lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Sep 2021 06:46:09 -1000 From: Tejun Heo <tj@...nel.org> To: Christoph Hellwig <hch@....de> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>, "Rafael J. Wysocki" <rafael@...nel.org>, Alexander Viro <viro@...iv.linux.org.uk>, Jens Axboe <axboe@...nel.dk>, linux-block@...r.kernel.org, linux-xfs@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: start switching sysfs attributes to expose the seq_file On Mon, Sep 13, 2021 at 07:41:08AM +0200, Christoph Hellwig wrote: > Hi all, > > Al pointed out multiple times that seq_get_buf is highly dangerous as > it opens up the tight seq_file abstractions to buffer overflows. The > last such caller now is sysfs. > > This series allows attributes to implement a seq_show method and switch > the block and XFS code as users that I'm most familiar with to use > seq_files directly after a few preparatory cleanups. With this series > "leaf" users of sysfs_ops can be converted one at at a time, after that > we can move the seq_get_buf into the multiplexers (e.g. kobj, device, > class attributes) and remove the show method in sysfs_ops and repeat the > process until all attributes are converted. This will probably take a > fair amount of time. The whole series looks good to me. With Greg's sysfs_emit argument aside on which I don't have any opinion, Acked-by: Tejun Heo <tj@...nel.org> Thanks. -- tejun
Powered by blists - more mailing lists