linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH] rcutorture: avoid format string leak to thead name
@ 2014-05-22 18:51 Kees Cook
  2014-05-22 19:56 ` Paul E. McKenney
  2014-05-22 21:15 ` Josh Triplett
  0 siblings, 2 replies; 3+ messages in thread
From: Kees Cook @ 2014-05-22 18:51 UTC (permalink / raw)
  To: linux-kernel; +Cc: Paul E. McKenney, Josh Triplett

Since the rcutorture thread creation interface does not include format
string arguments, make sure the name can never be accidentally processed
as a format string.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 kernel/torture.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/torture.c b/kernel/torture.c
index acc9afc2f26e..9dad2ffaf995 100644
--- a/kernel/torture.c
+++ b/kernel/torture.c
@@ -694,7 +694,7 @@ int _torture_create_kthread(int (*fn)(void *arg), void *arg, char *s, char *m,
 	int ret = 0;
 
 	VERBOSE_TOROUT_STRING(m);
-	*tp = kthread_run(fn, arg, s);
+	*tp = kthread_run(fn, arg, "%s", s);
 	if (IS_ERR(*tp)) {
 		ret = PTR_ERR(*tp);
 		VERBOSE_TOROUT_ERRSTRING(f);
-- 
1.7.9.5


-- 
Kees Cook
Chrome OS Security

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] rcutorture: avoid format string leak to thead name
  2014-05-22 18:51 [PATCH] rcutorture: avoid format string leak to thead name Kees Cook
@ 2014-05-22 19:56 ` Paul E. McKenney
  2014-05-22 21:15 ` Josh Triplett
  1 sibling, 0 replies; 3+ messages in thread
From: Paul E. McKenney @ 2014-05-22 19:56 UTC (permalink / raw)
  To: Kees Cook; +Cc: linux-kernel, Josh Triplett

On Thu, May 22, 2014 at 11:51:04AM -0700, Kees Cook wrote:
> Since the rcutorture thread creation interface does not include format
> string arguments, make sure the name can never be accidentally processed
> as a format string.
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>

Queued for 3.17, thank you, Kees!

							Thanx, Paul

> ---
>  kernel/torture.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/torture.c b/kernel/torture.c
> index acc9afc2f26e..9dad2ffaf995 100644
> --- a/kernel/torture.c
> +++ b/kernel/torture.c
> @@ -694,7 +694,7 @@ int _torture_create_kthread(int (*fn)(void *arg), void *arg, char *s, char *m,
>  	int ret = 0;
> 
>  	VERBOSE_TOROUT_STRING(m);
> -	*tp = kthread_run(fn, arg, s);
> +	*tp = kthread_run(fn, arg, "%s", s);
>  	if (IS_ERR(*tp)) {
>  		ret = PTR_ERR(*tp);
>  		VERBOSE_TOROUT_ERRSTRING(f);
> -- 
> 1.7.9.5
> 
> 
> -- 
> Kees Cook
> Chrome OS Security
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] rcutorture: avoid format string leak to thead name
  2014-05-22 18:51 [PATCH] rcutorture: avoid format string leak to thead name Kees Cook
  2014-05-22 19:56 ` Paul E. McKenney
@ 2014-05-22 21:15 ` Josh Triplett
  1 sibling, 0 replies; 3+ messages in thread
From: Josh Triplett @ 2014-05-22 21:15 UTC (permalink / raw)
  To: Kees Cook; +Cc: linux-kernel, Paul E. McKenney

On Thu, May 22, 2014 at 11:51:04AM -0700, Kees Cook wrote:
> Since the rcutorture thread creation interface does not include format
> string arguments, make sure the name can never be accidentally processed
> as a format string.
> 
> Signed-off-by: Kees Cook <keescook@chromium.org>

Reviewed-by: Josh Triplett <josh@joshtriplett.org>

>  kernel/torture.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/torture.c b/kernel/torture.c
> index acc9afc2f26e..9dad2ffaf995 100644
> --- a/kernel/torture.c
> +++ b/kernel/torture.c
> @@ -694,7 +694,7 @@ int _torture_create_kthread(int (*fn)(void *arg), void *arg, char *s, char *m,
>  	int ret = 0;
>  
>  	VERBOSE_TOROUT_STRING(m);
> -	*tp = kthread_run(fn, arg, s);
> +	*tp = kthread_run(fn, arg, "%s", s);
>  	if (IS_ERR(*tp)) {
>  		ret = PTR_ERR(*tp);
>  		VERBOSE_TOROUT_ERRSTRING(f);
> -- 
> 1.7.9.5
> 
> 
> -- 
> Kees Cook
> Chrome OS Security

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-05-22 21:15 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-05-22 18:51 [PATCH] rcutorture: avoid format string leak to thead name Kees Cook
2014-05-22 19:56 ` Paul E. McKenney
2014-05-22 21:15 ` Josh Triplett

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).