linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check.
       [not found] <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcas2p2.samsung.com>
@ 2018-08-16  9:34 ` Srikanth K H
  2018-08-16 12:32   ` Alexey Dobriyan
                     ` (3 more replies)
  0 siblings, 4 replies; 6+ messages in thread
From: Srikanth K H @ 2018-08-16  9:34 UTC (permalink / raw)
  To: mcgrof, keescook, adobriyan, linux-kernel, linux-fsdevel; +Cc: srikanth.h

If the make directory for "sys" interface fail's then its
dereferenced without even checking for its validity which
will lead to crash, hence added preventive code to check
for NULL and accordingly dereference.

Signed-off-by: Srikanth K H <srikanth.h@samsung.com>
---
 fs/proc/proc_sysctl.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c
index 89921a0..320884b 100644
--- a/fs/proc/proc_sysctl.c
+++ b/fs/proc/proc_sysctl.c
@@ -1692,6 +1692,8 @@ int __init proc_sys_init(void)
 	struct proc_dir_entry *proc_sys_root;
 
 	proc_sys_root = proc_mkdir("sys", NULL);
+	if (!proc_sys_root)
+		return -ENOMEM;
 	proc_sys_root->proc_iops = &proc_sys_dir_operations;
 	proc_sys_root->proc_fops = &proc_sys_dir_file_operations;
 	proc_sys_root->nlink = 0;
-- 
1.9.1


^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check.
  2018-08-16  9:34 ` [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check Srikanth K H
@ 2018-08-16 12:32   ` Alexey Dobriyan
  2018-08-16 13:17   ` Luis Chamberlain
                     ` (2 subsequent siblings)
  3 siblings, 0 replies; 6+ messages in thread
From: Alexey Dobriyan @ 2018-08-16 12:32 UTC (permalink / raw)
  To: Srikanth K H; +Cc: mcgrof, keescook, linux-kernel, linux-fsdevel

On Thu, Aug 16, 2018 at 03:04:13PM +0530, Srikanth K H wrote:
> If the make directory for "sys" interface fail's then its
> dereferenced without even checking for its validity which
> will lead to crash, hence added preventive code to check
> for NULL and accordingly dereference.

> --- a/fs/proc/proc_sysctl.c
> +++ b/fs/proc/proc_sysctl.c
> @@ -1692,6 +1692,8 @@ int __init proc_sys_init(void)
>  	struct proc_dir_entry *proc_sys_root;
>  
>  	proc_sys_root = proc_mkdir("sys", NULL);
> +	if (!proc_sys_root)
> +		return -ENOMEM;
>  	proc_sys_root->proc_iops = &proc_sys_dir_operations;
>  	proc_sys_root->proc_fops = &proc_sys_dir_file_operations;
>  	proc_sys_root->nlink = 0;

It is fine to crash because /proc is not modular.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check.
  2018-08-16  9:34 ` [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check Srikanth K H
  2018-08-16 12:32   ` Alexey Dobriyan
@ 2018-08-16 13:17   ` Luis Chamberlain
       [not found]   ` <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcms5p8>
       [not found]   ` <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcms5p1>
  3 siblings, 0 replies; 6+ messages in thread
From: Luis Chamberlain @ 2018-08-16 13:17 UTC (permalink / raw)
  To: Srikanth K H; +Cc: keescook, adobriyan, linux-kernel, linux-fsdevel

On Thu, Aug 16, 2018 at 03:04:13PM +0530, Srikanth K H wrote:
> If the make directory for "sys" interface fail's then its
> dereferenced without even checking for its validity which
> will lead to crash, hence added preventive code to check
> for NULL and accordingly dereference.
> 
> Signed-off-by: Srikanth K H <srikanth.h@samsung.com>

Thanks for the patch! Do you have a reproducer or is this theoretical?
This will affect if it should go to stable or not.

  Luis

^ permalink raw reply	[flat|nested] 6+ messages in thread

* RE: Re: [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check.
       [not found]   ` <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcms5p8>
@ 2018-08-17  3:21     ` Srikanth Korangala Hari
  2018-08-17  3:36       ` Al Viro
  0 siblings, 1 reply; 6+ messages in thread
From: Srikanth Korangala Hari @ 2018-08-17  3:21 UTC (permalink / raw)
  To: Luis Chamberlain
  Cc: keescook, adobriyan, linux-kernel, linux-fsdevel,
	Srikanth Korangala Hari

> Thanks for the patch! Do you have a reproducer or is this theoretical?
> This will affect if it should go to stable or not.

Dear Luis, this is theoretical as I observed in most of the call's to api - "proc_mkdir" the NULL check is being done. Hence I thought of adding one here.

Regards,
Srikanth

^ permalink raw reply	[flat|nested] 6+ messages in thread

* RE: Re: [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check.
       [not found]   ` <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcms5p1>
@ 2018-08-17  3:27     ` Srikanth Korangala Hari
  0 siblings, 0 replies; 6+ messages in thread
From: Srikanth Korangala Hari @ 2018-08-17  3:27 UTC (permalink / raw)
  To: Alexey Dobriyan
  Cc: mcgrof, keescook, linux-kernel, linux-fsdevel, Srikanth Korangala Hari

> It is fine to crash because /proc is not modular.

Dear Alexey, this was theoretical solution. If you feel this should crash instead if the call fail's then ignore the patch.

Regards,
Srikanth
 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Re: [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check.
  2018-08-17  3:21     ` Srikanth Korangala Hari
@ 2018-08-17  3:36       ` Al Viro
  0 siblings, 0 replies; 6+ messages in thread
From: Al Viro @ 2018-08-17  3:36 UTC (permalink / raw)
  To: Srikanth Korangala Hari
  Cc: Luis Chamberlain, keescook, adobriyan, linux-kernel, linux-fsdevel

On Fri, Aug 17, 2018 at 08:51:42AM +0530, Srikanth Korangala Hari wrote:
> > Thanks for the patch! Do you have a reproducer or is this theoretical?
> > This will affect if it should go to stable or not.
> 
> Dear Luis, this is theoretical as I observed in most of the call's to api - "proc_mkdir" the NULL check is being done. Hence I thought of adding one here.

Realistically, if you get allocation failures that early in the boot,
oops is the least of your problems - it won't get through mounting
the root or lauching init (or unpacking initramfs, etc.)

Sure, might as well check it there - nothing wrong with that, but do
keep in mind that
	* it's very certain to end up in panic() very shortly afterwards,
no matter what
	* the odds of exhausting memory (and that would be extremely
low-memory setup) precisely at that point (i.e. even getting to
proc_root_init()) are not high.

Might be interesting to try lower and lower mem=... values passed to the
kernel in attempt to step into this one; I wouldn't put large odds on
being able to hit precisely that place, but it would be educational anyway.

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2018-08-17  3:36 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcas2p2.samsung.com>
2018-08-16  9:34 ` [PATCH 1/1] Preventive patch in the proc file-system to handle NULL check Srikanth K H
2018-08-16 12:32   ` Alexey Dobriyan
2018-08-16 13:17   ` Luis Chamberlain
     [not found]   ` <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcms5p8>
2018-08-17  3:21     ` Srikanth Korangala Hari
2018-08-17  3:36       ` Al Viro
     [not found]   ` <CGME20180816093424epcas2p25ede075fec715ad31108360ddca9cce8@epcms5p1>
2018-08-17  3:27     ` Srikanth Korangala Hari

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).