Re: [PATCH] selftests/x86/lam: Zero out buffer for readlink()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Binbin Wu <binbin.wu@linux.intel.com>
To: kirill.shutemov@linux.intel.com
Cc: dave.hansen@linux.intel.com, luto@kernel.org,
	peterz@infradead.org, shuah@kernel.org,
	linux-kselftest@vger.kernel.org, x86@kernel.org,
	linux-kernel@vger.kernel.org, weihong.zhang@intel.com
Subject: Re: [PATCH] selftests/x86/lam: Zero out buffer for readlink()
Date: Tue, 10 Oct 2023 16:20:03 +0800	[thread overview]
Message-ID: <a6bb7412-0398-97b2-d20e-33bbff260b5a@linux.intel.com> (raw)
In-Reply-To: <20231010054631.kud3zvv57je2buad@box.shutemov.name>



On 10/10/2023 1:46 PM, kirill.shutemov@linux.intel.com wrote:
> On Tue, Oct 10, 2023 at 11:51:32AM +0800, Binbin Wu wrote:
>>
>> On 9/27/2023 7:02 PM, kirill.shutemov@linux.intel.com wrote:
>>> On Sun, Sep 24, 2023 at 07:33:46AM +0800, Binbin Wu wrote:
>>>> Zero out the buffer for readlink() since readlink() does not append a
>>>> terminating null byte to the buffer.
>>>>
>>>> Fixes: 833c12ce0f430 ("selftests/x86/lam: Add inherit test cases for linear-address masking")
>>>>
>>>> Signed-off-by: Binbin Wu <binbin.wu@linux.intel.com>
>>>> ---
>>>>    tools/testing/selftests/x86/lam.c | 2 +-
>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git a/tools/testing/selftests/x86/lam.c b/tools/testing/selftests/x86/lam.c
>>>> index eb0e46905bf9..9f06942a8e25 100644
>>>> --- a/tools/testing/selftests/x86/lam.c
>>>> +++ b/tools/testing/selftests/x86/lam.c
>>>> @@ -680,7 +680,7 @@ static int handle_execve(struct testcases *test)
>>>>    		perror("Fork failed.");
>>>>    		ret = 1;
>>>>    	} else if (pid == 0) {
>>>> -		char path[PATH_MAX];
>>>> +		char path[PATH_MAX] = {0};
>>> Shouldn't it be PATH_MAX+1 to handle the case when readlink(2) stores
>>> exactly PATH_MAX bytes into the buffer?
>> According to the definition of PATH_MAX in include/uapi/linux/limits.h
>> #define PATH_MAX        4096    /* # chars in a path name including nul */
>>
>> IIUC, Linux limits the path length to 4095 and PATH_MAX includes the
>> terminating nul.
> Consider the case when kernel bump PATH_MAX to 8192. The binary that
> compiled from lam.c against the older kernel headers will get compromised.
>
> Increase the size of the buffer by one or pass PATH_MAX - 1 as buffer size
> to readlink(2).

Make sense, thanks!
I will send a new version as following:

diff --git a/tools/testing/selftests/x86/lam.c 
b/tools/testing/selftests/x86/lam.c
index eb0e46905bf9..8f9b06d9ce03 100644
--- a/tools/testing/selftests/x86/lam.c
+++ b/tools/testing/selftests/x86/lam.c
@@ -573,7 +573,7 @@ int do_uring(unsigned long lam)
         char path[PATH_MAX] = {0};

         /* get current process path */
-       if (readlink("/proc/self/exe", path, PATH_MAX) <= 0)
+       if (readlink("/proc/self/exe", path, PATH_MAX - 1) <= 0)
                 return 1;

         int file_fd = open(path, O_RDONLY);
@@ -680,14 +680,14 @@ static int handle_execve(struct testcases *test)
                 perror("Fork failed.");
                 ret = 1;
         } else if (pid == 0) {
-               char path[PATH_MAX];
+               char path[PATH_MAX] = {0};

                 /* Set LAM mode in parent process */
                 if (set_lam(lam) != 0)
                         return 1;

                 /* Get current binary's path and the binary was run by 
execve */
-               if (readlink("/proc/self/exe", path, PATH_MAX) <= 0)
+               if (readlink("/proc/self/exe", path, PATH_MAX - 1) <= 0)
                         exit(-1);

                 /* run binary to get LAM mode and return to parent 
process */


>

     prev parent reply	other threads:[~2023-10-10  8:21 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-09-23 23:33 [PATCH] selftests/x86/lam: Zero out buffer for readlink() Binbin Wu
2023-09-27 11:02 ` kirill.shutemov
2023-10-10  3:51   ` Binbin Wu
2023-10-10  5:46     ` kirill.shutemov
2023-10-10  8:20       ` Binbin Wu [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:eb0e46905bf dfblob:8f9b06d9ce0 )
 OR (
bs:"Re: [PATCH] selftests/x86/lam: Zero out buffer for readlink()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a6bb7412-0398-97b2-d20e-33bbff260b5a@linux.intel.com \
    --to=binbin.wu@linux.intel.com \
    --cc=dave.hansen@linux.intel.com \
    --cc=kirill.shutemov@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=luto@kernel.org \
    --cc=peterz@infradead.org \
    --cc=shuah@kernel.org \
    --cc=weihong.zhang@intel.com \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.