lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <5243D487.8000602@asianux.com>
Date:	Thu, 26 Sep 2013 14:30:31 +0800
From:	Chen Gang <gang.chen@...anux.com>
To:	Tejun Heo <tj@...nel.org>
CC:	Andrew Morton <akpm@...ux-foundation.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Michael Kerrisk <mtk.manpages@...il.com>
Subject: Re: [PATCH] kernel/groups.c: consider about NULL for 'group_info'
 in all related extern functions

On 09/26/2013 01:58 PM, Chen Gang wrote:
> On 09/25/2013 12:34 PM, Chen Gang wrote:
>> On 09/25/2013 09:47 AM, Chen Gang wrote:
>>> On 09/25/2013 09:14 AM, Tejun Heo wrote:
>>>> On Wed, Sep 25, 2013 at 09:06:52AM +0800, Chen Gang wrote:
>>>>> OK, I see, the 'root cause' is: "you are not the related maintainer
>>>>> either", so it is really necessary for me to spend additional time
>>>>> resource on it :-(.
>>>>
>>>> Yeah, at least partly.  That and the fact that I'm not too willing to
>>>> dig into the code without further evidence.  It isn't anything strange
>>>> to ask tho and I'm likely to do that even for subsystems that I know
>>>> intimately if the subject code has been stable / stale for years and
>>>> the analysis doesn't seem immediately convincing.  And, if my
>>>> experience is anything to go by, it's not too unlikely that you might
>>>> hit something which doesn't agree with your current assumptions while
>>>> trying to actually trigger the problem.
>>>>
>>>> Thanks.
>>>>
> 
> Oh, not cause issue, the reason is "'groups' exports extern variable
> 'init_groups', when start process, default 'cred' will set it to be
> sure of groups always be initialized".
> 
> Hmm... but after all, I still think this file need be improved: "remove
> the group_info checking in groups_search()", please help check, thanks.
> 
> -------------------------------patch begin------------------------------
> 
> kernel/groups.c: remove useless "!group_info" checking in groups_search().
> 
>   Since groups_free() need not check 'group_info', groups_search() need
>   not, either, and then in_group_p() and in_egroup_p(), either.
> 
> 
>   'groups' assumes kernel mode callers are sure of 'group_info' valid.
> 

Oh, need use "callers" instead of "kernel mode callers".

>   When process starts, the related kernel mode caller need set default
>   'group_info' firstly (extern variable 'init_group').
>
 
And also need append one sentence: "and the callers also need be sure
of "&init_group" is not passed to groups_free()."


>   If groups_alloc() fails, the caller must not call any related API again
>   with the related invalid 'group_info'.
> 
> 
> Signed-off-by: Chen Gang <gang.chen@...anux.com>
> ---
>  kernel/groups.c |    3 ---
>  1 files changed, 0 insertions(+), 3 deletions(-)
> 
> diff --git a/kernel/groups.c b/kernel/groups.c
> index 90cf1c3..0a7f81d 100644
> --- a/kernel/groups.c
> +++ b/kernel/groups.c
> @@ -136,9 +136,6 @@ int groups_search(const struct group_info *group_info, kgid_t grp)
>  {
>  	unsigned int left, right;
>  
> -	if (!group_info)
> -		return 0;
> -
>  	left = 0;
>  	right = group_info->ngroups;
>  	while (left < right) {
> 


-- 
Chen Gang

-- 
Chen Gang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ