keep everyone from ever doing any kernel development. > > The whole mentality you show is NOT ACCEPTABLE. > > So the *only* answer is: "fix the bug _and_ keep the API". There is > no other choice. I agree. But that that wasn't the question. > > The whole "I fixed one problem but introduced another" is not how we > work. You should damn well know that. There are no excuses. > > And yes, sometimes that means jumping through hoops. But that's what > it takes to keep users happy. I'm talking about the given example of a simple memory bug that caused a very subtle breakage of API, which had another trivial fix that should be backported. I'm not sure that's what you were talking about. -- Steve