* [PATCH] driver: of: Properly truncate command line if too long
@ 2021-03-16 19:38 Alexandre Ghiti
2021-04-03 12:09 ` Alex Ghiti
[not found] ` <CAHp75VfqztgEcs8wVD7k=F-cmXsVFN=_KTgcRq5+=HpjAJCZPQ@mail.gmail.com>
0 siblings, 2 replies; 5+ messages in thread
From: Alexandre Ghiti @ 2021-03-16 19:38 UTC (permalink / raw)
To: Rob Herring, Frank Rowand, Dmitry Vyukov, devicetree, linux-kernel
Cc: Alexandre Ghiti
In case the command line given by the user is too long, warn about it
and truncate it to the last full argument.
This is what efi already does in commit 80b1bfe1cb2f ("efi/libstub:
Don't parse overlong command lines").
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
---
drivers/of/fdt.c | 21 ++++++++++++++++++++-
1 file changed, 20 insertions(+), 1 deletion(-)
diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
index dcc1dd96911a..de4c6f9bac39 100644
--- a/drivers/of/fdt.c
+++ b/drivers/of/fdt.c
@@ -25,6 +25,7 @@
#include <linux/serial_core.h>
#include <linux/sysfs.h>
#include <linux/random.h>
+#include <linux/ctype.h>
#include <asm/setup.h> /* for COMMAND_LINE_SIZE */
#include <asm/page.h>
@@ -1050,9 +1051,27 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
/* Retrieve command line */
p = of_get_flat_dt_prop(node, "bootargs", &l);
- if (p != NULL && l > 0)
+ if (p != NULL && l > 0) {
strlcpy(data, p, min(l, COMMAND_LINE_SIZE));
+ /*
+ * If the given command line size is larger than
+ * COMMAND_LINE_SIZE, truncate it to the last complete
+ * parameter.
+ */
+ if (l > COMMAND_LINE_SIZE) {
+ char *cmd_p = (char *)data + COMMAND_LINE_SIZE - 1;
+
+ while (!isspace(*cmd_p))
+ cmd_p--;
+
+ *cmd_p = '\0';
+
+ pr_err("Command line is too long: truncated to %d bytes\n",
+ (int)(cmd_p - (char *)data + 1));
+ }
+ }
+
/*
* CONFIG_CMDLINE is meant to be a default in case nothing else
* managed to set the command line, unless CONFIG_CMDLINE_FORCE
--
2.20.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] driver: of: Properly truncate command line if too long
2021-03-16 19:38 [PATCH] driver: of: Properly truncate command line if too long Alexandre Ghiti
@ 2021-04-03 12:09 ` Alex Ghiti
2021-04-06 13:40 ` Rob Herring
[not found] ` <CAHp75VfqztgEcs8wVD7k=F-cmXsVFN=_KTgcRq5+=HpjAJCZPQ@mail.gmail.com>
1 sibling, 1 reply; 5+ messages in thread
From: Alex Ghiti @ 2021-04-03 12:09 UTC (permalink / raw)
To: Rob Herring, Frank Rowand, Dmitry Vyukov, devicetree, linux-kernel
Hi,
Le 3/16/21 à 3:38 PM, Alexandre Ghiti a écrit :
> In case the command line given by the user is too long, warn about it
> and truncate it to the last full argument.
>
> This is what efi already does in commit 80b1bfe1cb2f ("efi/libstub:
> Don't parse overlong command lines").
>
> Reported-by: Dmitry Vyukov <dvyukov@google.com>
> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
> ---
> drivers/of/fdt.c | 21 ++++++++++++++++++++-
> 1 file changed, 20 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index dcc1dd96911a..de4c6f9bac39 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -25,6 +25,7 @@
> #include <linux/serial_core.h>
> #include <linux/sysfs.h>
> #include <linux/random.h>
> +#include <linux/ctype.h>
>
> #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
> #include <asm/page.h>
> @@ -1050,9 +1051,27 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
>
> /* Retrieve command line */
> p = of_get_flat_dt_prop(node, "bootargs", &l);
> - if (p != NULL && l > 0)
> + if (p != NULL && l > 0) {
> strlcpy(data, p, min(l, COMMAND_LINE_SIZE));
>
> + /*
> + * If the given command line size is larger than
> + * COMMAND_LINE_SIZE, truncate it to the last complete
> + * parameter.
> + */
> + if (l > COMMAND_LINE_SIZE) {
> + char *cmd_p = (char *)data + COMMAND_LINE_SIZE - 1;
> +
> + while (!isspace(*cmd_p))
> + cmd_p--;
> +
> + *cmd_p = '\0';
> +
> + pr_err("Command line is too long: truncated to %d bytes\n",
> + (int)(cmd_p - (char *)data + 1));
> + }
> + }
> +
> /*
> * CONFIG_CMDLINE is meant to be a default in case nothing else
> * managed to set the command line, unless CONFIG_CMDLINE_FORCE
>
Any thought about that ?
Thanks,
Alex
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] driver: of: Properly truncate command line if too long
2021-04-03 12:09 ` Alex Ghiti
@ 2021-04-06 13:40 ` Rob Herring
2021-04-06 14:53 ` Alex Ghiti
0 siblings, 1 reply; 5+ messages in thread
From: Rob Herring @ 2021-04-06 13:40 UTC (permalink / raw)
To: Alex Ghiti; +Cc: Frank Rowand, Dmitry Vyukov, devicetree, linux-kernel
On Sat, Apr 3, 2021 at 7:09 AM Alex Ghiti <alex@ghiti.fr> wrote:
>
> Hi,
>
> Le 3/16/21 à 3:38 PM, Alexandre Ghiti a écrit :
> > In case the command line given by the user is too long, warn about it
> > and truncate it to the last full argument.
> >
> > This is what efi already does in commit 80b1bfe1cb2f ("efi/libstub:
> > Don't parse overlong command lines").
> >
> > Reported-by: Dmitry Vyukov <dvyukov@google.com>
> > Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
> > ---
> > drivers/of/fdt.c | 21 ++++++++++++++++++++-
> > 1 file changed, 20 insertions(+), 1 deletion(-)
> >
> > diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> > index dcc1dd96911a..de4c6f9bac39 100644
> > --- a/drivers/of/fdt.c
> > +++ b/drivers/of/fdt.c
> > @@ -25,6 +25,7 @@
> > #include <linux/serial_core.h>
> > #include <linux/sysfs.h>
> > #include <linux/random.h>
> > +#include <linux/ctype.h>
> >
> > #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
> > #include <asm/page.h>
> > @@ -1050,9 +1051,27 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
> >
> > /* Retrieve command line */
> > p = of_get_flat_dt_prop(node, "bootargs", &l);
> > - if (p != NULL && l > 0)
> > + if (p != NULL && l > 0) {
> > strlcpy(data, p, min(l, COMMAND_LINE_SIZE));
> >
> > + /*
> > + * If the given command line size is larger than
> > + * COMMAND_LINE_SIZE, truncate it to the last complete
> > + * parameter.
> > + */
> > + if (l > COMMAND_LINE_SIZE) {
> > + char *cmd_p = (char *)data + COMMAND_LINE_SIZE - 1;
> > +
> > + while (!isspace(*cmd_p))
> > + cmd_p--;
> > +
> > + *cmd_p = '\0';
> > +
> > + pr_err("Command line is too long: truncated to %d bytes\n",
> > + (int)(cmd_p - (char *)data + 1));
> > + }
> > + }
> > +
> > /*
> > * CONFIG_CMDLINE is meant to be a default in case nothing else
> > * managed to set the command line, unless CONFIG_CMDLINE_FORCE
> >
>
> Any thought about that ?
It looks fine to me, but this will need to be adapted to the generic
command line support[1][2] when that is merged. So I've been waiting
to see if that's going to happen this cycle.
Rob
[1] https://lore.kernel.org/lkml/cover.1616765869.git.christophe.leroy@csgroup.eu/
[2] https://lore.kernel.org/lkml/41021d66db2ab427c14255d2a24bb4517c8b58fd.1617126961.git.danielwa@cisco.com/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] driver: of: Properly truncate command line if too long
2021-04-06 13:40 ` Rob Herring
@ 2021-04-06 14:53 ` Alex Ghiti
0 siblings, 0 replies; 5+ messages in thread
From: Alex Ghiti @ 2021-04-06 14:53 UTC (permalink / raw)
To: Rob Herring; +Cc: Frank Rowand, Dmitry Vyukov, devicetree, linux-kernel
Le 4/6/21 à 9:40 AM, Rob Herring a écrit :
> On Sat, Apr 3, 2021 at 7:09 AM Alex Ghiti <alex@ghiti.fr> wrote:
>>
>> Hi,
>>
>> Le 3/16/21 à 3:38 PM, Alexandre Ghiti a écrit :
>>> In case the command line given by the user is too long, warn about it
>>> and truncate it to the last full argument.
>>>
>>> This is what efi already does in commit 80b1bfe1cb2f ("efi/libstub:
>>> Don't parse overlong command lines").
>>>
>>> Reported-by: Dmitry Vyukov <dvyukov@google.com>
>>> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr>
>>> ---
>>> drivers/of/fdt.c | 21 ++++++++++++++++++++-
>>> 1 file changed, 20 insertions(+), 1 deletion(-)
>>>
>>> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
>>> index dcc1dd96911a..de4c6f9bac39 100644
>>> --- a/drivers/of/fdt.c
>>> +++ b/drivers/of/fdt.c
>>> @@ -25,6 +25,7 @@
>>> #include <linux/serial_core.h>
>>> #include <linux/sysfs.h>
>>> #include <linux/random.h>
>>> +#include <linux/ctype.h>
>>>
>>> #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
>>> #include <asm/page.h>
>>> @@ -1050,9 +1051,27 @@ int __init early_init_dt_scan_chosen(unsigned long node, const char *uname,
>>>
>>> /* Retrieve command line */
>>> p = of_get_flat_dt_prop(node, "bootargs", &l);
>>> - if (p != NULL && l > 0)
>>> + if (p != NULL && l > 0) {
>>> strlcpy(data, p, min(l, COMMAND_LINE_SIZE));
>>>
>>> + /*
>>> + * If the given command line size is larger than
>>> + * COMMAND_LINE_SIZE, truncate it to the last complete
>>> + * parameter.
>>> + */
>>> + if (l > COMMAND_LINE_SIZE) {
>>> + char *cmd_p = (char *)data + COMMAND_LINE_SIZE - 1;
>>> +
>>> + while (!isspace(*cmd_p))
>>> + cmd_p--;
>>> +
>>> + *cmd_p = '\0';
>>> +
>>> + pr_err("Command line is too long: truncated to %d bytes\n",
>>> + (int)(cmd_p - (char *)data + 1));
>>> + }
>>> + }
>>> +
>>> /*
>>> * CONFIG_CMDLINE is meant to be a default in case nothing else
>>> * managed to set the command line, unless CONFIG_CMDLINE_FORCE
>>>
>>
>> Any thought about that ?
>
> It looks fine to me, but this will need to be adapted to the generic
> command line support[1][2] when that is merged. So I've been waiting
> to see if that's going to happen this cycle.
Ok I'll take a look then, thanks.
Alex
>
> Rob
>
> [1] https://lore.kernel.org/lkml/cover.1616765869.git.christophe.leroy@csgroup.eu/
> [2] https://lore.kernel.org/lkml/41021d66db2ab427c14255d2a24bb4517c8b58fd.1617126961.git.danielwa@cisco.com/
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] driver: of: Properly truncate command line if too long
[not found] ` <CAHp75VfqztgEcs8wVD7k=F-cmXsVFN=_KTgcRq5+=HpjAJCZPQ@mail.gmail.com>
@ 2021-04-07 6:35 ` Alex Ghiti
0 siblings, 0 replies; 5+ messages in thread
From: Alex Ghiti @ 2021-04-07 6:35 UTC (permalink / raw)
To: Andy Shevchenko
Cc: Rob Herring, Frank Rowand, Dmitry Vyukov, devicetree, linux-kernel
Hi Andy,
Le 4/6/21 à 6:56 PM, Andy Shevchenko a écrit :
>
>
> On Tuesday, March 16, 2021, Alexandre Ghiti <alex@ghiti.fr
> <mailto:alex@ghiti.fr>> wrote:
>
> In case the command line given by the user is too long, warn about it
> and truncate it to the last full argument.
>
> This is what efi already does in commit 80b1bfe1cb2f ("efi/libstub:
> Don't parse overlong command lines").
>
> Reported-by: Dmitry Vyukov <dvyukov@google.com
> <mailto:dvyukov@google.com>>
> Signed-off-by: Alexandre Ghiti <alex@ghiti.fr <mailto:alex@ghiti.fr>>
> ---
> drivers/of/fdt.c | 21 ++++++++++++++++++++-
> 1 file changed, 20 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
> index dcc1dd96911a..de4c6f9bac39 100644
> --- a/drivers/of/fdt.c
> +++ b/drivers/of/fdt.c
> @@ -25,6 +25,7 @@
> #include <linux/serial_core.h>
> #include <linux/sysfs.h>
> #include <linux/random.h>
> +#include <linux/ctype.h>
>
> #include <asm/setup.h> /* for COMMAND_LINE_SIZE */
> #include <asm/page.h>
> @@ -1050,9 +1051,27 @@ int __init early_init_dt_scan_chosen(unsigned
> long node, const char *uname,
>
> /* Retrieve command line */
> p = of_get_flat_dt_prop(node, "bootargs", &l);
> - if (p != NULL && l > 0)
> + if (p != NULL && l > 0) {
> strlcpy(data, p, min(l, COMMAND_LINE_SIZE));
>
> + /*
> + * If the given command line size is larger than
> + * COMMAND_LINE_SIZE, truncate it to the last complete
> + * parameter.
> + */
> + if (l > COMMAND_LINE_SIZE) {
> + char *cmd_p = (char *)data +
> COMMAND_LINE_SIZE - 1;
> +
> + while (!isspace(*cmd_p))
> + cmd_p--;
>
>
> Shouldn’t you check for cmd_p being always bigger than or equal to data?
Yes you're right.
>
> +
> + *cmd_p = '\0';
> +
> + pr_err("Command line is too long: truncated
> to %d bytes\n",
> + (int)(cmd_p - (char *)data + 1));
>
>
> Do you really need that casting?
No, I can use %td to print a pointer difference.
I'll send a v2.
Thanks,
Alex
>
> + }
> + }
> +
> /*
> * CONFIG_CMDLINE is meant to be a default in case nothing else
> * managed to set the command line, unless CONFIG_CMDLINE_FORCE
> --
> 2.20.1
>
>
>
> --
> With Best Regards,
> Andy Shevchenko
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-04-07 6:35 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-16 19:38 [PATCH] driver: of: Properly truncate command line if too long Alexandre Ghiti
2021-04-03 12:09 ` Alex Ghiti
2021-04-06 13:40 ` Rob Herring
2021-04-06 14:53 ` Alex Ghiti
[not found] ` <CAHp75VfqztgEcs8wVD7k=F-cmXsVFN=_KTgcRq5+=HpjAJCZPQ@mail.gmail.com>
2021-04-07 6:35 ` Alex Ghiti
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).