On Fri, Jan 27, 2023 at 12:32:13AM +0200, Vladimir Oltean wrote: > On Thu, Jan 26, 2023 at 09:15:03PM +0200, Leon Romanovsky wrote: > > From: Leon Romanovsky <leonro@xxxxxxxxxx> > > > > In netdev common pattern, xxtack pointer is forwarded to the drivers > ~~~~~~ > extack > > > to be filled with error message. However, the caller can easily > > overwrite the filled message. > > > > Instead of adding multiple "if (!extack->_msg)" checks before any > > NL_SET_ERR_MSG() call, which appears after call to the driver, let's > > add this check to common code. > > > > [1] https://lore.kernel.org/all/Y9Irgrgf3uxOjwUm@unreal > > Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxx> > > --- > > I would somewhat prefer not doing this, and instead introducing a new > NL_SET_ERR_MSG_WEAK() of sorts. It means changing ALL error unwind places where extack was forwarded before to subfunctions. Places like this: ret = func(..., extack) if (ret) { NL_SET_ERR_MSG_MOD... return ret; } will need to be changed to something like this: ret = func(..., extack) if (ret) { NL_SET_ERR_MSG_WEAK... return ret; } > > The reason has to do with the fact that an extack is sometimes also > used to convey warnings rather than hard errors, for example right here > in net/dsa/slave.c: > > if (err == -EOPNOTSUPP) { > if (extack && !extack->_msg) > NL_SET_ERR_MSG_MOD(extack, > "Offloading not supported"); > NL_SET_ERR_MSG_MOD(extack, > "Offloading not supported"); > err = 0; > } > > Imagine (not the case here) that below such a "warning extack" lies > something like this: > > if (arg > range) { > NL_SET_ERR_MSG_MOD(extack, "Argument outside expected range"); > return -ERANGE; > } > > What you'll get is: > > Error: Offloading not supported (error code -ERANGE). > > whereas before, we relied on any NL_SET_ERR_MSG_MOD() call to overwrite > the "warning" extack, and that to only be shown on error code 0. Can we please discuss current code and not over-engineered case which doesn't exist in the reality? Even for your case, I would like to see NL_SET_ERR_MSG_FORCE() to explicitly say that message will be overwritten. Thanks
