lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 07 Jan 2013 08:59:25 -0500
From:	Steven Rostedt <rostedt@...dmis.org>
To:	Namhyung Kim <namhyung@...nel.org>
Cc:	linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...nel.org>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Jovi Zhang <bookjovi@...il.com>,
	Srikar Dronamraju <srikar@...ux.vnet.ibm.com>
Subject: Re: [PATCH 3/3] tracing: Verify target file before registering a
 uprobe event

On Fri, 2013-01-04 at 13:30 +0900, Namhyung Kim wrote:
> Hi, Steve.
> 
> On Wed, 02 Jan 2013 17:50:38 -0500, Steven Rostedt wrote:
> > From: Jovi Zhang <bookjovi@...il.com>
> >
> > Without this patch, we can register a uprobe event for a directory.
> > Enabling such a uprobe event would fail anyway .
> >
> > Example:
> > $ echo 'p /bin:0x4245c0' > /sys/kernel/debug/tracing/uprobe_events
> >
> > However dirctories cannot be valid targets for uprobe.
> > Hence verify if the target is a regular file during the probe
> > registration.
> >
> > Signed-off-by: Jovi Zhang <bookjovi@...il.com>
> > Acked-by: Srikar Dronamraju <srikar@...ux.vnet.ibm.com>
> > Signed-off-by: Steven Rostedt <rostedt@...dmis.org>
> > ---
> >  kernel/trace/trace_uprobe.c |    6 +++++-
> >  1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/kernel/trace/trace_uprobe.c b/kernel/trace/trace_uprobe.c
> > index 03003cd..0815f25 100644
> > --- a/kernel/trace/trace_uprobe.c
> > +++ b/kernel/trace/trace_uprobe.c
> > @@ -257,6 +257,10 @@ static int create_trace_uprobe(int argc, char **argv)
> >  		goto fail_address_parse;
> >  
> >  	inode = igrab(path.dentry->d_inode);
> > +	 if (!S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode)) {
> 
> Doesn't !S_ISREG() include S_ISDIR() case too?

You're correct. Although I'm sure gcc should be smart enough to optimize
that out.

> 
> Anyway I can see an additional whitespace in front of the "if".

Yep, I forgot to run checkpatch on this. OK, this bug isn't that big of
a deal, so I'll take this patch out and put it into the 3.9 queue.

Thanks,

-- Steve

> 
> Thanks,
> Namhyung
> 
> 
> > +		ret = -EINVAL;
> > +		goto fail_address_parse;
> > +	}
> >  
> >  	argc -= 2;
> >  	argv += 2;
> > @@ -356,7 +360,7 @@ fail_address_parse:
> >  	if (inode)
> >  		iput(inode);
> >  
> > -	pr_info("Failed to parse address.\n");
> > +	pr_info("Failed to parse address or file.\n");
> >  
> >  	return ret;
> >  }


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ