| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Oct 2020 15:30:49 +0100
From: Petr Mladek <pmladek@...e.com>
To: Matteo Croce <mcroce@...ux.microsoft.com>
Cc: linux-kernel@...r.kernel.org, Guenter Roeck <linux@...ck-us.net>,
Arnd Bergmann <arnd@...db.de>, Mike Rapoport <rppt@...nel.org>,
Kees Cook <keescook@...omium.org>,
Pavel Tatashin <pasha.tatashin@...een.com>,
Robin Holt <robinmholt@...il.com>,
Fabian Frederick <fabf@...net.be>, stable@...r.kernel.org
Subject: Re: [PATCH v2 2/2] reboot: fix parsing of reboot cpu number
On Tue 2020-10-27 14:35:45, Matteo Croce wrote:
> From: Matteo Croce <mcroce@...rosoft.com>
>
> The kernel cmdline reboot= argument allows to specify the CPU used
> for rebooting, with the syntax `s####` among the other flags, e.g.
>
> reboot=soft,s4
> reboot=warm,s31,force
>
> In the early days the parsing was done with simple_strtoul(), later
> deprecated in favor of the safer kstrtoint() which handles overflow.
>
> But kstrtoint() returns -EINVAL if there are non-digit characters
> in a string, so if this flag is not the last given, it's silently
> ignored as well as the subsequent ones.
>
> To fix it, revert the usage of simple_strtoul(), which is no longer
> deprecated, and restore the old behaviour.
>
> While at it, merge two identical code blocks into one.
> --- a/kernel/reboot.c
> +++ b/kernel/reboot.c
> @@ -552,25 +552,19 @@ static int __init reboot_setup(char *str)
>
> case 's':
> {
> - int rc;
> -
> - if (isdigit(*(str+1))) {
> - rc = kstrtoint(str+1, 0, &reboot_cpu);
> - if (rc)
> - return rc;
> - if (reboot_cpu >= num_possible_cpus()) {
> - reboot_cpu = 0;
> - return -ERANGE;
> - }
> - } else if (str[1] == 'm' && str[2] == 'p' &&
> - isdigit(*(str+3))) {
> - rc = kstrtoint(str+3, 0, &reboot_cpu);
> - if (rc)
> - return rc;
> - if (reboot_cpu >= num_possible_cpus()) {
> - reboot_cpu = 0;
^^^^^^
> + int cpu;
> +
> + /*
> + * reboot_cpu is s[mp]#### with #### being the processor
> + * to be used for rebooting. Skip 's' or 'smp' prefix.
> + */
> + str += str[1] == 'm' && str[2] == 'p' ? 3 : 1;
> +
> + if (isdigit(str[0])) {
> + cpu = simple_strtoul(str, NULL, 0);
> + if (cpu >= num_possible_cpus())
> return -ERANGE;
> - }
> + reboot_cpu = cpu;
The original value stays when the new one is out of range. It is
small functional change that should get mentioned in the commit
message or better fixed separately.
Hmm, I suggest to split this into 3 patches and switch the order:
+ 1st patch should simply revert the commit 616feab75397
("kernel/reboot.c: convert simple_strtoul to kstrtoint").
+ 2nd patch should merge the two branches without any
functional change.
+ 3rd patch should add the check for num_possible_cpus()
and update the value only when it is valid.
I am sorry that I did not suggested this when reviewed v1.
I have missed this functional change at that time.
Best Regards,
Petr
Powered by blists - more mailing lists