| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YT+AUXZPFWRSFCRK@slm.duckdns.org>
Date: Mon, 13 Sep 2021 06:46:09 -1000
From: Tejun Heo <tj@...nel.org>
To: Christoph Hellwig <hch@....de>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Jens Axboe <axboe@...nel.dk>, linux-block@...r.kernel.org,
linux-xfs@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: start switching sysfs attributes to expose the seq_file
On Mon, Sep 13, 2021 at 07:41:08AM +0200, Christoph Hellwig wrote:
> Hi all,
>
> Al pointed out multiple times that seq_get_buf is highly dangerous as
> it opens up the tight seq_file abstractions to buffer overflows. The
> last such caller now is sysfs.
>
> This series allows attributes to implement a seq_show method and switch
> the block and XFS code as users that I'm most familiar with to use
> seq_files directly after a few preparatory cleanups. With this series
> "leaf" users of sysfs_ops can be converted one at at a time, after that
> we can move the seq_get_buf into the multiplexers (e.g. kobj, device,
> class attributes) and remove the show method in sysfs_ops and repeat the
> process until all attributes are converted. This will probably take a
> fair amount of time.
The whole series looks good to me. With Greg's sysfs_emit argument aside on
which I don't have any opinion,
Acked-by: Tejun Heo <tj@...nel.org>
Thanks.
--
tejun
Powered by blists - more mailing lists