lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <9ce82fc2-4e09-40c4-b5a5-a9a049c2f493@p183>
Date:   Mon, 9 Oct 2023 09:14:53 +0300
From:   Alexey Dobriyan <adobriyan@...il.com>
To:     Andrew Morton <akpm@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org, shuah@...nel.org, hughd@...gle.com,
        swarupkotikalapudi@...il.com
Subject: Re: + selftests-proc-add-proc-pid-statm-output-validation.patch
 added to mm-nonmm-unstable branch

On Wed, Oct 04, 2023 at 01:17:00PM -0700, Andrew Morton wrote:
> 
> The patch titled
>      Subject: selftests: proc: add /proc/$(pid)/statm output validation
> has been added to the -mm mm-nonmm-unstable branch.  Its filename is
>      selftests-proc-add-proc-pid-statm-output-validation.patch
> 
> This patch will shortly appear at
>      https://git.kernel.org/pub/scm/linux/kernel/git/akpm/25-new.git/tree/patches/selftests-proc-add-proc-pid-statm-output-validation.patch
> 
> This patch will later appear in the mm-nonmm-unstable branch at
>     git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
> 
> Before you just go and hit "reply", please:
>    a) Consider who else should be cc'ed
>    b) Prefer to cc a suitable mailing list as well
>    c) Ideally: find the original patch on the mailing list and do a
>       reply-to-all to that, adding suitable additional cc's
> 
> *** Remember to use Documentation/process/submit-checklist.rst when testing your code ***
> 
> The -mm tree is included into linux-next via the mm-everything
> branch at git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
> and is updated there every 2-3 working days
> 
> ------------------------------------------------------
> From: Swarup Laxman Kotiaklapudi <swarupkotikalapudi@...il.com>
> Subject: selftests: proc: add /proc/$(pid)/statm output validation
> Date: Wed, 4 Oct 2023 01:13:19 +0530
> 
> Add /proc/${pid}/statm validation
> 
> /proc/$(pid)/statm output is expected to be:
>  "0 0 0 * 0 0 0\n"
> Here * can be any value
> 
> Read output of /proc/$(pid)/statm and check except for 4th position, all
> other positions have value zero.
> 
> Link: https://lkml.kernel.org/r/20231003194319.602646-1-swarupkotikalapudi@gmail.com
> Signed-off-by: Swarup Laxman Kotiaklapudi <swarupkotikalapudi@...il.com>
> Cc: Alexey Dobriyan <adobriyan@...il.com>
> Cc: Hugh Dickins <hughd@...gle.com>
> Cc: Shuah Khan <shuah@...nel.org>
> Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
> ---
> 
>  tools/testing/selftests/proc/proc-empty-vm.c |   57 +++++++++++++++--
>  1 file changed, 52 insertions(+), 5 deletions(-)
> 
> --- a/tools/testing/selftests/proc/proc-empty-vm.c~selftests-proc-add-proc-pid-statm-output-validation
> +++ a/tools/testing/selftests/proc/proc-empty-vm.c
> @@ -303,6 +303,56 @@ static int test_proc_pid_smaps_rollup(pi
>  	}
>  }
>  
> +static int test_proc_pid_statm(pid_t pid)
> +{
> +	char buf[4096];
> +	char *tok;
> +	char *string;
> +	int non_zero_value_indx = 4;
> +	int i = 1;
> +
> +	snprintf(buf, sizeof(buf), "/proc/%u/statm", pid);
> +
> +	/*
> +	 *  Output can be "0 0 0 2 0 0 0\n" where "2" can be anything.
> +	 */
> +	int fd = open(buf, O_RDONLY);
> +
> +	if (fd == -1) {
> +		if (errno == ENOENT) {
> +			/*
> +			 * /proc/${pid}/statm is under CONFIG_PROC_PAGE_MONITOR,
> +			 * it doesn't necessarily exist.
> +			 */
> +			return EXIT_SUCCESS;
> +		}
> +		perror("open /proc/${pid}/statm");
> +		return EXIT_FAILURE;
> +	} else {
> +		ssize_t rv = read(fd, buf, sizeof(buf));
> +
> +		close(fd);
> +		assert(rv);
> +		string = buf;
> +
> +		while ((tok = strsep(&string, " ")) != NULL) {

This is unreliable too. read() doesn't terminate the buffer so this relies
on termination from

	snprintf(buf, sizeof(buf), "/proc/%u/statm", pid);

Buggy kernel could return a lot of data and overwrite it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ