lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <3D357160-800C-4F45-B3D4-C6ECFD6CB8AF@gatech.edu>
Date:	Wed, 25 Mar 2015 16:41:13 -0400
From:	Chengyu Song <csong84@...ech.edu>
To:	"J. Bruce Fields" <bfields@...ldses.org>
Cc:	linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org,
	Taesoo Kim <taesoo@...ech.edu>, changwoo@...ech.edu,
	sanidhya@...ech.edu, Byoungyoung Lee <blee@...ech.edu>
Subject: Re: [PATCH 1/1] nfsd: incorrect check for debugfs returns

Cool. Sent.

> On Mar 25, 2015, at 4:09 PM, J. Bruce Fields <bfields@...ldses.org> wrote:
> 
> On Wed, Mar 25, 2015 at 12:41:29PM -0400, Chengyu Song wrote:
>> There may be a simpler solution, declare NFSD_FAULT_INJECTION has dependency
>> on DEBUG_FS, or automatically select DEBUG_FS.
> 
> Oh, I forgot about that--you're right, NFSD_FAULT_INJECTION isn't useful
> without DEBUG_FS anyway, so, sure, let's do that.
> 
> --b.
> 
>> I don't think current debugfs
>> implementation will return any error ptr once it's configured.
>> 
>> I choose to check the return instead, because I was worried the debugfs interface
>> may change in the future.
>> 
>> Does this sounds like a solution? If so, I can submit a patch for Kconfig.
>> 
>> Best,
>> Chengyu
>> 
>>> On Mar 25, 2015, at 11:17 AM, J. Bruce Fields <bfields@...ldses.org> wrote:
>>> 
>>> On Mon, Mar 23, 2015 at 10:58:05PM -0400, Chengyu Song wrote:
>>>> debugfs_create_dir and debugfs_create_file may return -ENODEV when debugfs
>>>> is not configured, so the return value should be checked against ERROR_VALUE
>>>> as well, otherwise the later dereference of the dentry pointer would crash
>>>> the kernel.
>>> 
>>> Thanks for spotting this.  But it looks like this will cause nfsd
>>> startup to fail when debugfs isn't configured.  I'd rather we didn't, it
>>> just isn't that important.
>>> 
>>> So I'd rather just make nfsd_fault_inject_init() a void return--just do
>>> a dprintk as a warning in the "fail" case, and otherwise let normal
>>> startup continue (and check that doesn't lead to other unsafe
>>> dereferences of debug_dir).  Could you try that?
>>> 
>>> --b.
>>> 
>>> 
>>>> 
>>>> Signed-off-by: Chengyu Song <csong84@...ech.edu>
>>>> ---
>>>> fs/nfsd/fault_inject.c | 12 ++++++++----
>>>> 1 file changed, 8 insertions(+), 4 deletions(-)
>>>> 
>>>> diff --git a/fs/nfsd/fault_inject.c b/fs/nfsd/fault_inject.c
>>>> index c16bf5a..621d065 100644
>>>> --- a/fs/nfsd/fault_inject.c
>>>> +++ b/fs/nfsd/fault_inject.c
>>>> @@ -132,19 +132,23 @@ int nfsd_fault_inject_init(void)
>>>> 	unsigned int i;
>>>> 	struct nfsd_fault_inject_op *op;
>>>> 	umode_t mode = S_IFREG | S_IRUSR | S_IWUSR;
>>>> +	struct dentry *dent;
>>>> 
>>>> -	debug_dir = debugfs_create_dir("nfsd", NULL);
>>>> -	if (!debug_dir)
>>>> +	dent = debugfs_create_dir("nfsd", NULL);
>>>> +	if (IS_ERR_OR_NULL(dent))
>>>> 		goto fail;
>>>> +	debug_dir = dent;
>>>> 
>>>> 	for (i = 0; i < NUM_INJECT_OPS; i++) {
>>>> 		op = &inject_ops[i];
>>>> -		if (!debugfs_create_file(op->file, mode, debug_dir, op, &fops_nfsd))
>>>> +		dent = debugfs_create_file(op->file, mode, debug_dir, op, &fops_nfsd);
>>>> +		if (IS_ERR_OR_NULL(dent))
>>>> 			goto fail;
>>>> +
>>>> 	}
>>>> 	return 0;
>>>> 
>>>> fail:
>>>> 	nfsd_fault_inject_cleanup();
>>>> -	return -ENOMEM;
>>>> +	return dent ? PTR_ERR(dent) : -ENOMEM;
>>>> }
>>>> -- 
>>>> 2.1.0

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ