From: Beau Belgrave <beaub@linux.microsoft.com>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: mhiramat@kernel.org, linux-trace-devel@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v5 12/12] user_events: Validate user payloads for size and null termination
Date: Thu, 18 Nov 2021 11:45:26 -0800 [thread overview]
Message-ID: <20211118194514.GA1895@kbox> (raw)
In-Reply-To: <20211117205220.6d49f5b9@gandalf.local.home>
On Wed, Nov 17, 2021 at 08:52:20PM -0500, Steven Rostedt wrote:
> On Tue, 16 Nov 2021 13:11:50 -0800
> Beau Belgrave <beaub@linux.microsoft.com> wrote:
>
> > On Mon, Nov 15, 2021 at 04:50:47PM -0800, Beau Belgrave wrote:
> > > +static int user_event_validate(struct user_event *user, void *data, int len)
> > > +{
> > > + struct list_head *head = &user->validators;
> > > + struct user_event_validator *validator;
> > > + void *pos, *end = data + len;
> > > + u16 *val, offset, size;
> > > +
> > > + list_for_each_entry(validator, head, link) {
> > > + pos = data + validator->offset;
> > > + val = pos;
> > > +
> > > + /* Already done min_size check, no bounds check here */
> > > + offset = *val++;
> > > + size = *val++;
> >
> > I believe I have these backwards, size should come first for both dyn
> > and rel data. Is this correct?
>
> it's size << 16 | offset;
>
>
> >
> > > diff --git a/tools/testing/selftests/user_events/ftrace_test.c b/tools/testing/selftests/user_events/ftrace_test.c
> > > index 9d53717139e6..bea694e9df8c 100644
> > > --- a/tools/testing/selftests/user_events/ftrace_test.c
> > > +++ b/tools/testing/selftests/user_events/ftrace_test.c
> > > @@ -21,6 +21,11 @@ const char *status_file = "/sys/kernel/debug/tracing/user_events_status";
> > > const char *enable_file = "/sys/kernel/debug/tracing/events/user_events/__test_event/enable";
> > > const char *trace_file = "/sys/kernel/debug/tracing/trace";
> > >
> > > +struct rel_loc {
> > > + __u16 offset;
> > > + __u16 size;
> > > +} __packed;
> > > +
> >
> > Same here.
>
> I would not use pointer arithmetic or the above structure, as I'm not sure
> they work the same for both big and little endian. It's best to just use
> u32 and '|' (or) the two unsigned shorts into one integer.
>
> -- Steve
Got it, totally makes sense now, thank you!
-Beau
prev parent reply other threads:[~2021-11-18 19:45 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-16 0:50 [PATCH v5 00/12] user_events: Enable user processes to create and write to trace events Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 01/12] user_events: Add UABI header for user access to user_events Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 02/12] user_events: Add minimal support for trace_event into ftrace Beau Belgrave
2021-11-18 2:50 ` Steven Rostedt
2021-11-18 20:01 ` Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 03/12] user_events: Add print_fmt generation support for basic types Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 04/12] user_events: Handle matching arguments from dyn_events Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 05/12] user_events: Add basic perf and eBPF support Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 06/12] user_events: Add self-test for ftrace integration Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 07/12] user_events: Add self-test for dynamic_events integration Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 08/12] user_events: Add self-test for perf_event integration Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 09/12] user_events: Optimize writing events by only copying data once Beau Belgrave
2021-11-27 15:09 ` kernel test robot
2021-11-27 15:09 ` kernel test robot
2021-11-16 0:50 ` [PATCH v5 10/12] user_events: Add documentation file Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 11/12] user_events: Add sample code for typical usage Beau Belgrave
2021-11-16 0:50 ` [PATCH v5 12/12] user_events: Validate user payloads for size and null termination Beau Belgrave
2021-11-16 21:11 ` Beau Belgrave
2021-11-18 1:52 ` Steven Rostedt
2021-11-18 19:45 ` Beau Belgrave [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211118194514.GA1895@kbox \
--to=beaub@linux.microsoft.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-trace-devel@vger.kernel.org \
--cc=mhiramat@kernel.org \
--cc=rostedt@goodmis.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.