| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1f2823a1-8e4c-4103-ec02-2db1e9ed4a97@nokia.com>
Date: Thu, 21 Mar 2019 13:37:32 +0000
From: "Sverdlin, Alexander (Nokia - DE/Ulm)" <alexander.sverdlin@...ia.com>
To: Mike Crowe <mac@...owe.com>,
Alexander Sverdlin <alexander.sverdlin@...il.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Andrew Morton <akpm@...ux-foundation.org>,
Arnd Bergmann <arnd@...db.de>, Kay Sievers <kay@...y.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: Re: kmsg: lseek errors confuse glibc's dprintf
Hi!
On 21/03/2019 13:38, Mike Crowe wrote:
[...]
> I don't mind rebasing my patch once I know which of my two solutions is
> preferred. It seems that the -ESPIPE one is the current favourite.
I think:
1. Since Linux v4.8 (!user) case in not possible any more if the device
file was opened in write-only mode, so you are probably safe to omit this
chunk at all.
2. Nothing comes to my mind, what one could return as "current position"
from the lseek() call on /dev/kmsg. So without good idea what to return,
supporting offset == 0 (the only thing we ever can support on SEEK_CUR)
makes no sense to me.
Documentation/ABI/testing/dev-kmsg makes no promise on SEEK_CUR either,
therefore I'd say, -ESPIPE unconditionally is the right choice.
>>>> >From what I can tell prior to Kay Sievers printk record commit
>>> e11fea92e13fb91c50bacca799a6131c81929986, calling lseek(fd, 0, SEEK_CUR)
>>> with such a file descriptor would not return an error.
>>>
>>> Prior to Kay's change, Arnd Bergmann's commit
>>> 6038f373a3dc1f1c26496e60b6c40b164716f07e seemed to go to some lengths to
>>> preserve the successful return code rather than returning (the perhaps more
>>> logical) -ESPIPE.
>>>
>>> glibc is happy with either a successful return or -ESPIPE.
>>>
>>> For maximum compatibility it seems that success should be returned but
>>> given Kay's new seek interface perhaps this isn't helpful.
>>>
>>> This patch ensures that such a seek succeeds:
>>>
>>> diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
>>> index 02d6b6d..b3ff6f0 100644
>>> --- a/kernel/printk/printk.c
>>> +++ b/kernel/printk/printk.c
>>> @@ -693,7 +693,7 @@ static loff_t devkmsg_llseek(struct file *file, loff_t offset, int whence)
>>> loff_t ret = 0;
>>>
>>> if (!user)
>>> - return -EBADF;
>>> + return (whence == SEEK_CUR) ? 0 : -EBADF;
>>> if (offset)
>>> return -ESPIPE;
>>>
>>> @@ -718,6 +718,11 @@ static loff_t devkmsg_llseek(struct file *file, loff_t offset, int whence)
>>> user->idx = log_next_idx;
>>> user->seq = log_next_seq;
>>> break;
>>> + case SEEK_CUR:
>>> + /* For compatibility with userspace requesting the
>>> + * current file position. */
>>> + ret = 0;
>>> + break;
>>> default:
>>> ret = -EINVAL;
>>> }
>>>
>>> (although it could be argued that the !user case should return -ESPIPE
>>> rather than EBADF since the file descriptor _is_ valid.)
>>>
>>> and this patch causes a failure that glibc is prepared to accept:
>>>
>>> diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
>>> index 02d6b6d..f6b0c93 100644
>>> --- a/kernel/printk/printk.c
>>> +++ b/kernel/printk/printk.c
>>> @@ -693,7 +693,7 @@ static loff_t devkmsg_llseek(struct file *file, loff_t offset, int whence)
>>> loff_t ret = 0;
>>>
>>> if (!user)
>>> - return -EBADF;
>>> + return -ESPIPE;
>>> if (offset)
>>> return -ESPIPE;
>>>
>>> @@ -718,6 +718,11 @@ static loff_t devkmsg_llseek(struct file *file, loff_t offset, int whence)
>>> user->idx = log_next_idx;
>>> user->seq = log_next_seq;
>>> break;
>>> + case SEEK_CUR:
>>> + /* For compatibility with userspace expecting SEEK_CUR
>>> + * to not yield EINVAL. */
>>> + ret = -ESPIPE;
>>> + break;
>>> default:
>>> ret = -EINVAL;
>>> }
>>>
>>> Either makes dprintf work, but is either the right solution?
>
> Mike.
>
--
Best regards,
Alexander Sverdlin.
Powered by blists - more mailing lists