lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 6 Aug 2009 22:54:06 -0400 (EDT) From: Steven Rostedt <rostedt@...dmis.org> To: Li Zefan <lizf@...fujitsu.com> cc: Frédéric Weisbecker <f.weisbecker@...il.com>, Ingo Molnar <mingo@...e.hu>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH 3/3] tracing/filters: Support filtering for char * strings On Fri, 7 Aug 2009, Li Zefan wrote: > >> if (is_string_field(field)) { > >> + pred->str_len = field->size; > >> + > >> if (field->filter_type == FILTER_STATIC_STRING) > >> fn = filter_pred_string; > >> - else > >> + else if (field->filter_type == FILTER_DYN_STRING) > >> fn = filter_pred_strloc; > >> - pred->str_len = field->size; > >> + else { > >> + fn = filter_pred_pchar; > >> + pred->str_len = strlen(pred->str_val); > >> + } > > > > I'm a little dense here, where do we protect against someone making a > > tracepoint that points to unsafe data? > > > > We can't prevent anyone from doing insane things deliberately, but > we prevent from doing wrong things unconsciously. > > Only if a TRACE_EVENT has a field defined as: > > __field_ext(char *, name, FILTER_PTR_STR) > > Here using FILTER_PTR_STR explicitly, he should know what he's doing. > > Anyway, he can make a ptr pointing to unsafe data this way: > > TP_STRUCT__entry( > __field(char *, name) > ) > TP_printk("%s", name) I guess the thing I'm missing is what's the difference of the two? Why would a developer use __field_ext instead of doing it the unsafe way of just __field? I guess I don't see the developer doing something wrong unconsciously. Well maybe I don't see this making the developer do it right unconsciously. What protection is this giving us? -- Steve -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists