lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 2 Jul 2020 23:17:28 +0200
From:   Pavel Machek <pavel@...x.de>
To:     Sasha Levin <sashal@...nel.org>
Cc:     linux-kernel@...r.kernel.org, stable@...r.kernel.org,
        Masami Hiramatsu <mhiramat@...nel.org>,
        Tom Zanussi <zanussi@...nel.org>,
        Steven Rostedt <rostedt@...dmis.org>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: [PATCH 4.19 119/131] tracing: Fix event trigger to accept
 redundant spaces

Hi!

> commit 6784beada631800f2c5afd567e5628c843362cee upstream.
> 
> Fix the event trigger to accept redundant spaces in
> the trigger input.
> 
> For example, these return -EINVAL
> 
> echo " traceon" > events/ftrace/print/trigger
> echo "traceon  if common_pid == 0" > events/ftrace/print/trigger
> echo "disable_event:kmem:kmalloc " > events/ftrace/print/trigger
> 
> But these are hard to find what is wrong.
> 
> To fix this issue, use skip_spaces() to remove spaces
> in front of actual tokens, and set NULL if there is no
> token.

For the record, I'm not fan of this one. It is ABI change, not a
bugfix.

Yes, it makes kernel interface "easier to use". It also changes
interface in the middle of stable series, and if people start relying
on new interface and start putting extra spaces, they'll get nasty
surprise when they move code to the older kernel.

Best regards,
								Pavel

> +++ b/kernel/trace/trace_events_trigger.c
> @@ -211,11 +211,17 @@ static int event_trigger_regex_open(struct inode *inode, struct file *file)
>  
>  static int trigger_process_regex(struct trace_event_file *file, char *buff)
>  {
> -	char *command, *next = buff;
> +	char *command, *next;
>  	struct event_command *p;
>  	int ret = -EINVAL;
>  
> +	next = buff = skip_spaces(buff);
>  	command = strsep(&next, ": \t");
> +	if (next) {
> +		next = skip_spaces(next);
> +		if (!*next)
> +			next = NULL;
> +	}
>  	command = (command[0] != '!') ? command : command + 1;
>  
>  	mutex_lock(&trigger_cmd_mutex);
> @@ -624,8 +630,14 @@ event_trigger_callback(struct event_command *cmd_ops,
>  	int ret;
>  
>  	/* separate the trigger from the filter (t:n [if filter]) */
> -	if (param && isdigit(param[0]))
> +	if (param && isdigit(param[0])) {
>  		trigger = strsep(&param, " \t");
> +		if (param) {
> +			param = skip_spaces(param);
> +			if (!*param)
> +				param = NULL;
> +		}
> +	}
>  
>  	trigger_ops = cmd_ops->get_trigger_ops(cmd, trigger);
>  
> @@ -1361,6 +1373,11 @@ int event_enable_trigger_func(struct event_command *cmd_ops,
>  	trigger = strsep(&param, " \t");
>  	if (!trigger)
>  		return -EINVAL;
> +	if (param) {
> +		param = skip_spaces(param);
> +		if (!*param)
> +			param = NULL;
> +	}
>  
>  	system = strsep(&trigger, ":");
>  	if (!trigger)

-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Download attachment "signature.asc" of type "application/pgp-signature" (182 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ