[LinuxPPS] [PATCHv4 10/17] pps: use BUG_ON for kernel API safety checks

Sun Nov 21 09:41:16 CET 2010

On Sun, Nov 21, 2010 at 03:13:05AM +0300, Alexander Gordeev wrote:
> ?? Sat, 20 Nov 2010 17:13:51 +0100
> Rodolfo Giometti <giometti at enneenne.com> ??????????:
> 
> > On Thu, Nov 18, 2010 at 07:01:03PM +0300, Alexander Gordeev wrote:
> > > This way less overhead is involved when running production kernel.
> > > If you want to debug a pps client module please define DEBUG to enable
> > > the checks.
> > > 
> > > Signed-off-by: Alexander Gordeev <lasaine at lvk.cs.msu.su>
> > > ---
> > >  drivers/pps/kapi.c |   33 ++++++++++-----------------------
> > >  1 files changed, 10 insertions(+), 23 deletions(-)
> > > 
> > > diff --git a/drivers/pps/kapi.c b/drivers/pps/kapi.c
> > > index fe832aa..54261c4 100644
> > > --- a/drivers/pps/kapi.c
> > > +++ b/drivers/pps/kapi.c
> > > @@ -81,25 +81,14 @@ struct pps_device *pps_register_source(struct pps_source_info *info,
> > >  	int err;
> > >  
> > >  	/* Sanity checks */
> > > -	if ((info->mode & default_params) != default_params) {
> > > -		pr_err("pps: %s: unsupported default parameters\n",
> > > -					info->name);
> > > -		err = -EINVAL;
> > > -		goto pps_register_source_exit;
> > > -	}
> > > -	if ((info->mode & (PPS_ECHOASSERT | PPS_ECHOCLEAR)) != 0 &&
> > > -			info->echo == NULL) {
> > > -		pr_err("pps: %s: echo function is not defined\n",
> > > -					info->name);
> > > -		err = -EINVAL;
> > > -		goto pps_register_source_exit;
> > > -	}
> > > -	if ((info->mode & (PPS_TSFMT_TSPEC | PPS_TSFMT_NTPFP)) == 0) {
> > > -		pr_err("pps: %s: unspecified time format\n",
> > > -					info->name);
> > > -		err = -EINVAL;
> > > -		goto pps_register_source_exit;
> > > -	}
> > > +
> > > +	/* default_params should be supported */
> > > +	BUG_ON((info->mode & default_params) != default_params);
> > > +	/* echo function should be defined if we are asked to call it */
> > > +	BUG_ON((info->mode & (PPS_ECHOASSERT | PPS_ECHOCLEAR)) != 0 &&
> > > +			info->echo == NULL);
> > > +	/* time format should be specified */
> > > +	BUG_ON((info->mode & (PPS_TSFMT_TSPEC | PPS_TSFMT_NTPFP)) == 0);
> > 
> > Nack.
> > 
> > If the userland gives us some wrong parameters this is not the same of
> > a kernel bug (which BUG_ON is used for). The userland must be notified
> > about the wrong input.
> 
> I agree with what you said completely but this is not a user-space API.
> pps_register_source() can only be called from other kernel code.

Yes, but in turn pps_register_source() is called in a function called
from userspace. The user should know if he/she cannot safely register
his/her new PPS source.

The BUG_ON() should be used for a kernel bug like "Ehi! This can't
happen! Data are corrupted"... but here we are just checking some
input parameters.

Ciao,

Rodolfo

-- 

GNU/Linux Solutions                  e-mail: giometti at enneenne.com
Linux Device Driver                          giometti at linux.it
Embedded Systems                     phone:  +39 349 2432127
UNIX programming                     skype:  rodolfo.giometti
Freelance ICT Italia - Consulente ICT Italia - www.consulenti-ict.it