From: Marcin Slusarz <marcin.slusarz@gmail.com>
To: LKML <linux-kernel@vger.kernel.org>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Al Viro <viro@ZenIV.linux.org.uk>, Christoph Hellwig <hch@lst.de>
Subject: [PATCH 1/6] ERR_PTR: if errno value is known at compile time, make sure it's valid
Date: Sun, 18 May 2008 23:56:53 +0200 [thread overview]
Message-ID: <1211147818-16056-2-git-send-email-marcin.slusarz@gmail.com> (raw)
In-Reply-To: <20080513201813.GA5869@joi>
ERR_PTR is easy to call with wrong argument (positive errno),
and this error lead to catastrophic event - oops or kernel panic
(dereference of invalid pointer).
As most of error handling code paths are rarely tested, this kind of
bug can be hidden for years.
(Currently there are > 1400 calls of ERR_PTR with constant argument.)
Signed-off-by: Marcin Slusarz <marcin.slusarz@gmail.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
---
include/linux/err.h | 4 +++-
1 files changed, 3 insertions(+), 1 deletions(-)
diff --git a/include/linux/err.h b/include/linux/err.h
index ec87f31..7b5daa6 100644
--- a/include/linux/err.h
+++ b/include/linux/err.h
@@ -19,11 +19,13 @@
#define IS_ERR_VALUE(x) unlikely((x) >= (unsigned long)-MAX_ERRNO)
-static inline void *ERR_PTR(long error)
+static inline void *__ERR_PTR(long error)
{
return (void *) error;
}
+#define ERR_PTR(error) (BUILD_BUG_ON(__builtin_constant_p(error) && !IS_ERR_VALUE(error)), __ERR_PTR(error))
+
static inline long PTR_ERR(const void *ptr)
{
return (long) ptr;
--
1.5.4.5
next prev parent reply other threads:[~2008-05-18 21:59 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-11 20:12 [PATCH] let ERR_PTR BUILD_BUG_ON when we know its argument is not a valid errno Marcin Slusarz
2008-05-12 23:38 ` Andrew Morton
2008-05-13 20:18 ` Marcin Slusarz
2008-05-18 21:56 ` [PATCH 0/6] Sanity checks for ERR_PTR argument Marcin Slusarz
2008-05-18 21:56 ` Marcin Slusarz [this message]
2008-05-19 6:38 ` [PATCH 1/6] ERR_PTR: if errno value is known at compile time, make sure it's valid Alexey Dobriyan
2008-05-22 16:03 ` Marcin Slusarz
2008-05-18 22:01 ` [PATCH 2/6] ERR_PTR: add ERR_OR_0_PTR Marcin Slusarz
2008-05-18 23:04 ` Johannes Weiner
2008-05-19 5:55 ` Christoph Hellwig
2008-05-19 6:33 ` Al Viro
2008-05-18 22:01 ` [PATCH 3/6] vfs: open_exec cleanup Marcin Slusarz
2008-05-19 5:53 ` Christoph Hellwig
2008-05-22 15:57 ` Marcin Slusarz
2008-05-18 22:03 ` [PATCH 4/6] procfs: switch ERR_PTR to ERR_OR_0_PTR when "error" might be 0 Marcin Slusarz
2008-05-18 22:03 ` [PATCH 5/6] vfs: fix ERR_PTR abuse in generic_readlink Marcin Slusarz
2008-05-18 22:04 ` [PATCH 6/6] ERR_PTR: warn when ERR_PTR parameter is not errno value Marcin Slusarz
2008-05-18 23:13 ` Johannes Weiner
2008-05-19 6:43 ` Alexey Dobriyan
2008-05-19 12:11 ` Johannes Weiner
2008-05-22 16:08 ` Marcin Slusarz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1211147818-16056-2-git-send-email-marcin.slusarz@gmail.com \
--to=marcin.slusarz@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=hch@lst.de \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).