lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 13 Mar 2020 01:00:53 +0000
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     NeilBrown <neilb@...e.de>
Cc:     Eric Biggers <ebiggers@...nel.org>, linux-kernel@...r.kernel.org,
        linux-fsdevel@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Jeff Vander Stoep <jeffv@...gle.com>,
        Jessica Yu <jeyu@...nel.org>,
        Kees Cook <keescook@...omium.org>, NeilBrown <neilb@...e.com>,
        stable@...r.kernel.org
Subject: Re: [PATCH v2 2/4] fs/filesystems.c: downgrade user-reachable
 WARN_ONCE() to pr_warn_once()

On Fri, Mar 13, 2020 at 09:06:46AM +1100, NeilBrown wrote:
> On Thu, Mar 12 2020, Eric Biggers wrote:
> 
> > From: Eric Biggers <ebiggers@...gle.com>
> >
> > After request_module(), nothing is stopping the module from being
> > unloaded until someone takes a reference to it via try_get_module().
> >
> > The WARN_ONCE() in get_fs_type() is thus user-reachable, via userspace
> > running 'rmmod' concurrently.
> >
> > Since WARN_ONCE() is for kernel bugs only, not for user-reachable
> > situations, downgrade this warning to pr_warn_once().
> >
> > Cc: stable@...r.kernel.org
> > Cc: Alexei Starovoitov <ast@...nel.org>
> > Cc: Andrew Morton <akpm@...ux-foundation.org>
> > Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
> > Cc: Jeff Vander Stoep <jeffv@...gle.com>
> > Cc: Jessica Yu <jeyu@...nel.org>
> > Cc: Kees Cook <keescook@...omium.org>
> > Cc: Luis Chamberlain <mcgrof@...nel.org>
> > Cc: NeilBrown <neilb@...e.com>
> > Signed-off-by: Eric Biggers <ebiggers@...gle.com>
> > ---
> >  fs/filesystems.c | 4 +++-
> >  1 file changed, 3 insertions(+), 1 deletion(-)
> >
> > diff --git a/fs/filesystems.c b/fs/filesystems.c
> > index 77bf5f95362da..90b8d879fbaf3 100644
> > --- a/fs/filesystems.c
> > +++ b/fs/filesystems.c
> > @@ -272,7 +272,9 @@ struct file_system_type *get_fs_type(const char *name)
> >  	fs = __get_fs_type(name, len);
> >  	if (!fs && (request_module("fs-%.*s", len, name) == 0)) {
> >  		fs = __get_fs_type(name, len);
> > -		WARN_ONCE(!fs, "request_module fs-%.*s succeeded, but still no fs?\n", len, name);
> > +		if (!fs)
> > +			pr_warn_once("request_module fs-%.*s succeeded, but still no fs?\n",
> > +				     len, name);
> 
> I strongly support the replacement of "WARN" by "pr_warn".
> I wonder if we really want the "once" now.  Possibly using rate_limited
> would be justified, but I think that in general we should see a warning
> every time this event happens.

Since the usefulness of the print is at boot, I think pr_warn_once() is
good right now but just because I cannot think of a case where multiple
prints are currently desirable, or where this should be possible
post-boot. Can you?

  Luis

Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ