From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Joe Perches <joe@perches.com>
Subject: [PATCH 4.19 43/52] sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
Date: Fri, 5 Mar 2021 13:22:14 +0100 [thread overview]
Message-ID: <20210305120855.762259636@linuxfoundation.org> (raw)
In-Reply-To: <20210305120853.659441428@linuxfoundation.org>
From: Joe Perches <joe@perches.com>
commit 2efc459d06f1630001e3984854848a5647086232 upstream.
Output defects can exist in sysfs content using sprintf and snprintf.
sprintf does not know the PAGE_SIZE maximum of the temporary buffer
used for outputting sysfs content and it's possible to overrun the
PAGE_SIZE buffer length.
Add a generic sysfs_emit function that knows that the size of the
temporary buffer and ensures that no overrun is done.
Add a generic sysfs_emit_at function that can be used in multiple
call situations that also ensures that no overrun is done.
Validate the output buffer argument to be page aligned.
Validate the offset len argument to be within the PAGE_SIZE buf.
Signed-off-by: Joe Perches <joe@perches.com>
Link: https://lore.kernel.org/r/884235202216d464d61ee975f7465332c86f76b2.1600285923.git.joe@perches.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
Documentation/filesystems/sysfs.txt | 8 +----
fs/sysfs/file.c | 55 ++++++++++++++++++++++++++++++++++++
include/linux/sysfs.h | 16 ++++++++++
3 files changed, 74 insertions(+), 5 deletions(-)
--- a/Documentation/filesystems/sysfs.txt
+++ b/Documentation/filesystems/sysfs.txt
@@ -211,12 +211,10 @@ Other notes:
is 4096.
- show() methods should return the number of bytes printed into the
- buffer. This is the return value of scnprintf().
+ buffer.
-- show() must not use snprintf() when formatting the value to be
- returned to user space. If you can guarantee that an overflow
- will never happen you can use sprintf() otherwise you must use
- scnprintf().
+- show() should only use sysfs_emit() or sysfs_emit_at() when formatting
+ the value to be returned to user space.
- store() should return the number of bytes used from the buffer. If the
entire buffer has been used, just return the count argument.
--- a/fs/sysfs/file.c
+++ b/fs/sysfs/file.c
@@ -15,6 +15,7 @@
#include <linux/list.h>
#include <linux/mutex.h>
#include <linux/seq_file.h>
+#include <linux/mm.h>
#include "sysfs.h"
#include "../kernfs/kernfs-internal.h"
@@ -556,3 +557,57 @@ void sysfs_remove_bin_file(struct kobjec
kernfs_remove_by_name(kobj->sd, attr->attr.name);
}
EXPORT_SYMBOL_GPL(sysfs_remove_bin_file);
+
+/**
+ * sysfs_emit - scnprintf equivalent, aware of PAGE_SIZE buffer.
+ * @buf: start of PAGE_SIZE buffer.
+ * @fmt: format
+ * @...: optional arguments to @format
+ *
+ *
+ * Returns number of characters written to @buf.
+ */
+int sysfs_emit(char *buf, const char *fmt, ...)
+{
+ va_list args;
+ int len;
+
+ if (WARN(!buf || offset_in_page(buf),
+ "invalid sysfs_emit: buf:%p\n", buf))
+ return 0;
+
+ va_start(args, fmt);
+ len = vscnprintf(buf, PAGE_SIZE, fmt, args);
+ va_end(args);
+
+ return len;
+}
+EXPORT_SYMBOL_GPL(sysfs_emit);
+
+/**
+ * sysfs_emit_at - scnprintf equivalent, aware of PAGE_SIZE buffer.
+ * @buf: start of PAGE_SIZE buffer.
+ * @at: offset in @buf to start write in bytes
+ * @at must be >= 0 && < PAGE_SIZE
+ * @fmt: format
+ * @...: optional arguments to @fmt
+ *
+ *
+ * Returns number of characters written starting at &@buf[@at].
+ */
+int sysfs_emit_at(char *buf, int at, const char *fmt, ...)
+{
+ va_list args;
+ int len;
+
+ if (WARN(!buf || offset_in_page(buf) || at < 0 || at >= PAGE_SIZE,
+ "invalid sysfs_emit_at: buf:%p at:%d\n", buf, at))
+ return 0;
+
+ va_start(args, fmt);
+ len = vscnprintf(buf + at, PAGE_SIZE - at, fmt, args);
+ va_end(args);
+
+ return len;
+}
+EXPORT_SYMBOL_GPL(sysfs_emit_at);
--- a/include/linux/sysfs.h
+++ b/include/linux/sysfs.h
@@ -299,6 +299,11 @@ static inline void sysfs_enable_ns(struc
return kernfs_enable_ns(kn);
}
+__printf(2, 3)
+int sysfs_emit(char *buf, const char *fmt, ...);
+__printf(3, 4)
+int sysfs_emit_at(char *buf, int at, const char *fmt, ...);
+
#else /* CONFIG_SYSFS */
static inline int sysfs_create_dir_ns(struct kobject *kobj, const void *ns)
@@ -505,6 +510,17 @@ static inline void sysfs_enable_ns(struc
{
}
+__printf(2, 3)
+static inline int sysfs_emit(char *buf, const char *fmt, ...)
+{
+ return 0;
+}
+
+__printf(3, 4)
+static inline int sysfs_emit_at(char *buf, int at, const char *fmt, ...)
+{
+ return 0;
+}
#endif /* CONFIG_SYSFS */
static inline int __must_check sysfs_create_file(struct kobject *kobj,
next prev parent reply other threads:[~2021-03-05 12:38 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-05 12:21 [PATCH 4.19 00/52] 4.19.179-rc1 review Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 01/52] net: usb: qmi_wwan: support ZTE P685M modem Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 02/52] hugetlb: fix update_and_free_page contig page struct assumption Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 03/52] drm/virtio: use kvmalloc for large allocations Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 04/52] virtio/s390: implement virtio-ccw revision 2 correctly Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 05/52] arm64 module: set plt* section addresses to 0x0 Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 06/52] arm64: Avoid redundant type conversions in xchg() and cmpxchg() Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 07/52] arm64: cmpxchg: Use "K" instead of "L" for ll/sc immediate constraint Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 08/52] arm64: Use correct ll/sc atomic constraints Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 09/52] MIPS: VDSO: Use CLANG_FLAGS instead of filtering out --target= Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 10/52] JFS: more checks for invalid superblock Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 11/52] udlfb: Fix memory leak in dlfb_usb_probe Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 12/52] media: mceusb: sanity check for prescaler value Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 13/52] xfs: Fix assert failure in xfs_setattr_size() Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 14/52] smackfs: restrict bytes count in smackfs write functions Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 15/52] net: fix up truesize of cloned skb in skb_prepare_for_shift() Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 16/52] mm/hugetlb.c: fix unnecessary address expansion of pmd sharing Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 17/52] net: bridge: use switchdev for port flags set through sysfs too Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 18/52] dt-bindings: net: btusb: DT fix s/interrupt-name/interrupt-names/ Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 19/52] rsi: Fix TX EAPOL packet handling against iwlwifi AP Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 20/52] rsi: Move card interrupt handling to RX thread Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 21/52] staging: fwserial: Fix error handling in fwserial_create Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 22/52] x86/reboot: Add Zotac ZBOX CI327 nano PCI reboot quirk Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 23/52] vt/consolemap: do font sum unsigned Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 24/52] wlcore: Fix command execute failure 19 for wl12xx Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 25/52] Bluetooth: hci_h5: Set HCI_QUIRK_SIMULTANEOUS_DISCOVERY for btrtl Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 26/52] pktgen: fix misuse of BUG_ON() in pktgen_thread_worker() Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 27/52] ath10k: fix wmi mgmt tx queue full due to race condition Greg Kroah-Hartman
2021-03-05 12:21 ` [PATCH 4.19 28/52] x86/build: Treat R_386_PLT32 relocation as R_386_PC32 Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 29/52] Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 30/52] staging: most: sound: add sanity check for function argument Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 31/52] crypto: tcrypt - avoid signed overflow in byte count Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 32/52] PCI: Add a REBAR size quirk for Sapphire RX 5600 XT Pulse Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 33/52] drm/amd/display: Guard against NULL pointer deref when get_i2c_info fails Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 34/52] media: uvcvideo: Allow entities with no pads Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 35/52] f2fs: handle unallocated section and zone on pinned/atgc Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 36/52] f2fs: fix to set/clear I_LINKABLE under i_lock Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 37/52] btrfs: fix error handling in commit_fs_roots Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 38/52] parisc: Bump 64-bit IRQ stack size to 64 KB Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 39/52] ASoC: Intel: bytcr_rt5640: Add quirk for the Estar Beauty HD MID 7316R tablet Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 40/52] ASoC: Intel: bytcr_rt5640: Add quirk for the Voyo Winpad A15 tablet Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 41/52] ASoC: Intel: bytcr_rt5640: Add quirk for the Acer One S1002 tablet Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 42/52] scsi: iscsi: Restrict sessions and handles to admin capabilities Greg Kroah-Hartman
2021-03-05 12:22 ` Greg Kroah-Hartman [this message]
2021-03-05 12:22 ` [PATCH 4.19 44/52] scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 45/52] scsi: iscsi: Verify lengths on passthrough PDUs Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 46/52] Xen/gnttab: handle p2m update errors on a per-slot basis Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 47/52] xen-netback: respect gnttab_map_refs()s return value Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 48/52] zsmalloc: account the number of compacted pages correctly Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 49/52] swap: fix swapfile read/write offset Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 50/52] media: v4l: ioctl: Fix memory leak in video_usercopy Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 51/52] ALSA: hda/realtek: Add quirk for Clevo NH55RZQ Greg Kroah-Hartman
2021-03-05 12:22 ` [PATCH 4.19 52/52] ALSA: hda/realtek: Apply dual codec quirks for MSI Godlike X570 board Greg Kroah-Hartman
2021-03-06 1:00 ` [PATCH 4.19 00/52] 4.19.179-rc1 review Samuel Zou
2021-03-06 10:10 ` Naresh Kamboju
2021-03-06 16:31 ` Guenter Roeck
2021-03-07 22:57 ` Pavel Machek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210305120855.762259636@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=joe@perches.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).