lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-Id: <CF098634-2186-4F36-9B71-D91BCE94AA25@dilger.ca> Date: Tue, 24 Feb 2015 22:40:17 -0700 From: Andreas Dilger <adilger@...ger.ca> To: Konstantin Khlebnikov <khlebnikov@...dex-team.ru> Cc: "Darrick J. Wong" <darrick.wong@...cle.com>, Ext4 Developers List <linux-ext4@...r.kernel.org>, Theodore Ts'o <tytso@....edu> Subject: Re: [PATCH] debugfs/set_fields: fix several errors and add assertions On Feb 24, 2015, at 9:24 PM, Darrick J. Wong <darrick.wong@...cle.com> wrote: > > On Tue, Feb 24, 2015 at 03:46:11PM +0300, Konstantin Khlebnikov wrote: >> Fix copy-n-paste errors: >> * remove duplicate "lastcheck" and "min_extra_isize" >> * fix pointer for "first_error_line" and "last_error_line" >> * remove superblock field "inodes_count" from inode fields >> * add null-termination for mmp_fields >> >> Add assertions for catching such errors in the future. >> Mark true aliases with flag "FLAG_ALIAS" and suppress assert for them. >> >> Signed-off-by: Konstantin Khlebnikov <khlebnikov@...dex-team.ru> >> --- >> debugfs/set_fields.c | 65 ++++++++++++++++++++++++++++++++++++++++++-------- >> 1 file changed, 55 insertions(+), 10 deletions(-) >> >> diff --git a/debugfs/set_fields.c b/debugfs/set_fields.c >> index 60695ad..1af7d0f 100644 >> --- a/debugfs/set_fields.c >> +++ b/debugfs/set_fields.c >> @@ -30,6 +30,7 @@ >> #ifdef HAVE_ERRNO_H >> #include <errno.h> >> #endif >> +#include <assert.h> >> #if HAVE_STRINGS_H >> #include <strings.h> >> #endif >> @@ -50,6 +51,7 @@ static ext2_ino_t set_ino; >> static int array_idx; >> >> #define FLAG_ARRAY 0x0001 >> +#define FLAG_ALIAS 0x0002 /* Data intersects with other field */ >> >> struct field_set_info { >> const char *name; >> @@ -110,7 +112,6 @@ static struct field_set_info super_fields[] = { >> { "uuid", &set_sb.s_uuid, NULL, 16, parse_uuid }, >> { "volume_name", &set_sb.s_volume_name, NULL, 16, parse_string }, >> { "last_mounted", &set_sb.s_last_mounted, NULL, 64, parse_string }, >> - { "lastcheck", &set_sb.s_lastcheck, NULL, 4, parse_uint }, >> { "algorithm_usage_bitmap", &set_sb.s_algorithm_usage_bitmap, NULL, >> 4, parse_uint }, >> { "prealloc_blocks", &set_sb.s_prealloc_blocks, NULL, 1, parse_uint }, >> @@ -135,7 +136,6 @@ static struct field_set_info super_fields[] = { >> { "want_extra_isize", &set_sb.s_want_extra_isize, NULL, 2, parse_uint }, >> { "flags", &set_sb.s_flags, NULL, 4, parse_uint }, >> { "raid_stride", &set_sb.s_raid_stride, NULL, 2, parse_uint }, >> - { "min_extra_isize", &set_sb.s_min_extra_isize, NULL, 4, parse_uint }, >> { "mmp_interval", &set_sb.s_mmp_update_interval, NULL, 2, parse_uint }, >> { "mmp_block", &set_sb.s_mmp_block, NULL, 8, parse_uint }, >> { "raid_stripe_width", &set_sb.s_raid_stripe_width, NULL, 4, parse_uint }, >> @@ -159,19 +159,18 @@ static struct field_set_info super_fields[] = { >> { "first_error_ino", &set_sb.s_first_error_ino, NULL, 4, parse_uint }, >> { "first_error_block", &set_sb.s_first_error_block, NULL, 8, parse_uint }, >> { "first_error_func", &set_sb.s_first_error_func, NULL, 32, parse_string }, >> - { "first_error_line", &set_sb.s_first_error_ino, NULL, 4, parse_uint }, >> + { "first_error_line", &set_sb.s_first_error_line, NULL, 4, parse_uint }, >> { "last_error_time", &set_sb.s_last_error_time, NULL, 4, parse_time }, >> { "last_error_ino", &set_sb.s_last_error_ino, NULL, 4, parse_uint }, >> { "last_error_block", &set_sb.s_last_error_block, NULL, 8, parse_uint }, >> { "last_error_func", &set_sb.s_last_error_func, NULL, 32, parse_string }, >> - { "last_error_line", &set_sb.s_last_error_ino, NULL, 4, parse_uint }, >> + { "last_error_line", &set_sb.s_last_error_line, NULL, 4, parse_uint }, >> { "encrypt_algos", &set_sb.s_encrypt_algos, NULL, 1, parse_uint, >> FLAG_ARRAY, 4 }, >> { 0, 0, 0, 0 } >> }; >> >> static struct field_set_info inode_fields[] = { >> - { "inodes_count", &set_sb.s_inodes_count, NULL, 4, parse_uint }, >> { "mode", &set_inode.i_mode, NULL, 2, parse_uint }, >> { "uid", &set_inode.i_uid, &set_inode.osd2.linux2.l_i_uid_high, >> 2, parse_uint }, >> @@ -189,7 +188,8 @@ static struct field_set_info inode_fields[] = { >> { "flags", &set_inode.i_flags, NULL, 4, parse_uint }, >> { "version", &set_inode.osd1.linux1.l_i_version, >> &set_inode.i_version_hi, 4, parse_uint }, >> - { "translator", &set_inode.osd1.hurd1.h_i_translator, NULL, 4, parse_uint }, >> + { "translator", &set_inode.osd1.hurd1.h_i_translator, NULL, >> + 4, parse_uint, FLAG_ALIAS }, >> { "block", &set_inode.i_block[0], NULL, 4, parse_uint, FLAG_ARRAY, >> EXT2_NDIR_BLOCKS }, >> { "block[IND]", &set_inode.i_block[EXT2_IND_BLOCK], NULL, 4, parse_uint }, >> @@ -199,14 +199,14 @@ static struct field_set_info inode_fields[] = { >> /* Special case: i_file_acl_high is 2 bytes */ >> { "file_acl", &set_inode.i_file_acl, >> &set_inode.osd2.linux2.l_i_file_acl_high, 6, parse_uint }, >> - { "dir_acl", &set_inode.i_dir_acl, NULL, 4, parse_uint }, >> + { "dir_acl", &set_inode.i_dir_acl, NULL, 4, parse_uint, FLAG_ALIAS }, >> { "faddr", &set_inode.i_faddr, NULL, 4, parse_uint }, >> - { "frag", &set_inode.osd2.hurd2.h_i_frag, NULL, 1, parse_uint }, >> + { "frag", &set_inode.osd2.hurd2.h_i_frag, NULL, 1, parse_uint, FLAG_ALIAS }, >> { "fsize", &set_inode.osd2.hurd2.h_i_fsize, NULL, 1, parse_uint }, >> { "checksum", &set_inode.osd2.linux2.l_i_checksum_lo, >> &set_inode.i_checksum_hi, 2, parse_uint }, >> { "author", &set_inode.osd2.hurd2.h_i_author, NULL, >> - 4, parse_uint }, >> + 4, parse_uint, FLAG_ALIAS }, >> { "extra_isize", &set_inode.i_extra_isize, NULL, >> 2, parse_uint }, >> { "ctime_extra", &set_inode.i_ctime_extra, NULL, >> @@ -262,7 +262,8 @@ static struct field_set_info ext4_bg_fields[] = { >> }; >> >> static struct field_set_info mmp_fields[] = { >> - { "clear", &set_mmp.mmp_magic, NULL, sizeof(set_mmp), parse_mmp_clear }, >> + { "clear", &set_mmp.mmp_magic, NULL, sizeof(set_mmp), >> + parse_mmp_clear, FLAG_ALIAS }, >> { "magic", &set_mmp.mmp_magic, NULL, 4, parse_uint }, >> { "seq", &set_mmp.mmp_seq, NULL, 4, parse_uint }, >> { "time", &set_mmp.mmp_time, NULL, 8, parse_uint }, >> @@ -272,8 +273,52 @@ static struct field_set_info mmp_fields[] = { >> parse_string }, >> { "check_interval", &set_mmp.mmp_check_interval, NULL, 2, parse_uint }, >> { "checksum", &set_mmp.mmp_checksum, NULL, 4, parse_uint }, >> + { 0, 0, 0, 0 } > > Looks good so far. > >> }; >> >> +static void do_verify_field_set_info(struct field_set_info *fields, >> + const void *data, size_t size) >> +{ >> + struct field_set_info *ss, *ss2; >> + const char *begin = (char *)data; >> + const char *end = begin + size; >> + >> + for (ss = fields ; ss->name ; ss++) { >> + const char *ptr; >> + >> + /* Check pointers */ >> + ptr = ss->ptr; >> + assert(!ptr || (ptr >= begin && ptr < end)); >> + ptr = ss->ptr2; >> + assert(!ptr || (ptr >= begin && ptr < end)); >> + >> + /* Check function */ >> + assert(ss->func); >> + >> + for (ss2 = fields ; ss2 != ss ; ss2++) { >> + /* Check duplicate names */ >> + assert(strcmp(ss->name, ss2->name)); >> + >> + if (ss->flags & FLAG_ALIAS || ss2->flags & FLAG_ALIAS) >> + continue; >> + /* Check false aliases, might be copy-n-paste error */ >> + assert(!ss->ptr || (ss->ptr != ss2->ptr && >> + ss->ptr != ss2->ptr2)); >> + assert(!ss->ptr2 || (ss->ptr2 != ss2->ptr && >> + ss->ptr2 != ss2->ptr2)); >> + } >> + } >> +} >> + >> +static __attribute__((constructor)) void verify_field_set_info(void) >> +{ >> + do_verify_field_set_info(super_fields, &set_sb, sizeof(set_sb)); >> + do_verify_field_set_info(inode_fields, &set_inode, sizeof(set_inode)); >> + do_verify_field_set_info(ext2_bg_fields, &set_gd, sizeof(set_gd)); >> + do_verify_field_set_info(ext4_bg_fields, &set_gd4, sizeof(set_gd4)); >> + do_verify_field_set_info(mmp_fields, &set_mmp, sizeof(set_mmp)); >> +} > > This ought to be run along with the 'make check' testcases, since they're > already looking for errors there. > > Also, does running this on /every/ debugfs invocation slow down startup > noticeably? Just idle curiosity. :) Many sources in e2fsprogs have compile-time test code that can be used to test something like this. They are enabled under "#ifdef DEBUG", for example lib/ext2fs/icount.c is built as "tst_icount" with -DDEBUG in order to test its functionality with "make check" rather than running this test for every normal invocation: tst_icount: $(srcdir)/icount.c $(STATIC_LIBEXT2FS) $(DEPSTATIC_LIBCOM_ERR) $(E) " LD $@" $(Q) $(CC) -o tst_icount $(srcdir)/icount.c -DDEBUG $(ALL_CFLAGS) \ $(STATIC_LIBEXT2FS) $(STATIC_LIBCOM_ERR) $(SYSLIBS) In e2fsck/problem.c is a similar functionality under "#ifdef UNITTEST" to build the tst_problem binary for "make check" to verify that there are no duplicate problem codes defined. I'm not sure if Ted has a preference between DEBUG and UNITTEST, but that is definitely preferable to running this for every debugfs invocation. Cheers, Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists