| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Yupg989wWYl4kmdZ@krava>
Date: Wed, 3 Aug 2022 13:50:15 +0200
From: Jiri Olsa <olsajiri@...il.com>
To: Hao Luo <haoluo@...gle.com>
Cc: Jiri Olsa <olsajiri@...il.com>, linux-kernel@...r.kernel.org,
bpf@...r.kernel.org, Alexei Starovoitov <ast@...nel.org>,
Andrii Nakryiko <andrii@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Song Liu <song@...nel.org>, Yonghong Song <yhs@...com>,
KP Singh <kpsingh@...nel.org>,
John Fastabend <john.fastabend@...il.com>,
Stanislav Fomichev <sdf@...gle.com>
Subject: Re: [PATCH bpf-next v1] bpf, iter: clean up bpf_seq_read().
On Tue, Aug 02, 2022 at 05:15:50PM -0700, Hao Luo wrote:
> On Tue, Aug 2, 2022 at 4:14 AM Jiri Olsa <olsajiri@...il.com> wrote:
> >
> > On Mon, Aug 01, 2022 at 01:50:39PM -0700, Hao Luo wrote:
> >
> > SNIP
> >
> > > +static int do_seq_show(struct seq_file *seq, void *p, size_t offs)
> > > +{
> > > + int err;
> > > +
> > > + WARN_ON(IS_ERR_OR_NULL(p));
> > > +
> > > + err = seq->op->show(seq, p);
> > > + if (err > 0) {
> > > + /* object is skipped, decrease seq_num, so next
> > > + * valid object can reuse the same seq_num.
> > > + */
> > > + bpf_iter_dec_seq_num(seq);
> > > + seq->count = offs;
> > > + return err;
> > > + }
> > > +
> > > + if (err < 0 || seq_has_overflowed(seq)) {
> > > + seq->count = offs;
> > > + return err ? err : -E2BIG;
> > > + }
> > > +
> > > + /* err == 0 and no overflow */
> > > + return 0;
> > > +}
> > > +
> > > +/* do_seq_stop, stops at the given object 'p'. 'p' could be an ERR or NULL. If
> > > + * 'p' is an ERR or there was an overflow, reset seq->count to 'offs' and
> > > + * returns error. Returns 0 otherwise.
> > > + */
> > > +static int do_seq_stop(struct seq_file *seq, void *p, size_t offs)
> > > +{
> > > + if (IS_ERR(p)) {
> > > + seq->op->stop(seq, NULL);
> > > + seq->count = offs;
> >
> > should we set seq->count to 0 in case of error?
> >
>
> Thanks Jiri. To be honest, I don't know. There are two paths that may
> lead to an error "p".
>
> First, seq->op->start() could return ERR, in that case, '"offs'" is
> zero and we set it to zero already. This is fine.
ah right, offs is zero at that time, looks good then
>
> The other one, seq->op->next() could return ERR. This is a case where
> bpf_seq_read() fails to handle right now, so I am not sure what to do.
but maybe we don't need to set seq->count in here, like:
static int do_seq_stop(struct seq_file *seq, void *p, size_t offs)
{
if (IS_ERR(p)) {
seq->op->stop(seq, NULL);
return PTR_ERR(p);
}
because it's already set by error path of do_seq_show
>
> Based on my understanding reading the code, if seq->count isn't
> zeroed, the current read() will not copy data, but the next read()
> will copy data (see the "if (seq->count)" at the beginning of
> bpf_seq_read). If seq->count is zeroed, the data in buffer will be
> discarded. I don't know what is right.
I think we should return the buffer up to the point there's an error,
that's why we set seq->count to previous offs value after failed
show callback
jirka
Powered by blists - more mailing lists