| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <172488365549.4433.203600496331198489@noble.neil.brown.name>
Date: Thu, 29 Aug 2024 08:20:55 +1000
From: "NeilBrown" <neilb@...e.de>
To: "Jeff Layton" <jlayton@...nel.org>
Cc: "Yan Zhen" <yanzhen@...o.com>, davem@...emloft.net, chuck.lever@...cle.com,
trondmy@...nel.org, anna@...nel.org, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, okorniev@...hat.com, Dai.Ngo@...cle.com, tom@...pey.com,
linux-nfs@...r.kernel.org, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, opensource.kernel@...o.com
Subject: Re: [PATCH v3] sunrpc: Fix error checking for d_hash_and_lookup()
On Wed, 28 Aug 2024, Jeff Layton wrote:
> On Wed, 2024-08-28 at 12:43 +0800, Yan Zhen wrote:
> > The d_hash_and_lookup() function returns either an error pointer or NULL.
> >
> > It might be more appropriate to check error using IS_ERR_OR_NULL().
> >
> > Fixes: 4b9a445e3eeb ("sunrpc: create a new dummy pipe for gssd to hold open")
> > Signed-off-by: Yan Zhen <yanzhen@...o.com>
> > ---
> >
> > Changes in v3:
> > - Rewrite the "fixes".
> > - Using ERR_CAST(gssd_dentry) instead of ERR_PTR(-ENOENT).
> >
> > net/sunrpc/rpc_pipe.c | 6 +++---
> > 1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/net/sunrpc/rpc_pipe.c b/net/sunrpc/rpc_pipe.c
> > index 910a5d850d04..13e905f34359 100644
> > --- a/net/sunrpc/rpc_pipe.c
> > +++ b/net/sunrpc/rpc_pipe.c
> > @@ -1306,8 +1306,8 @@ rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
> >
> > /* We should never get this far if "gssd" doesn't exist */
> > gssd_dentry = d_hash_and_lookup(root, &q);
> > - if (!gssd_dentry)
> > - return ERR_PTR(-ENOENT);
> > + if (IS_ERR_OR_NULL(gssd_dentry))
> > + return ERR_CAST(gssd_dentry);
>
> If you get back a NULL, then ERR_CAST will just make this return a NULL
> pointer.
>
> >
> > ret = rpc_populate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1, NULL);
> > if (ret) {
> > @@ -1318,7 +1318,7 @@ rpc_gssd_dummy_populate(struct dentry *root, struct rpc_pipe *pipe_data)
> > q.name = gssd_dummy_clnt_dir[0].name;
> > q.len = strlen(gssd_dummy_clnt_dir[0].name);
> > clnt_dentry = d_hash_and_lookup(gssd_dentry, &q);
> > - if (!clnt_dentry) {
> > + if (IS_ERR_OR_NULL(clnt_dentry)) {
> > __rpc_depopulate(gssd_dentry, gssd_dummy_clnt_dir, 0, 1);
> > pipe_dentry = ERR_PTR(-ENOENT);
> > goto out;
>
> ...you probably also want to make this return the error from
> d_hash_and_lookup as well when there is one.
I'd like to just throw in here that in this circumstance,
d_hash_and_lookup() will never return an error.
It only ever returns an error that it gets from ->d_hash, and ->d_hash is
specific to the filesystem, and the filesystem here is the rpc_pipe
virtual filesystem which doesn't define a ->d_hash.
So errors are impossible.
While I'm generally in favour of making code more robust and don't
object to the IS_ERR_OR_NULL conversion, I think we should be *very*
cautious not to introduce a bug where no bug currently exists.
I would rather the return values were no changed.
NeilBrown
Powered by blists - more mailing lists