lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Tue, 20 May 2014 15:40:04 -0700
From:	Andrew Morton <akpm@...ux-foundation.org>
To:	Tang Chen <tangchen@...fujitsu.com>
Cc:	<gregkh@...uxfoundation.org>, <tj@...nel.org>, <hpa@...or.com>,
	<toshi.kani@...com>, <mingo@...e.hu>, <hutao@...fujitsu.com>,
	<laijs@...fujitsu.com>, <guz.fnst@...fujitsu.com>,
	<isimatu.yasuaki@...fujitsu.com>, <linux-kernel@...r.kernel.org>,
	<linux-mm@...ck.org>
Subject: Re: [PATCH 1/1] mem-hotplug: Avoid illegal state prefixed with
 legal state when changing state of memory_block.

On Fri, 16 May 2014 10:42:29 +0800 Tang Chen <tangchen@...fujitsu.com> wrote:

> We use the following command to online a memory_block:
> 
> echo online|online_kernel|online_movable > /sys/devices/system/memory/memoryXXX/state
> 
> But, if we typed "online_movbale" by mistake (typo, not "online_movable"), it will be 
> recognized as "online", and it will online the memory block successfully. "online" command
> will put the memory block into the same zone as it was in before last offlined, which may 
> be ZONE_NORMAL, not ZONE_MOVABLE. Since it succeeds without any warning, it may confuse 
> users.
> 
> ...
>
> --- a/drivers/base/memory.c
> +++ b/drivers/base/memory.c
> @@ -319,19 +319,27 @@ store_mem_state(struct device *dev,
>  		struct device_attribute *attr, const char *buf, size_t count)
>  {
>  	struct memory_block *mem = to_memory_block(dev);
> -	int ret, online_type;
> +	int ret, online_type, len;
>  
>  	ret = lock_device_hotplug_sysfs();
>  	if (ret)
>  		return ret;
>  
> -	if (!strncmp(buf, "online_kernel", min_t(int, count, 13)))
> +	/*
> +	 * count passed from user space includes \0, so the real length
> +	 * is count-1.
> +	 */
> +	len = count - 1;
> +
> +	if (len == strlen("online_kernel") &&
> +	    !strncmp(buf, "online_kernel", len))
>  		online_type = ONLINE_KERNEL;
> -	else if (!strncmp(buf, "online_movable", min_t(int, count, 14)))
> +	else if (len == strlen("online_movable") &&
> +		 !strncmp(buf, "online_movable", len))
>  		online_type = ONLINE_MOVABLE;
> -	else if (!strncmp(buf, "online", min_t(int, count, 6)))
> +	else if (len == strlen("online") && !strncmp(buf, "online", len))
>  		online_type = ONLINE_KEEP;
> -	else if (!strncmp(buf, "offline", min_t(int, count, 7)))
> +	else if (len == strlen("offline") && !strncmp(buf, "offline", len))
>  		online_type = -1;
>  	else {
>  		ret = -EINVAL;

hm, why is this code so complicated?  Is it because it is trying not to
trip over possibly-absent trailing newline?  If so, please take a look
at sysfs_streq().
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ