From: Jann Horn <jannh@google.com>
To: David Howells <dhowells@redhat.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>,
raven@themaw.net, Miklos Szeredi <mszeredi@redhat.com>,
Christian Brauner <christian@brauner.io>,
Linux API <linux-api@vger.kernel.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
kernel list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 01/19] vfs: syscall: Add fsinfo() to query filesystem information [ver #16]
Date: Thu, 20 Feb 2020 15:54:25 +0100 [thread overview]
Message-ID: <CAG48ez00KA3tjeccDCeqmgHyppTLEr+UkrB=QaQ-FX-cTY3aCA@mail.gmail.com> (raw)
In-Reply-To: <584179.1582196636@warthog.procyon.org.uk>
On Thu, Feb 20, 2020 at 12:04 PM David Howells <dhowells@redhat.com> wrote:
> Jann Horn <jannh@google.com> wrote:
>
> > > +int fsinfo_string(const char *s, struct fsinfo_context *ctx)
> > ...
> > Please add a check here to ensure that "ret" actually fits into the
> > buffer (and use WARN_ON() if you think the check should never fire).
> > Otherwise I think this is too fragile.
>
> How about:
>
> int fsinfo_string(const char *s, struct fsinfo_context *ctx)
> {
> unsigned int len;
> char *p = ctx->buffer;
> int ret = 0;
> if (s) {
> len = strlen(s);
> if (len > ctx->buf_size - 1)
> len = ctx->buf_size;
> if (!ctx->want_size_only) {
> memcpy(p, s, len);
> p[len] = 0;
I think this is off-by-one? If len was too big, it is set to
ctx->buf_size, so in that case this effectively becomes
`ctx->buffer[ctx->buf_size] = 0`, which is one byte out of bounds,
right?
Maybe use something like `len = min_t(size_t, strlen(s), ctx->buf_size-1)` ?
Looks good apart from that, I think.
> }
> ret = len;
> }
> return ret;
> }
[...]
> > > + return ctx->usage;
> >
> > It is kind of weird that you have to return the ctx->usage everywhere
> > even though the caller already has ctx...
>
> At this point, it's only used and returned by fsinfo_attributes() and really
> is only for the use of the attribute getter function.
>
> I could, I suppose, return the amount of data in ctx->usage and then preset it
> for VSTRUCT-type objects. Unfortunately, I can't make the getter return void
> since it might have to return an error.
Yeah, then you'd be passing around the error separately from the
length... I don't know whether that'd make things better or worse.
[...]
> > > +struct fsinfo_attribute {
> > > + unsigned int attr_id; /* The ID of the attribute */
> > > + enum fsinfo_value_type type:8; /* The type of the attribute's value(s) */
> > > + unsigned int flags:8;
> > > + unsigned int size:16; /* - Value size (FSINFO_STRUCT) */
> > > + unsigned int element_size:16; /* - Element size (FSINFO_LIST) */
> > > + int (*get)(struct path *path, struct fsinfo_context *params);
> > > +};
> >
> > Why the bitfields? It doesn't look like that's going to help you much,
> > you'll just end up with 6 bytes of holes on x86-64:
>
> Expanding them to non-bitfields will require an extra 10 bytes, making the
> struct 8 bytes bigger with 4 bytes of padding. I can do that if you'd rather.
Wouldn't this still have the same total size?
struct fsinfo_attribute {
unsigned int attr_id; /* 0x0-0x3 */
enum fsinfo_value_type type; /* 0x4-0x7 */
u8 flags; /* 0x8-0x8 */
/* 1-byte hole */
u16 size; /* 0xa-0xb */
u16 element_size; /* 0xc-0xd */
/* 2-byte hole */
int (*get)(...); /* 0x10-0x18 */
};
But it's not like I really care about this detail all that much, feel
free to leave it as-is.
next prev parent reply other threads:[~2020-02-20 14:54 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-18 17:04 [PATCH 00/19] VFS: Filesystem information and notifications [ver #16] David Howells
2020-02-18 17:05 ` [PATCH 01/19] vfs: syscall: Add fsinfo() to query filesystem information " David Howells
2020-02-19 16:31 ` Darrick J. Wong
2020-02-19 20:07 ` Jann Horn
2020-02-20 10:34 ` David Howells
2020-02-20 15:48 ` Darrick J. Wong
2020-02-20 11:03 ` David Howells
2020-02-20 14:54 ` Jann Horn [this message]
2020-02-20 15:31 ` Darrick J. Wong
2020-02-18 17:05 ` [PATCH 02/19] fsinfo: Add syscalls to other arches " David Howells
2020-02-21 14:51 ` Christian Brauner
2020-02-21 18:10 ` Geert Uytterhoeven
2020-02-18 17:05 ` [PATCH 03/19] fsinfo: Provide a bitmap of supported features " David Howells
2020-02-19 16:37 ` Darrick J. Wong
2020-02-20 12:22 ` David Howells
2020-02-18 17:05 ` [PATCH 04/19] vfs: Add mount change counter " David Howells
2020-02-21 14:48 ` Christian Brauner
2020-02-18 17:05 ` [PATCH 05/19] vfs: Introduce a non-repeating system-unique superblock ID " David Howells
2020-02-19 16:53 ` Darrick J. Wong
2020-02-20 12:45 ` David Howells
2020-02-18 17:05 ` [PATCH 06/19] vfs: Allow fsinfo() to look up a mount object by " David Howells
2020-02-21 15:09 ` Christian Brauner
2020-02-18 17:05 ` [PATCH 07/19] vfs: Allow mount information to be queried by fsinfo() " David Howells
2020-02-18 17:05 ` [PATCH 08/19] vfs: fsinfo sample: Mount listing program " David Howells
2020-02-18 17:06 ` [PATCH 09/19] fsinfo: Allow the mount topology propogation flags to be retrieved " David Howells
2020-02-18 17:06 ` [PATCH 10/19] fsinfo: Add API documentation " David Howells
2020-02-18 17:06 ` [PATCH 11/19] afs: Support fsinfo() " David Howells
2020-02-19 21:01 ` Jann Horn
2020-02-20 12:58 ` David Howells
2020-02-20 14:58 ` Jann Horn
2020-02-21 13:26 ` David Howells
2020-02-18 17:06 ` [PATCH 12/19] security: Add hooks to rule on setting a superblock or mount watch " David Howells
2020-02-18 17:06 ` [PATCH 13/19] vfs: Add a mount-notification facility " David Howells
2020-02-19 22:40 ` Jann Horn
2020-02-19 22:55 ` Jann Horn
2020-02-21 12:24 ` David Howells
2020-02-21 15:49 ` Jann Horn
2020-02-21 17:06 ` David Howells
2020-02-21 17:36 ` seq_lock and lockdep_is_held() assertions Jann Horn
2020-02-21 18:02 ` John Stultz
2020-02-18 17:06 ` [PATCH 14/19] notifications: sample: Display mount tree change notifications [ver #16] David Howells
2020-02-18 17:06 ` [PATCH 15/19] vfs: Add superblock " David Howells
2020-02-19 23:08 ` Jann Horn
2020-02-21 14:23 ` David Howells
2020-02-21 15:44 ` Jann Horn
2020-02-21 16:33 ` David Howells
2020-02-21 16:41 ` Jann Horn
2020-02-21 17:11 ` David Howells
2020-02-18 17:06 ` [PATCH 16/19] fsinfo: Provide superblock notification counter " David Howells
2020-02-18 17:07 ` [PATCH 17/19] notifications: sample: Display superblock notifications " David Howells
2020-02-18 17:07 ` [PATCH 18/19] ext4: Add example fsinfo information " David Howells
2020-02-19 17:04 ` Darrick J. Wong
2020-02-20 0:53 ` kbuild test robot
2020-02-21 14:43 ` David Howells
2020-02-21 16:26 ` Darrick J. Wong
2020-02-18 17:07 ` [PATCH 19/19] nfs: Add example filesystem " David Howells
2020-02-20 2:13 ` kbuild test robot
2020-02-20 2:20 ` kbuild test robot
2020-02-18 18:12 ` David Howells
2020-02-19 10:23 ` [PATCH 00/19] VFS: Filesystem information and notifications " Stefan Metzmacher
2020-02-19 14:46 ` Christian Brauner
2020-02-19 15:50 ` Darrick J. Wong
2020-02-20 4:42 ` Ian Kent
2020-02-20 9:09 ` Christian Brauner
2020-02-20 11:30 ` Ian Kent
2020-02-19 16:16 ` David Howells
2020-02-21 12:57 ` David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAG48ez00KA3tjeccDCeqmgHyppTLEr+UkrB=QaQ-FX-cTY3aCA@mail.gmail.com' \
--to=jannh@google.com \
--cc=christian@brauner.io \
--cc=dhowells@redhat.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mszeredi@redhat.com \
--cc=raven@themaw.net \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).