Re: [PATCH 6.1.y] drm/amdgpu: remove two invalid BUG_ON()s

Next message: Borislav Petkov: "Re: [PATCH] x86/entry: Zap the #VC entry user and kernel macros"
Previous message: Mikhail Gavrilov: "Re: [PATCH v2] dma-buf/udmabuf: skip redundant cpu sync to fix cacheline EEXIST warning"
In reply to: Greg Kroah-Hartman: "Re: [PATCH 6.1.y] drm/amdgpu: remove two invalid BUG_ON()s"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian König

Date: Thu Apr 23 2026 - 07:53:16 EST

On 4/23/26 13:40, Greg Kroah-Hartman wrote:
> On Thu, Apr 23, 2026 at 01:34:42PM +0200, Timur Kristóf wrote:
>> On Thursday, April 23, 2026 1:22:22 PM Central European Summer Time Greg
>> Kroah-Hartman wrote:
>>> On Wed, Apr 22, 2026 at 04:11:15PM +0200, Christian König wrote:
>>>> Those points are certainly valid.
>>>>
>>>> I've also up-streamed a patch which completely rejects userspace
>>>> submissions who try to use the CE.
>>>>
>>>> The problem is that those BUG_ON() can lead to a deny of service because
>>>> they crash the whole kernel.
>>>>
>>>> A BUG_ON() is only justified if it prevents even worse things to happen,
>>>> e.g. data corruption or it would crash later on anyway just not so
>>>> obvious on what is wrong.
>>>>
>>>> Otherwise we should use WARN_ON().
>>>
>>> WARN_ON() crashes the kernel as well when panic-on-warn is enabled, as
>>> it is in a few billion Linux systems :(
>>>
>>> As this commit is upstream, and in other stable trees, I'll apply this
>>> as it's not nice to have a simple way for userspace to crash the system.
>>>
>>> thanks,
>>>
>>> greg k-h
>>
>> Sounds reasonable, if you feel this improves stability.
>>
>> That being said, there are many other ways besides this one for userspace to
>> crash the system equally easily.
>
> Great, please fix up those as well :)

Yeah, trying to do so for the last 30years or so but it's like fighting windmills.

But how goes the saying? Security is not a state but a process.

Cheers,
Christian.