Re: Antw: [EXT] Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

[Guo Zhi <qtxuning1999@sjtu.edu.cn>]

On 2021/10/11 23:29, Mike Christie wrote:
> On 10/11/21 1:35 AM, Ulrich Windl wrote:
>>>>> Joe Perches <joe@perches.com> schrieb am 09.10.2021 um 05:14 in Nachricht
>> <5daf69b365e23ceecee911c4d0f2f66a0b9ec95c.camel@perches.com>:
>>> On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
>>>> Pointers should be printed with %p or %px rather than
>>>> cast to (unsigned long long) and printed with %llu.
>>>> Change %llu to %p to print the pointer into sysfs.
>>> ][]
>>>> diff --git a/drivers/scsi/scsi_transport_iscsi.c
>>> b/drivers/scsi/scsi_transport_iscsi.c
>>> []
>>>> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct
>>> device_attribute *attr,
>>>>   
>>>>
>>>>   	if (!capable(CAP_SYS_ADMIN))
>>>>   		return -EACCES;
>>>> -	return sysfs_emit(buf, "%llu\n",
>>>> -		  (unsigned long long)iscsi_handle(priv->iscsi_transport));
>>>> +	return sysfs_emit(buf, "%p\n",
>>>> +		iscsi_ptr(priv->iscsi_transport));
>>> iscsi_transport is a pointer isn't it?
>>>
>>> so why not just
>>>
>>> 	return sysfs_emit(buf, "%p\n", priv->iscsi_transport);
>> Isn't the difference that %p outputs hex, while %u outputs decimal?
>>
> Yeah, I think this patch will break userspace, because it doesn't know it's
> a pointer. It could be doing:
>
> sscanf(str, "%llu", &val);
>
> The value is just later passed back to the kernel to look up a driver in
> iscsi_if_transport_lookup:
>
>          list_for_each_entry(priv, &iscsi_transports, list) {
>                  if (tt == priv->iscsi_transport) {
>
> so we could just replace priv->transport with an int and use an ida to assign
> the value.

Taking security into consideration, We should not print kernel pointer 
into sysfs.

However if this is a special pointer to lookup a driver,  It's really 
tricky for me to fix it,

as I don't have a scsi device to test my code.


Guo