| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 26 Sep 2013 14:30:31 +0800
From: Chen Gang <gang.chen@...anux.com>
To: Tejun Heo <tj@...nel.org>
CC: Andrew Morton <akpm@...ux-foundation.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Michael Kerrisk <mtk.manpages@...il.com>
Subject: Re: [PATCH] kernel/groups.c: consider about NULL for 'group_info'
in all related extern functions
On 09/26/2013 01:58 PM, Chen Gang wrote:
> On 09/25/2013 12:34 PM, Chen Gang wrote:
>> On 09/25/2013 09:47 AM, Chen Gang wrote:
>>> On 09/25/2013 09:14 AM, Tejun Heo wrote:
>>>> On Wed, Sep 25, 2013 at 09:06:52AM +0800, Chen Gang wrote:
>>>>> OK, I see, the 'root cause' is: "you are not the related maintainer
>>>>> either", so it is really necessary for me to spend additional time
>>>>> resource on it :-(.
>>>>
>>>> Yeah, at least partly. That and the fact that I'm not too willing to
>>>> dig into the code without further evidence. It isn't anything strange
>>>> to ask tho and I'm likely to do that even for subsystems that I know
>>>> intimately if the subject code has been stable / stale for years and
>>>> the analysis doesn't seem immediately convincing. And, if my
>>>> experience is anything to go by, it's not too unlikely that you might
>>>> hit something which doesn't agree with your current assumptions while
>>>> trying to actually trigger the problem.
>>>>
>>>> Thanks.
>>>>
>
> Oh, not cause issue, the reason is "'groups' exports extern variable
> 'init_groups', when start process, default 'cred' will set it to be
> sure of groups always be initialized".
>
> Hmm... but after all, I still think this file need be improved: "remove
> the group_info checking in groups_search()", please help check, thanks.
>
> -------------------------------patch begin------------------------------
>
> kernel/groups.c: remove useless "!group_info" checking in groups_search().
>
> Since groups_free() need not check 'group_info', groups_search() need
> not, either, and then in_group_p() and in_egroup_p(), either.
>
>
> 'groups' assumes kernel mode callers are sure of 'group_info' valid.
>
Oh, need use "callers" instead of "kernel mode callers".
> When process starts, the related kernel mode caller need set default
> 'group_info' firstly (extern variable 'init_group').
>
And also need append one sentence: "and the callers also need be sure
of "&init_group" is not passed to groups_free()."
> If groups_alloc() fails, the caller must not call any related API again
> with the related invalid 'group_info'.
>
>
> Signed-off-by: Chen Gang <gang.chen@...anux.com>
> ---
> kernel/groups.c | 3 ---
> 1 files changed, 0 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/groups.c b/kernel/groups.c
> index 90cf1c3..0a7f81d 100644
> --- a/kernel/groups.c
> +++ b/kernel/groups.c
> @@ -136,9 +136,6 @@ int groups_search(const struct group_info *group_info, kgid_t grp)
> {
> unsigned int left, right;
>
> - if (!group_info)
> - return 0;
> -
> left = 0;
> right = group_info->ngroups;
> while (left < right) {
>
--
Chen Gang
--
Chen Gang
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists