[PATCH v2] kobject: return -ENOSPC when add_uevent_var() fails

[PATCH v2] kobject: return -ENOSPC when add_uevent_var() fails

[Masahiro Yamada]

This function never attempts to allocate memory, so returning -ENOMEM
looks weird to me. The reason of the failure is there is no more space
in the given kobj_uevent_env structure.

Let's change the error code to -ENOSPC.

This patch is safe since this function had never failed in reality.

The callers of this function put a fixed number of small strings into
the buffer.

The buffer is defined to be large enough:

  #define UEVENT_NUM_ENVP                 32      /* number of env pointers */
  #define UEVENT_BUFFER_SIZE              2048    /* buffer for the variables */

As you see WARN() in the error paths, any failure of this function is
a software bug.

If such a case had ever happened before, you would have already seen
a noisy back-trace, then you would have increased UEVENT_NUM_ENVP or
UEVENT_BUFFER_SIZE.

Nobody has ever increased UEVENT_NUM_ENVP or UEVENT_BUFFER_SIZE since
their addition, that is, this structure is always large enough.

Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
---

Changes in v2:
  - Rephrase the commit log. No code change.

 lib/kobject_uevent.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/kobject_uevent.c b/lib/kobject_uevent.c
index 7998affa45d4..5ffd44bf4aad 100644
--- a/lib/kobject_uevent.c
+++ b/lib/kobject_uevent.c
@@ -647,7 +647,7 @@ EXPORT_SYMBOL_GPL(kobject_uevent);
  * @env: environment buffer structure
  * @format: printf format for the key=value pair
  *
- * Returns 0 if environment variable was added successfully or -ENOMEM
+ * Returns 0 if environment variable was added successfully or -ENOSPC
  * if no space was available.
  */
 int add_uevent_var(struct kobj_uevent_env *env, const char *format, ...)
@@ -657,7 +657,7 @@ int add_uevent_var(struct kobj_uevent_env *env, const char *format, ...)
 
 	if (env->envp_idx >= ARRAY_SIZE(env->envp)) {
 		WARN(1, KERN_ERR "add_uevent_var: too many keys\n");
-		return -ENOMEM;
+		return -ENOSPC;
 	}
 
 	va_start(args, format);
@@ -668,7 +668,7 @@ int add_uevent_var(struct kobj_uevent_env *env, const char *format, ...)
 
 	if (len >= (sizeof(env->buf) - env->buflen)) {
 		WARN(1, KERN_ERR "add_uevent_var: buffer size too small\n");
-		return -ENOMEM;
+		return -ENOSPC;
 	}
 
 	env->envp[env->envp_idx++] = &env->buf[env->buflen];
-- 
2.17.1

Re: [PATCH v2] kobject: return -ENOSPC when add_uevent_var() fails

[Greg Kroah-Hartman]

On Tue, Jun 11, 2019 at 06:09:24AM +0900, Masahiro Yamada wrote:
> This function never attempts to allocate memory, so returning -ENOMEM
> looks weird to me. The reason of the failure is there is no more space
> in the given kobj_uevent_env structure.
> 
> Let's change the error code to -ENOSPC.
> 
> This patch is safe since this function had never failed in reality.
> 
> The callers of this function put a fixed number of small strings into
> the buffer.
> 
> The buffer is defined to be large enough:
> 
>   #define UEVENT_NUM_ENVP                 32      /* number of env pointers */
>   #define UEVENT_BUFFER_SIZE              2048    /* buffer for the variables */
> 
> As you see WARN() in the error paths, any failure of this function is
> a software bug.
> 
> If such a case had ever happened before, you would have already seen
> a noisy back-trace, then you would have increased UEVENT_NUM_ENVP or
> UEVENT_BUFFER_SIZE.
> 
> Nobody has ever increased UEVENT_NUM_ENVP or UEVENT_BUFFER_SIZE since
> their addition, that is, this structure is always large enough.

That implies that we should just drop the WARN() entirely.  Especially
given that syzbot runs panic-on-warn, right?

How about doing both things at the same time?

thanks,

greg k-h