lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 26 Feb 2009 07:46:55 -0500 (EST)
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Ingo Molnar <mingo@...e.hu>
cc:	Peter Zijlstra <peterz@...radead.org>,
	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Frederic Weisbecker <fweisbec@...il.com>,
	"H. Peter Anvin" <hpa@...or.com>
Subject: Re: [PATCH v2 0/5] [RFC] copy_strtok_from_user


On Thu, 26 Feb 2009, Ingo Molnar wrote:

> * Ingo Molnar <mingo@...e.hu> wrote:
> 
> > 
> > * Peter Zijlstra <peterz@...radead.org> wrote:
> > 
> > > On Thu, 2009-02-26 at 00:32 -0500, Steven Rostedt wrote:
> > > > This is the second series of the uaccess code.
> > > > 
> > > > Changes in v2:
> > > > 
> > > >  - moved probe_kernel_* functions to lib/uaccess.c
> > > > 
> > > >  - renamed copy_word_from_user to copy_strtok_from_user.
> > > > 
> > > >  - changed copy_strtok_from_user to pass in a delimiter string.
> > > >    ftrace defines SPACE to be ' \t\r\n'.
> > > > 
> > > > Ingo,
> > > > I added your copy right to lib/uaccess.c since git blame shows you
> > > > as the author of the probe_kernel_* code. Also, is it OK that I
> > > > added the "GPL v2" line in that file as well?
> > > > 
> > > > Andrew,
> > > > Since you are, in essence, the memory maintainer, could you give
> > > > your Acked-by: to the copy_strtok_from_user code.
> > > > 
> > > > The probe_kernel code is still EXPORT_SYMBOL_GPL, and I added
> > > > that too to copy_strtok_from_user. Are there any objections to that?
> > > 
> > > I have to ask,..
> > > 
> > > cant this be done with a regular copy_from_user() followed 
> > > by a regular strtok()? Do we really have to combine all 
> > > that?
> > 
> > yes. Note that strsep() is the preferred API. (in fact it's 
> > the only such string API that is in the kernel)
> 
> btw., for larger strings we cannot really copy into the kernel i 
> suspect. We'd have to kmalloc() and that adds overhead, etc.
> 
> Nevertheless, copy_strsep_from_user() would be the symmetric API 
> here.

not really. strsep stops at the first delimiter. strtok skips multiple 
delimiters. I could implement the copy_strtok_from_user with a 
copy_from_user (all of read), and then use strtok_r (reentrant version) to 
find the next token. This would require implementing strtok_r for the 
kernel.

Having the copy_strtok_from_user will handle the copying and the caller 
would not need to worry about having a big enough buffer to hold 
delimiters and tokens. The copy_strtok_from_user would copy first to an 
internal buffer, then scan for tokens to copy into the callers buffer. 
Then repeat until read or copy limits have been hit.

-- Steve

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ