lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <tencent_01245C3A3D73B19FD473649517B56C50D706@qq.com>
Date: Tue, 2 Apr 2024 22:39:03 +0800
From: Wen Yang <wenyang.linux@...mail.com>
To: Joel Granados <j.granados@...sung.com>
Cc: Luis Chamberlain <mcgrof@...nel.org>, Kees Cook <keescook@...omium.org>,
 Christian Brauner <brauner@...nel.org>,
 "Eric W . Biederman" <ebiederm@...ssion.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] sysctl: move the extra1/2 boundary check of u8 to
 sysctl_check_table_array



On 2024/3/29 00:53, Joel Granados wrote:
> On Sat, Mar 02, 2024 at 11:27:45PM +0800, wenyang.linux@...mail.com wrote:
>> From: Wen Yang <wenyang.linux@...mail.com>
>>
> 
> <--- snip --->
> 
>> diff --git a/kernel/sysctl-test.c b/kernel/sysctl-test.c
>> index 6ef887c19c48..84e759a8328f 100644
>> --- a/kernel/sysctl-test.c
>> +++ b/kernel/sysctl-test.c
>> @@ -367,6 +367,35 @@ static void sysctl_test_api_dointvec_write_single_greater_int_max(
>>   	KUNIT_EXPECT_EQ(test, 0, *((int *)table.data));
>>   }
>>   
>> +/*
>> + * Test that registering an invalid extra value is not allowed.
>> + */
>> +static void sysctl_test_register_sysctl_sz_invalid_extra_value(
>> +		struct kunit *test)
>> +{
>> +	unsigned char data = 0;
>> +	struct ctl_table table[] = {
> I'm pretty sure that this is going to clash with the constification that
> Thomas is working on. Please re-work this patch knowing that these
> ctl_tables are going to have to change to const at some point.
> 
>> +		{
>> +			.procname	= "foo",
>> +			.data		= &data,
>> +			.maxlen		= sizeof(u8),
>> +			.mode		= 0644,
>> +			.proc_handler	= proc_dou8vec_minmax,
>> +			.extra1		= SYSCTL_ZERO,
>> +			.extra2		= SYSCTL_ONE_THOUSAND,
>> +		},
>> +		{}
> Don't use the sentinel here. We are removing them and all new sysctl
> tables (even the test ones) should be created without them
> 
>> +	};
>> +	unsigned int size = ARRAY_SIZE(table);
> You do not need size here. When you use register_sysctl, the size will
> be automatically calculated for you.
> 
>> +
>> +	KUNIT_EXPECT_NULL(test, register_sysctl_sz("foo", table, size));
>> +	table[0].extra1 = SYSCTL_ONE_THOUSAND;
>> +	KUNIT_EXPECT_NULL(test, register_sysctl_sz("foo", table, size));
>> +	table[0].extra1 = SYSCTL_ONE_HUNDRED;
>> +	table[0].extra2 = SYSCTL_TWO_HUNDRED;
>> +	KUNIT_EXPECT_NOT_NULL(test, register_sysctl_sz("foo", table, size));
> Replace all these by register_sysctl please.
> 
Thanks for your review comments w.r.t [PATCH v2], which will be complied 
by in next patch version [PATCH v3].

--
Best wishes,
Wen

>> +}
>> +
>>   static struct kunit_case sysctl_test_cases[] = {
>>   	KUNIT_CASE(sysctl_test_api_dointvec_null_tbl_data),
>>   	KUNIT_CASE(sysctl_test_api_dointvec_table_maxlen_unset),
>> @@ -378,6 +407,7 @@ static struct kunit_case sysctl_test_cases[] = {
>>   	KUNIT_CASE(sysctl_test_dointvec_write_happy_single_negative),
>>   	KUNIT_CASE(sysctl_test_api_dointvec_write_single_less_int_min),
>>   	KUNIT_CASE(sysctl_test_api_dointvec_write_single_greater_int_max),
>> +	KUNIT_CASE(sysctl_test_register_sysctl_sz_invalid_extra_value),
>>   	{}
>>   };
>>   
>> diff --git a/kernel/sysctl.c b/kernel/sysctl.c
>> index f67b39d3d6e5..28888744626a 100644
>> --- a/kernel/sysctl.c
>> +++ b/kernel/sysctl.c
>> @@ -977,16 +977,10 @@ int proc_dou8vec_minmax(struct ctl_table *table, int write,
>>   	if (table->maxlen != sizeof(u8))
>>   		return -EINVAL;
>>   
>> -	if (table->extra1) {
>> -		min = *(unsigned int *) table->extra1;
>> -		if (min > 255U)
>> -			return -EINVAL;
>> -	}
>> -	if (table->extra2) {
>> -		max = *(unsigned int *) table->extra2;
>> -		if (max > 255U)
>> -			return -EINVAL;
>> -	}
>> +	if (table->extra1)
>> +		min = *(unsigned char *) table->extra1;
>> +	if (table->extra2)
>> +		max = *(unsigned char *) table->extra2;
>>   
>>   	tmp = *table;
>>   
>> -- 
>> 2.25.1
>>
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ