On Mon, May 3, 2010 at 10:29 PM, Kalle Valo <kvalo@xxxxxxxxxx> wrote: > "John W. Linville" <linville@xxxxxxxxxxxxx> writes: > >> From: Adel Gadllah <adel.gadllah@xxxxxxxxx> >> >> Currently it is a BUG_ON() which will hang the machine once triggered. > > Related to this: can we have a rule that no wireless driver should > ever use BUG_ON()? I think we could extend this even to cfg80211 and > mac80211. > > BUG_ON() is valid whenever there's a risk of corrupting data, for > example on a filesystem, but I really don't see the point of using > them in wireless drivers. They just make things miserable, especially > for the normal users. Printing a warning and handling the case as > gracefully as possible is much better IMHO. > One exception I can think of: major misconfiguration can cause a wireless device to DMA data into sensitive memory locations. When evidence of this is detected, it might make sense to BUG_ON() (especially if the bogus DMA operations can be exploited remotely to overwrite arbitrary memory addresses). However, in that case, the attacker may have already overwritten panic() with malicious code as well, so even this case doesn't hold. The other thing that comes to my mind is when there is a risk of physically frying the card, but given that BUG_ON() doesn't cut power to the PCI bus (at least not on x86 - dunno about other platforms), this one falls down pretty easily too. > -- > Kalle Valo > -- > To unsubscribe from this list: send the line "unsubscribe linux-wireless" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- Vista: [V]iruses, [I]ntruders, [S]pyware, [T]rojans and [A]dware. :-) -- To unsubscribe from this list: send the line "unsubscribe linux-wireless" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
