lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200801041030.43494.arvidjaar@mail.ru>
Date:	Fri, 4 Jan 2008 10:30:35 +0300
From:	Andrey Borzenkov <arvidjaar@...l.ru>
To:	Andrew Patterson <andrew.patterson@...com>
Cc:	Tejun Heo <teheo@...e.de>, Greg KH <greg@...ah.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, linux-hotplug@...r.kernel.org,
	bjorn.helgaas@...com
Subject: Re: Error returns not handled	correctly	by	sysfs.c:subsys_attr_store()

On Friday 04 January 2008, Andrew Patterson wrote:
> On Thu, 2008-01-03 at 17:17 -0700, Andrew Patterson wrote:
> > On Fri, 2008-01-04 at 09:07 +0900, Tejun Heo wrote:
> > > Hello,
> > > 
> > > Andrew Patterson wrote:
> > > > It looks like this is a shell issue.  After looking through the sysfs
> > > > code, I realized that this problem seems to be driven from user-land.
> > > > So I performed some experiments:
> > > > 
> > > >      1. Wrote a simple program that just used write(2) to write to the
> > > >         sysfs entry. This works fine.
> > > >      2. Used /bin/echo instead of the built-in echo command.  This too
> > > >         works fine.
> > > >      3. Tried several shells.  Zsh and Bash both fail.  Csh works fine.
> > > > 
> > > > I then ran strace on the following shell-script:
> > > > 
> > > > #!/bin/bash
> > > > 
> > > > echo x > allow_restart
> > > > echo y > allow_restart
> > > > echo z > allow_restart
> > > > 
> > > > and got:
> > > > 
> > > > # strace -e trace=write ~/tmp/tester.sh 
> > > > write(1, "x\n", 2)                      = -1 EINVAL (Invalid argument)
> > > > write(1, "x\n", 2)                      = -1 EINVAL (Invalid argument)
> > > > write(2, "/home/andrew/tmp/tester.sh: line"..., 
72/home/andrew/tmp/tester.sh: line 4: echo: write error: Invalid argument
> > > > ) = 72
> > > > write(1, "x\ny\n", 4)                   = -1 EINVAL (Invalid argument)
> > > > write(1, "x\ny\n", 4)                   = -1 EINVAL (Invalid argument)
> > > > write(2, "/home/andrew/tmp/tester.sh: line"..., 
72/home/andrew/tmp/tester.sh: line 5: echo: write error: Invalid argument
> > > > ) = 72
> > > > write(1, "x\ny\nz\n", 6)                = -1 EINVAL (Invalid argument)
> > > > write(1, "x\ny\nz\n", 6)                = -1 EINVAL (Invalid argument)
> > > > write(2, "/home/andrew/tmp/tester.sh: line"..., 
72/home/andrew/tmp/tester.sh: line 6: echo: write error: Invalid argument
> > > > ) = 72
> > > > write(1, "x\ny\nz\n", 6x
> > > > y
> > > > z
> > > > )                = 6
> > > > Process 3800 detached
> > > 
> > > Eeeeeeeekkkk.... That's scary.  Which distro are you using and what does
> > > 'bash --version' say?
> > 
> > IA64 Debian lenny.  
> > 
> > # bash --version
> > GNU bash, version 3.1.17(1)-release (ia64-unknown-linux-gnu)
> > 
> > # zsh --version 
> > zsh 4.3.4 (ia64-unknown-linux-gnu)
> > 
> > # csh --version
> > tcsh 6.14.00 (Astron) 2005-03-25 (ia64-unknown-linux) options
> > wide,nls,dl,al,kan,rh,nd,color,filec
> > 
> > I suppose I should try this an ia32 box again, and perhaps with some
> > other distros.  I am not sure what the kernel can do about this, but it
> > might be nice to report it to the shell maintainers.
> 
> Some further tests:
> 
> AMD running Debian lenny with i686 kernel -- fails.  
> Bash version = 3.1.17(1)
> 
> Intel running Ubuntu/gutsy with i686 kernel -- fails.
> Bash version = 3.2.25(1)
> 
> Itanium running SLES10 with ia64 kernel -- succeeds.
> Bash version = 3.1.17(1)
> 
> BTW, I found a way to reproduce this without modifying the kernel.
> The /sys/class/scsi_host/*/state sysfs store routine returns EINVAL if
> an invalid state is written. So just echo 2 bad values to the the state
> sysfs entry while running strace.
> 

I can't reproduce it using zsh either 4.3.4 as shipped by Mandriva or zsh CVS 
head. In both cases it echoes correct argument. Nor do I see double writes's in 
strace.

{pts/0}% sudo strace -e trace=write /tmp/foo # zsh 4.3.4
write(1, "x\n", 2)                      = -1 EINVAL (Invalid argument)
write(2, "/tmp/foo:echo:3: write error: \320\235"..., 72/tmp/foo:echo:3: write 
error: Недопустимый аргумент
) = 72
write(1, "y\n", 2)                      = -1 EINVAL (Invalid argument)
write(2, "/tmp/foo:echo:4: write error: \320\235"..., 72/tmp/foo:echo:4: write 
error: Недопустимый аргумент
) = 72
write(1, "z\n", 2)                      = -1 EINVAL (Invalid argument)
write(2, "/tmp/foo:echo:5: write error: \320\235"..., 72/tmp/foo:echo:5: write 
error: Недопустимый аргумент
) = 72
{pts/0}% sudo strace -e trace=write /tmp/foo # zsh CVS head
write(1, "x\n", 2)                      = -1 EINVAL (Invalid argument)
write(2, "/tmp/foo:echo:3: write error: \320\235"..., 72/tmp/foo:echo:3: write 
error: Недопустимый аргумент
) = 72
write(1, "y\n", 2)                      = -1 EINVAL (Invalid argument)
write(2, "/tmp/foo:echo:4: write error: \320\235"..., 72/tmp/foo:echo:4: write 
error: Недопустимый аргумент
) = 72
write(1, "z\n", 2)                      = -1 EINVAL (Invalid argument)
write(2, "/tmp/foo:echo:5: write error: \320\235"..., 72/tmp/foo:echo:5: write 
error: Недопустимый аргумент
) = 72

{pts/0}% cat /tmp/foo
#!/home/bor/pkg/bin/zsh -f

echo x > state
echo y > state
echo z > state

where state is /sys/power/state


{pts/1}% zsh --version
zsh 4.3.4 (i586-mandriva-linux-gnu)
{pts/1}% ~/pkg/bin/zsh --version
zsh 4.3.4-dev-6 (i686-pc-linux-gnu)

-andrey

Download attachment "signature.asc " of type "application/pgp-signature" (198 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ