| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2007 21:00:13 +0530 From: "Satyam Sharma" <satyam.sharma@...il.com> To: "Tejun Heo" <htejun@...il.com> Cc: "Gabriel C" <nix.or.die@...glemail.com>, "Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>, "Christoph Lameter" <clameter@....com>, gregkh@...e.de, miles.lane@...il.com Subject: Re: [PATCH] sysfs: kill an extra put in sysfs_create_link() failure path On 7/18/07, Satyam Sharma <satyam.sharma@...il.com> wrote: > Hi, > > On 7/18/07, Tejun Heo <htejun@...il.com> wrote: > > Satyam Sharma wrote: > > > On 7/18/07, Tejun Heo <htejun@...il.com> wrote: > > >> There is a subtle bug in sysfs_create_link() failure path. When > > >> symlink creation fails because there's already a node with the same > > >> name, the target sysfs_dirent is put twice - once by failure path of > > >> sysfs_create_link() and once more when the symlink is released. > > > > > > The "symlink" is released? But the creation of the symlink is > > > precisely what failed here ... did it not? > > > > > >> Fix it by making only the symlink node responsible for putting > > >> target_sd. > > > > > > And again ... the changelog sounds confusing indeed, perhaps I'm > > > not familiar enough with sysfs symlink-related terminology/semantics. > > > Care to elaborate? BTW, please do explain this one to me, if you can find the time :-) > > > Wow. This looks like a very mysterious way to fix a mysterious bug :-) > > > BTW I just looked over at sysfs_create_link() and ... it looks quite ... > > > unnecessarily complicated/obfuscated ... > > > > Well, I dunno. Probably my taste just sucks. Please feel free to > > submit patches and/or suggest better ideas. > > OK, for example: > > sysfs_find_dirent() -- to check for -EEXIST -- should be called > *before* we create the new dentry for the to-be-created symlink > in the first place. [ It's weird to grab a reference on the target > for ourselves (and in fact even allocate the new dirent for the > to-be-created symlink) and /then/ check for erroneous usage, > and then go about undoing all that we should never have done > at all. ] So this test could, and should, be made earlier, IMHO. A trivial nit: The cleanup ignores the return of sysfs_addrm_finish() -- functions such as those could and should be void-returning. It doesn't even need to return an int for success / failure ... I went over it's code, and it's obvious that the function just never fails! Returning the count of objects actually added / removed is quite redundant too, because we return "actx->cnt" unconditionally from inside it, and the caller can know that anyway, without even calling it. Also, note that nowhere in the present code is the return of that function ever being used in that sense (i.e. as a "count") anyway ... So: best to just make it void-returning. That's what it is. Satyam - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists