lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 6 Aug 2009 22:54:06 -0400 (EDT)
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Li Zefan <lizf@...fujitsu.com>
cc:	Frédéric Weisbecker <f.weisbecker@...il.com>,
	Ingo Molnar <mingo@...e.hu>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 3/3] tracing/filters: Support filtering for char *
 strings


On Fri, 7 Aug 2009, Li Zefan wrote:

> >>  	if (is_string_field(field)) {
> >> +		pred->str_len = field->size;
> >> +
> >>  		if (field->filter_type == FILTER_STATIC_STRING)
> >>  			fn = filter_pred_string;
> >> -		else
> >> +		else if (field->filter_type == FILTER_DYN_STRING)
> >>  			fn = filter_pred_strloc;
> >> -		pred->str_len = field->size;
> >> +		else {
> >> +			fn = filter_pred_pchar;
> >> +			pred->str_len = strlen(pred->str_val);
> >> +		}
> > 
> > I'm a little dense here, where do we protect against someone making a 
> > tracepoint that points to unsafe data?
> > 
> 
> We can't prevent anyone from doing insane things deliberately, but
> we prevent from doing wrong things unconsciously.
> 
> Only if a TRACE_EVENT has a field defined as:
> 
> 	__field_ext(char *, name, FILTER_PTR_STR)
> 
> Here using FILTER_PTR_STR explicitly, he should know what he's doing.
> 
> Anyway, he can make a ptr pointing to unsafe data this way:
> 
> 	TP_STRUCT__entry(
> 		__field(char *, name)
> 	)
> 	TP_printk("%s", name)

I guess the thing I'm missing is what's the difference of the two? Why 
would a developer use __field_ext instead of doing it the unsafe way of 
just __field?

I guess I don't see the developer doing something wrong unconsciously. 
Well maybe I don't see this making the developer do it right 
unconsciously.

What protection is this giving us?

-- Steve

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists