From: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
To: Petr Mladek <pmladek@suse.com>
Cc: Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
Rasmus Villemoes <linux@rasmusvillemoes.dk>,
Linus Torvalds <torvalds@linux-foundation.org>,
"Tobin C . Harding" <me@tobin.cc>, Joe Perches <joe@perches.com>,
Andrew Morton <akpm@linux-foundation.org>,
Michal Hocko <mhocko@suse.cz>,
Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>,
Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v7 00/10] vsprintf: Prevent silent crashes and consolidate error handling
Date: Fri, 19 Apr 2019 10:51:12 +0900 [thread overview]
Message-ID: <20190419015112.GA18748@jagdpanzerIV> (raw)
In-Reply-To: <20190417115350.20479-1-pmladek@suse.com>
On (04/17/19 13:53), Petr Mladek wrote:
> Crash in vsprintf() might be silent when it happens under logbuf_lock
> in vprintk_emit(). This patch set prevents most of the crashes by probing
> the address. The check is done only by %s and some %p* specifiers that need
> to dereference the address.
>
> Only the first byte of the address is checked to keep it simple. It should
> be enough to catch most problems.
>
> The check is explicitly done in each function that does the dereference.
> It helps to avoid the questionable strchr() of affected specifiers. This
> change motivated me to do some preparation patches that consolidated
> the error handling and cleaned the code a bit.
The patch set looks OK to me.
I got confused by 'pC?' error string, but once you start looking
at it as a regex (? - zero or one occurrences) things look OK.
Regex in dmesg/serial output might be something very new to people,
stack traces, after all, is a rather common error reporting mechanism.
So the previous "WARN_ON() + exact unrecognized fmt[N] char" was not
totally awful or wrong (well, it was, before we introduced printk_safe()),
but I don't have strong objections against that new regex thing.
FWIW,
Reviewed-by: Sergey Senozhatsky <sergey.senozhatsky@gmail.com>
-ss
next prev parent reply other threads:[~2019-04-19 2:05 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-04-17 11:53 [PATCH v7 00/10] vsprintf: Prevent silent crashes and consolidate error handling Petr Mladek
2019-04-17 11:53 ` [PATCH v7 01/10] vsprintf: Shuffle restricted_pointer() Petr Mladek
2019-04-17 11:53 ` [PATCH v7 02/10] vsprintf: Consistent %pK handling for kptr_restrict == 0 Petr Mladek
2019-04-17 13:44 ` Steven Rostedt
2019-04-17 11:53 ` [PATCH v7 03/10] vsprintf: Do not check address of well-known strings Petr Mladek
2019-04-17 11:53 ` [PATCH v7 04/10] vsprintf: Factor out %p[iI] handler as ip_addr_string() Petr Mladek
2019-04-17 11:53 ` [PATCH v7 05/10] vsprintf: Factor out %pV handler as va_format() Petr Mladek
2019-04-17 11:53 ` [PATCH v7 06/10] vsprintf: Factor out %pO handler as kobject_string() Petr Mladek
2019-04-17 11:53 ` [PATCH v7 07/10] vsprintf: Consolidate handling of unknown pointer specifiers Petr Mladek
2019-04-18 14:34 ` Sergey Senozhatsky
2019-04-18 14:43 ` Sergey Senozhatsky
2019-04-18 14:50 ` Sergey Senozhatsky
2019-06-25 10:59 ` Geert Uytterhoeven
2019-06-26 10:46 ` Petr Mladek
2019-06-26 11:16 ` Geert Uytterhoeven
2019-04-17 11:53 ` [PATCH v7 08/10] vsprintf: Prevent crash when dereferencing invalid pointers Petr Mladek
2019-04-17 11:53 ` [PATCH v7 09/10] vsprintf: Avoid confusion between invalid address and value Petr Mladek
2019-04-17 11:53 ` [PATCH v7 10/10] vsprintf: Limit the length of inlined error messages Petr Mladek
2019-04-19 1:51 ` Sergey Senozhatsky [this message]
2019-04-24 13:53 ` [PATCH v7 00/10] vsprintf: Prevent silent crashes and consolidate error handling Petr Mladek
2019-04-26 13:02 ` Andy Shevchenko
2019-04-26 14:27 ` Petr Mladek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190419015112.GA18748@jagdpanzerIV \
--to=sergey.senozhatsky.work@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=andriy.shevchenko@linux.intel.com \
--cc=joe@perches.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@rasmusvillemoes.dk \
--cc=me@tobin.cc \
--cc=mhocko@suse.cz \
--cc=pmladek@suse.com \
--cc=rostedt@goodmis.org \
--cc=sergey.senozhatsky@gmail.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.