LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Petr Mladek <pmladek@suse.com>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	Andy Shevchenko <andriy.shevchenko@linux.intel.com>,
	Rasmus Villemoes <linux@rasmusvillemoes.dk>,
	"Tobin C . Harding" <me@tobin.cc>, Michal Hocko <mhocko@suse.cz>,
	Sergey Senozhatsky <sergey.senozhatsky@gmail.com>,
	Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>,
	linux-kernel@vger.kernel.org,
	Michael Ellerman <mpe@ellerman.id.au>,
	linuxppc-dev@lists.ozlabs.org, Russell Currey <ruscur@russell.cc>,
	Christophe Leroy <christophe.leroy@c-s.fr>,
	Stephen Rothwell <sfr@ozlabs.org>,
	Heiko Carstens <heiko.carstens@de.ibm.com>,
	linux-arch@vger.kernel.org, linux-s390@vger.kernel.org
Subject: Re: [PATCH] vsprintf: Do not break early boot with probing addresses
Date: Mon, 13 May 2019 14:24:24 +0200	[thread overview]
Message-ID: <20190513122424.ynaox4v77uhgmvn6@pathway.suse.cz> (raw)
In-Reply-To: <20190510124058.0d44b441@gandalf.local.home>

On Fri 2019-05-10 12:40:58, Steven Rostedt wrote:
> On Fri, 10 May 2019 18:32:58 +0200
> Martin Schwidefsky <schwidefsky@de.ibm.com> wrote:
> 
> > On Fri, 10 May 2019 12:24:01 -0400
> > Steven Rostedt <rostedt@goodmis.org> wrote:
> > 
> > > On Fri, 10 May 2019 10:42:13 +0200
> > > Petr Mladek <pmladek@suse.com> wrote:
> > >   
> > > >  static const char *check_pointer_msg(const void *ptr)
> > > >  {
> > > > -	char byte;
> > > > -
> > > >  	if (!ptr)
> > > >  		return "(null)";
> > > >  
> > > > -	if (probe_kernel_address(ptr, byte))
> > > > +	if ((unsigned long)ptr < PAGE_SIZE || IS_ERR_VALUE(ptr))
> > > >  		return "(efault)";
> > > >      
> > > 
> > > 
> > > 	< PAGE_SIZE ?
> > > 
> > > do you mean: < TASK_SIZE ?  
> > 
> > The check with < TASK_SIZE would break on s390. The 'ptr' is
> > in the kernel address space, *not* in the user address space.
> > Remember s390 has two separate address spaces for kernel/user
> > the check < TASK_SIZE only makes sense with a __user pointer.
> > 
> 
> So we allow this to read user addresses? Can't that cause a fault?

I did some quick check and did not found anywhere a user pointer
being dereferenced via vsprintf().

In each case, %s did the check (ptr < PAGE_SIZE) even before this
patchset. The other checks are in %p format modifiers that are
used to print various kernel structures.

Finally, it accesses the pointer directly. I am not completely sure
but I think that it would not work that easily with an address
from the user address space.

Best Regards,
Petr

  parent reply	other threads:[~2019-05-13 12:24 UTC|newest]

Thread overview: 38+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-05-09 12:19 Petr Mladek
2019-05-09 13:05 ` Andy Shevchenko
2019-05-09 13:13 ` Steven Rostedt
2019-05-09 14:06   ` Petr Mladek
2019-05-09 13:38 ` Michal Suchánek
2019-05-09 13:46   ` David Laight
2019-05-10 10:21     ` Michael Ellerman
2019-05-10  4:32 ` Sergey Senozhatsky
     [not found]   ` <CAHk-=wiP+hwSqEW0dM6AYNWUR7jXDkeueq69et6ahfUgV7hC3w@mail.gmail.com>
2019-05-10  5:07     ` Sergey Senozhatsky
2019-05-10  6:41       ` Michael Ellerman
2019-05-10  8:06       ` Petr Mladek
2019-05-10  8:16         ` Sergey Senozhatsky
2019-05-10  8:42           ` Petr Mladek
2019-05-10  8:51             ` Sergey Senozhatsky
2019-05-10 14:49             ` Petr Mladek
2019-05-10 16:24             ` Steven Rostedt
2019-05-10 16:32               ` Martin Schwidefsky
2019-05-10 16:40                 ` Steven Rostedt
2019-05-10 16:45                   ` Martin Schwidefsky
2019-05-13 12:24                   ` Petr Mladek [this message]
2019-05-10 16:41               ` Andy Shevchenko
2019-05-10 17:35               ` christophe leroy
2019-05-13  8:52                 ` David Laight
2019-05-13  9:13                   ` Andy Shevchenko
2019-05-13 12:42                     ` Petr Mladek
2019-05-13 14:15                       ` Steven Rostedt
2019-05-14  2:07                       ` Sergey Senozhatsky
2019-05-14  2:25                         ` Sergey Senozhatsky
2019-05-14  8:28                         ` David Laight
2019-05-14  9:02                           ` Geert Uytterhoeven
2019-05-14 18:37                             ` Steven Rostedt
2019-05-14 19:13                               ` Geert Uytterhoeven
2019-05-14 19:35                                 ` Steven Rostedt
2019-05-15  7:23                                   ` Geert Uytterhoeven
2019-05-15  7:53                                     ` Petr Mladek
2019-05-15  6:21                                 ` Sergey Senozhatsky
2019-05-15  7:35                               ` Petr Mladek
2019-05-15  9:00                                 ` David Laight

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190513122424.ynaox4v77uhgmvn6@pathway.suse.cz \
    --to=pmladek@suse.com \
    --cc=andriy.shevchenko@linux.intel.com \
    --cc=christophe.leroy@c-s.fr \
    --cc=heiko.carstens@de.ibm.com \
    --cc=linux-arch@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-s390@vger.kernel.org \
    --cc=linux@rasmusvillemoes.dk \
    --cc=linuxppc-dev@lists.ozlabs.org \
    --cc=me@tobin.cc \
    --cc=mhocko@suse.cz \
    --cc=mpe@ellerman.id.au \
    --cc=rostedt@goodmis.org \
    --cc=ruscur@russell.cc \
    --cc=schwidefsky@de.ibm.com \
    --cc=sergey.senozhatsky.work@gmail.com \
    --cc=sergey.senozhatsky@gmail.com \
    --cc=sfr@ozlabs.org \
    --cc=torvalds@linux-foundation.org \
    --subject='Re: [PATCH] vsprintf: Do not break early boot with probing addresses' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).