From: Petr Mladek <pmladek@suse.com>
To: John Ogness <john.ogness@linutronix.de>
Cc: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Marek Szyprowski <m.szyprowski@samsung.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH next 1/2] printk: avoid and/or handle record truncation
Date: Tue, 29 Sep 2020 13:51:07 +0200 [thread overview]
Message-ID: <20200929115107.GO6442@alley> (raw)
In-Reply-To: <20200926015526.8921-2-john.ogness@linutronix.de>
On Sat 2020-09-26 04:01:25, John Ogness wrote:
> If a reader provides a buffer that is smaller than the message text,
> the @text_len field of @info will have a value larger than the buffer
> size. If readers blindly read @text_len bytes of data without
> checking the size, they will read beyond their buffer.
Great catch!
> Add this check to record_print_text() to properly recognize when such
> truncation needs to occur.
>
> Add a maximum size argument to the ringbuffer function to extend
> records so that records can not be created that are larger than the
> buffer size of readers.
>
> When extending records (LOG_CONT), do not extend records beyond
> LOG_LINE_MAX since that is the maximum size available in the buffers
> used by consoles and syslog.
>
> Fixes: f5f022e53b87 ("printk: reimplement log_cont using record extension")
> Signed-off-by: John Ogness <john.ogness@linutronix.de>
> Reported-by: Marek Szyprowski <m.szyprowski@samsung.com>
> ---
> kernel/printk/printk.c | 7 ++++++-
> kernel/printk/printk_ringbuffer.c | 12 ++++++++++--
> kernel/printk/printk_ringbuffer.h | 2 +-
> 3 files changed, 17 insertions(+), 4 deletions(-)
>
> diff --git a/kernel/printk/printk.c b/kernel/printk/printk.c
> index 78f68b4830dc..270f19b60e6f 100644
> --- a/kernel/printk/printk.c
> +++ b/kernel/printk/printk.c
> @@ -1357,6 +1357,11 @@ static size_t record_print_text(struct printk_record *r, bool syslog,
> size_t len = 0;
> char *next;
>
> + if (text_len > buf_size) {
> + text_len = buf_size;
> + truncated = true;
@truncate must not be set here. Otherwise, the prefix would not be
added when there no '\n' in the entire string. It would call:
/* Drop truncated line(s). */
if (truncated)
break;
before copying the prefix.
It is enough to remove the line. It will be set in the very first
cycle anyway. We need to add one prefix at all. It would require to
truncate even more bytes.
Otherwise, the patch looks good to me.
Best Regards,
Petr
next prev parent reply other threads:[~2020-09-29 11:51 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-26 1:55 [PATCH next 0/2] printk: fix reading beyond buffer John Ogness
2020-09-26 1:55 ` [PATCH next 1/2] printk: avoid and/or handle record truncation John Ogness
2020-09-28 6:23 ` Marek Szyprowski
2020-09-29 11:51 ` Petr Mladek [this message]
2020-09-29 13:04 ` Sergey Senozhatsky
2020-09-26 1:55 ` [PATCH next 2/2] printk: reduce setup_text_buf size to LOG_LINE_MAX John Ogness
2020-09-29 11:55 ` Petr Mladek
2020-09-26 3:28 ` [PATCH next 0/2] printk: fix reading beyond buffer Joe Perches
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200929115107.GO6442@alley \
--to=pmladek@suse.com \
--cc=gregkh@linuxfoundation.org \
--cc=john.ogness@linutronix.de \
--cc=linux-kernel@vger.kernel.org \
--cc=m.szyprowski@samsung.com \
--cc=rostedt@goodmis.org \
--cc=sergey.senozhatsky.work@gmail.com \
--cc=sergey.senozhatsky@gmail.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.