lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <20230519233804.863-1-beaub@linux.microsoft.com>
Date:   Fri, 19 May 2023 16:38:04 -0700
From:   Beau Belgrave <beaub@...ux.microsoft.com>
To:     sunliming@...inos.cn
Cc:     linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org,
        mhiramat@...nel.org, rostedt@...dmis.org
Subject: Re: [PATCH RESEND] tracing/user_events: Prevent same name event per process

> User processes register name_args for events. If the same name are registered
> multiple times in the same process, it can cause undefined behavior. Because
> the same name may be used for a diffrent event. If this event has the same
> format as the original event, it is impossible to distinguish the trace output
> of these two events. If the event has a different format from the original event,
> the trace output of the new event is incorrect.
> 
> Return EADDRINUSE back to the user process if the same event has being registered
> in the same process.
> 
> Signed-off-by: sunliming <sunliming@...inos.cn>
> ---

Thank you for the patch, a few comments.

>  kernel/trace/trace_events_user.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
> index b1ecd7677642..4ef6bdb5c07c 100644
> --- a/kernel/trace/trace_events_user.c
> +++ b/kernel/trace/trace_events_user.c
> @@ -1996,7 +1996,7 @@ static int user_events_ref_add(struct user_event_file_info *info,
>  
>  		for (i = 0; i < count; ++i)
>  			if (refs->events[i] == user)
> -				return i;
> +				return -EADDRINUSE;

The ABI currently allows this to allow for shared libraries to share a common write
FD. Do you feel strongly that this should not be allowed?

If you and others feel this should not be allowed, I'd kindly ask you to also update
the self-tests at tools/testing/selftests/user_events/ in the tree and ensure they
pass fully.

For example, see ftrace_test.c at the above tree location:
...

TEST_F(user, register_events) {

...


	/* Multiple registers to the same addr + bit should fail */
	ASSERT_EQ(-1, ioctl(self->data_fd, DIAG_IOCSREG, &reg));
	ASSERT_EQ(EADDRINUSE, errno);

	/* Multiple registers to same name should result in same index */
	reg.enable_bit = 30;
	ASSERT_EQ(0, ioctl(self->data_fd, DIAG_IOCSREG, &reg));
	ASSERT_EQ(0, reg.write_index);

...

Thanks,
-Beau

>  	}
>  
>  	size = struct_size(refs, events, count + 1);
> -- 
> 2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ