Received: by 10.192.165.148 with SMTP id m20csp5071177imm;
        Tue, 24 Apr 2018 13:11:02 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZpLYGB4T+J9mHWQX7OJDZ4Cakq0nhLBKp6nZdsyChLLaF9SDoZJinOKDjSx8HyLx0EQ2DyY
X-Received: by 2002:a17:902:d913:: with SMTP id c19-v6mr2336707plz.229.1524600662670;
        Tue, 24 Apr 2018 13:11:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1524600662; cv=none;
        d=google.com; s=arc-20160816;
        b=LJ2gOflmSt8ev9Ehd9V6eqjrpsTInjGOIvXcuv0IEIIRUj1V7WRdvUCEqHMmUofwJf
         1KavukVQ56C9ipYIYDGuknkdySS6k07gadnuJDA+aJYgtXn10kpP6/aQ6zjydZzJirRl
         XCOLJzzMaWfTQittwj2Cu32+UcCeR3WIm1AXu1MjfoPofrQQSExH2liN4VI+EETcyPPj
         eANbkErU1VOi86NQNNe9EakVZHc9J5xOk8CJrd2HQVdfMGdStXkdvjcWDU7cyVreffP9
         /BFiaJUGxb+8NR6D/qNrf+pM0qCagRXTWNyPDg7xNWC3Ui1saKgw1vWzaXAA3Uixr168
         hb7g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=1AzYsEusJnjbpCN63PRR5Bh2ap3ZWjGS2AO9QDNcbIM=;
        b=gLFCclzhwFB7adBmIJshOjY1SNwUEFo/j9AFDkEq9RpWl/tzBRAGheNLAdkj8qvNP9
         A5Bs3NLJ7hKeJ+pNm4EUvScU2OzrcT3z6uD/tSNCTJMU61Li4rkXYfK3/+PZR2DacBm3
         o2suVylKnZ1WKuvhehxsokBAfdS0yvMotGLMiLtLjGeCcmA2z66xaZcCOFZpBHyN4oKs
         wo7Xq39eqz0R4Qi8ch8hDQKSvvMGaVtSp8uTSbh/jqqhMBaodKOsQ5IkQsWKlkI45stg
         TKwodffIX1ZWsoI72snNonl2Dt8yyWud980QSdS7tV8Rd/3YZjd1/yC1JT0WZIpZMG+x
         S33Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=SeKDQZYC;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y86si13763194pfa.243.2018.04.24.13.10.39;
        Tue, 24 Apr 2018 13:11:02 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=SeKDQZYC;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1750862AbeDXUJL (ORCPT <rfc822;testajctc@gmail.com> + 99 others);
        Tue, 24 Apr 2018 16:09:11 -0400
Received: from mail-pf0-f194.google.com ([209.85.192.194]:41334 "EHLO
        mail-pf0-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1750739AbeDXUJJ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 24 Apr 2018 16:09:09 -0400
Received: by mail-pf0-f194.google.com with SMTP id v63so3600734pfk.8;
        Tue, 24 Apr 2018 13:09:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=1AzYsEusJnjbpCN63PRR5Bh2ap3ZWjGS2AO9QDNcbIM=;
        b=SeKDQZYClQ3PRJmrL3XVY966oJ8ElVSEXU3P5VbAkOHniQySMDg0AMx4Vb7RrfWdvA
         tQLgexk5oMMEius61FnP7AuVDN4tQfKHNdMtkN3jLhC3s1Ur/W5WiAJOle55WlKNT+G1
         h7Z3B3Lg1YX7pVdt1o4ewUIgnWxAvUjw8rT76FcQtlQRzL7HDCNVf16drTswZVDFPA8q
         xNM9m8fykKxb371GE+fTD2994tHB0dDHq+CeE3T5d5oTEnNGxL+gSj72CAAfeQAqN8im
         IkKc5Z239sNZtHMjizeL8W/jsRUlci+62OR+xGOVe6mciJTlFAoDsTWHejQ6/CoLbtbq
         LL/Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=1AzYsEusJnjbpCN63PRR5Bh2ap3ZWjGS2AO9QDNcbIM=;
        b=aBcqkhnbhcrZFdY9KmkvsP3/OrGqs8qJtz8MNTDi2IL/7gUXJyQ3CtTNwcj2jq8Mwj
         IdBwl7mwJPWdC7ikX5C5V6M0H6yNSdepavhXaA13bWtT5sEcR+k/9842eVN79ItTXIhC
         2s/AlZCFen5LY5KhpVelGtdT8LefkqbfWNlv+7402MwZ4b7+ZXiPf6aI3h5lWSc3FzJG
         ZwK7nPYqiHTun31snei0lITr1Qop5cIjqZbpQqbdVimq1VRiG/cphmD+gpQ8j6soMf6X
         IC9J++U6/jXZphm8dsTN56QLkv3bTV2Y+s/53A9o+xf5M6X+MDQ+i1W4XBC0ranLMCUv
         b0JQ==
X-Gm-Message-State: ALQs6tDlD5vOvAudBadBK5WGnY+spBqGmumAAftA00lpe0alA3K4fPn3
        I4hiQTlecuOSt1cZC1VFMVw=
X-Received: by 2002:a17:902:51ce:: with SMTP id y72-v6mr25691755plh.157.1524600549151;
        Tue, 24 Apr 2018 13:09:09 -0700 (PDT)
Received: from gmail.com ([2620:15c:17:3:dc28:5c82:b905:e8a8])
        by smtp.gmail.com with ESMTPSA id e7sm22145218pgr.45.2018.04.24.13.09.08
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Tue, 24 Apr 2018 13:09:08 -0700 (PDT)
Date:   Tue, 24 Apr 2018 13:09:06 -0700
From:   Eric Biggers <ebiggers3@gmail.com>
To:     "Serge E. Hallyn" <serge@hallyn.com>
Cc:     Tycho Andersen <tycho@tycho.ws>,
        Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>,
        dhowells@redhat.com, keyrings@vger.kernel.org,
        linux-security-module@vger.kernel.org,
        linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com,
        jmorris@namei.org, Jason@zx2c4.com
Subject: Re: [PATCH 1/3] big key: get rid of stack array allocation
Message-ID: <20180424200906.GC174675@gmail.com>
References: <20180424010321.14739-1-tycho@tycho.ws>
 <20180424045015.GA4281@sol.localdomain>
 <20180424143539.GB3125@cisco>
 <201804242346.FHI69745.SQMHFVOOFLFOJt@I-love.SAKURA.ne.jp>
 <20180424145104.GC3125@cisco>
 <20180424195845.GB23575@mail.hallyn.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180424195845.GB23575@mail.hallyn.com>
User-Agent: Mutt/1.9.2 (2017-12-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Apr 24, 2018 at 02:58:45PM -0500, Serge E. Hallyn wrote:
> Quoting Tycho Andersen (tycho@tycho.ws):
> > On Tue, Apr 24, 2018 at 11:46:38PM +0900, Tetsuo Handa wrote:
> > > Tycho Andersen wrote:
> > > > > > +	if (unlikely(crypto_aead_ivsize(big_key_aead) != GCM_AES_IV_SIZE)) {
> > > > > > +		WARN(1, "big key algorithm changed?");
> > > 
> > > Please avoid using WARN() WARN_ON() etc.
> > > syzbot would catch it and panic() due to panic_on_warn == 1.
> > 
> > But it is really a programming bug in this case (and it seems better
> > than BUG()...). Isn't this exactly the sort of case we want to catch?
> > 
> > Tycho
> 
> Right - is there a url to some discussion about this?  Because not
> using WARN when WARN should be used, because it troubles a bot, seems
> the wrong solution.  If this *is* what's been agreed upon, then
> what is the new recommended thing to do here?
> 
> -serge

WARN() is for recoverable kernel bugs, which this is, so WARN() is correct here.
Fuzzers often find cases where WARN() is used on invalid user input or other
cases that are not kernel bugs, and then it has to be removed or replaced with
pr_warn().  But here it is appropriate.  Unfortunately a lot of developers still
seem confused; improving the comments in include/asm-generic/bug.h might help.

Eric