| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 8 Feb 2017 13:51:21 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
Cc: linux-kernel@...r.kernel.org, Tejun Heo <tj@...nel.org>
Subject: Re: [PATCH] kernfs: handle null pointers while printing node name
and path
On Wed, Feb 08, 2017 at 02:28:55PM +0300, Konstantin Khlebnikov wrote:
> Null kernfs nodes could be found at cgroups during construction.
Really? Does this happen today? Is this an issue for older kernels as
well?
> It seems safer to handle these null pointers right in kernfs in
> the same way as printf prints "(null)" for null pointer string.
>
> Signed-off-by: Konstantin Khlebnikov <khlebnikov@...dex-team.ru>
> Acked-by: Tejun Heo <tj@...nel.org>
> ---
> fs/kernfs/dir.c | 10 ++++++++++
> include/trace/events/cgroup.h | 20 ++++++--------------
> 2 files changed, 16 insertions(+), 14 deletions(-)
>
> diff --git a/fs/kernfs/dir.c b/fs/kernfs/dir.c
> index cf4c636ff4da..439b946c4808 100644
> --- a/fs/kernfs/dir.c
> +++ b/fs/kernfs/dir.c
> @@ -41,6 +41,9 @@ static bool kernfs_lockdep(struct kernfs_node *kn)
>
> static int kernfs_name_locked(struct kernfs_node *kn, char *buf, size_t buflen)
> {
> + if (!kn)
> + return strlcpy(buf, "(null)", buflen);
Why not return an error?
> +
> return strlcpy(buf, kn->parent ? kn->name : "/", buflen);
> }
>
> @@ -110,6 +113,8 @@ static struct kernfs_node *kernfs_common_ancestor(struct kernfs_node *a,
> * kn_to: /n1/n2/n3 [depth=3]
> * result: /../..
> *
> + * [3] when @kn_to is NULL result will be "(null)"
> + *
> * Returns the length of the full path. If the full length is equal to or
> * greater than @buflen, @buf contains the truncated path with the trailing
> * '\0'. On error, -errno is returned.
> @@ -123,6 +128,9 @@ static int kernfs_path_from_node_locked(struct kernfs_node *kn_to,
> size_t depth_from, depth_to, len = 0;
> int i, j;
>
> + if (!kn_to)
> + return strlcpy(buf, "(null)", buflen);
> +
> if (!kn_from)
> kn_from = kernfs_root(kn_to)->kn;
>
> @@ -166,6 +174,8 @@ static int kernfs_path_from_node_locked(struct kernfs_node *kn_to,
> * similar to strlcpy(). It returns the length of @kn's name and if @buf
> * isn't long enough, it's filled upto @buflen-1 and nul terminated.
> *
> + * Fills buffer with "(null)" if @kn is NULL.
> + *
> * This function can be called from any context.
> */
> int kernfs_name(struct kernfs_node *kn, char *buf, size_t buflen)
> diff --git a/include/trace/events/cgroup.h b/include/trace/events/cgroup.h
> index ab68640a18d0..c226f50e88fa 100644
> --- a/include/trace/events/cgroup.h
> +++ b/include/trace/events/cgroup.h
> @@ -61,19 +61,15 @@ DECLARE_EVENT_CLASS(cgroup,
> __field( int, id )
> __field( int, level )
> __dynamic_array(char, path,
> - cgrp->kn ? cgroup_path(cgrp, NULL, 0) + 1
> - : strlen("(null)"))
> + cgroup_path(cgrp, NULL, 0) + 1)
Ah, you are trying to make this "simpler", is that the case?
So this is just a "cleanup", not a bugfix?
thanks,
greg k-h
Powered by blists - more mailing lists