lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <m139b4khxv.fsf@fess.ebiederm.org>
Date:	Tue, 24 Jan 2012 11:40:28 -0800
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Peter Zijlstra <a.p.zijlstra@...llo.nl>
Cc:	Jiri Olsa <jolsa@...hat.com>, acme@...hat.com, mingo@...e.hu,
	paulus@...ba.org, cjashfor@...ux.vnet.ibm.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 5/9] perf: Add sysfs format attribute for pmu device

Peter Zijlstra <a.p.zijlstra@...llo.nl> writes:

> On Mon, 2012-01-23 at 16:33 +0100, Jiri Olsa wrote:
>>   
>> > > +static ssize_t perf_default_event_format(struct pmu *pmu, char *page)
>> > > +{
>> > > +	ssize_t ret;
>> > > +
>> > > +	ret  = sprintf(page,       "config  config:0-63\n");
>> > > +	ret += sprintf(page + ret, "config1 config1:0-63\n");
>> > > +	ret += sprintf(page + ret, "config2 config2:0-63\n");
>> > 
>> > This looks like abuse of sysfs.  The rule is one value per file.
>> > When you start adding newlines I can't see how this format attribute can
>> > be considered one value.
>> 
>> ops, missed that rule.. I think we can carry the syntax files
>> within perf, or have it builtin somehow.. or procfs? :) PeterZ?
>
> There's plenty of exceptions to this rule though and touching procfs is
> even less appreciated.

There may be exceptions but certainly not plenty of exceptions.

There is also a practical scaling problem.  You have to be careful
with how big you make that value before you have problems.

Perhaps what you want is a directory with a bunch of sysfs attributes?

All I know is I see buffer overflows waiting to happen whenever I look
at the code snippet above.

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ