| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 15 Jul 2022 13:47:28 +0200
From: Daniel Bristot de Oliveira <bristot@...nel.org>
To: Tao Zhou <tao.zhou@...ux.dev>
Cc: Steven Rostedt <rostedt@...dmis.org>,
Wim Van Sebroeck <wim@...ux-watchdog.org>,
Guenter Roeck <linux@...ck-us.net>,
Jonathan Corbet <corbet@....net>,
Ingo Molnar <mingo@...hat.com>,
Thomas Gleixner <tglx@...utronix.de>,
Peter Zijlstra <peterz@...radead.org>,
Will Deacon <will@...nel.org>,
Catalin Marinas <catalin.marinas@....com>,
Marco Elver <elver@...gle.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
"Paul E. McKenney" <paulmck@...nel.org>,
Shuah Khan <skhan@...uxfoundation.org>,
Gabriele Paoloni <gpaoloni@...hat.com>,
Juri Lelli <juri.lelli@...hat.com>,
Clark Williams <williams@...hat.com>,
Randy Dunlap <rdunlap@...radead.org>,
linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-trace-devel@...r.kernel.org
Subject: Re: [PATCH V5 01/16] rv: Add Runtime Verification (RV) interface
On 7/14/22 09:46, Tao Zhou wrote:
> On Wed, Jul 13, 2022 at 11:17:17PM +0200,
> Daniel Bristot de Oliveira <bristot@...nel.org> wrote:
>
> [...]
>
>> +void put_task_monitor_slot(int slot)
>> +{
>> + lockdep_assert_held(&rv_interface_lock);
>> +
>> + if (slot < 0 || slot > RV_PER_TASK_MONITORS) {
>
> slot is the array index that should be 0 here. The up bound is not bigger
> than 0 because the element of array now is RV_PER_TASK_MONITORS.
>
> So up bound check is 'slot > RV_PER_TASK_MONITORS-1'.
fixed! (slot >= RV...)
> [...]
>
>> +/*
>> + * interface for enabling/disabling a monitor.
>> + */
>> +static ssize_t monitor_enable_write_data(struct file *filp, const char __user *user_buf,
>> + size_t count, loff_t *ppos)
>> +{
>> + struct rv_monitor_def *mdef = filp->private_data;
>> + int retval;
>> + bool val;
>> +
>> + retval = kstrtobool_from_user(user_buf, count, &val);
>> + if (retval)
>> + return retval;
>> +
>> + retval = count;
>> +
>> + mutex_lock(&rv_interface_lock);
>> +
>> + if (val)
>> + retval = enable_monitor(mdef);
>> + else
>> + retval = disable_monitor(mdef);
>> +
>> + mutex_unlock(&rv_interface_lock);
>> +
>> + return retval ? retval : count;
>
> Feel that this can be written `return retval ? : count;`
why not...
> [...]
>
>> +static void *enabled_monitors_start(struct seq_file *m, loff_t *pos)
>> +{
>> + struct rv_monitor_def *m_def;
>> + loff_t l;
>> +
>> + mutex_lock(&rv_interface_lock);
>> +
>> + if (list_empty(&rv_monitors_list))
>> + return NULL;
>> +
>> + m_def = list_entry(&rv_monitors_list, struct rv_monitor_def, list);
>> +
>> + for (l = 0; l <= *pos; ) {
>> + m_def = enabled_monitors_next(m, m_def, &l);
>> + if (!m_def)
>> + break;
>
> Is this check is inversed. enabled_monitors_start() will stop at first
> enabled monitor, then enabled_monitors_next() do loop to next. Check
> like the above, enabled_monitors_start() will loop to the last monitor.
> But I doubt myself I do not mention/see it. Sorry for these.
>
> the check is:
>
> if (m_def)
> break;
>
> [...]
see kernel/trace/trace_events.c:s_start...
>> +static ssize_t
>> +enabled_monitors_write(struct file *filp, const char __user *user_buf,
>> + size_t count, loff_t *ppos)
>> +{
>> + char buff[MAX_RV_MONITOR_NAME_SIZE + 2];
>> + struct rv_monitor_def *mdef;
>> + int retval = -EINVAL;
>> + bool enable = true;
>> + char *ptr = buff;
>> + int len;
>> +
>> + if (count < 1 || count > MAX_RV_MONITOR_NAME_SIZE + 2)
>
> @count would not include '\0'. That the max val of @count is
> MAX_RV_MONITOR_NAME_SIZE+1. So the up bound check of @count is
> `count > MAX_RV_MONITOR_NAME_SIZE + 1`.
Fixed for v6...
-- Daniel
Powered by blists - more mailing lists