2021-10-09 03:05:15

by Guo Zhi

[permalink] [raw]
Subject: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

Pointers should be printed with %p or %px rather than
cast to (unsigned long long) and printed with %llu.
Change %llu to %p to print the pointer into sysfs.

Signed-off-by: Guo Zhi <[email protected]>
---
drivers/scsi/scsi_transport_iscsi.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c
index 922e4c7bd88e..7d6a570ebf48 100644
--- a/drivers/scsi/scsi_transport_iscsi.c
+++ b/drivers/scsi/scsi_transport_iscsi.c
@@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct device_attribute *attr,

if (!capable(CAP_SYS_ADMIN))
return -EACCES;
- return sysfs_emit(buf, "%llu\n",
- (unsigned long long)iscsi_handle(priv->iscsi_transport));
+ return sysfs_emit(buf, "%p\n",
+ iscsi_ptr(priv->iscsi_transport));
}
static DEVICE_ATTR(handle, S_IRUGO, show_transport_handle, NULL);

--
2.33.0


2021-10-09 03:16:28

by Joe Perches

[permalink] [raw]
Subject: Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
> Pointers should be printed with %p or %px rather than
> cast to (unsigned long long) and printed with %llu.
> Change %llu to %p to print the pointer into sysfs.
][]
> diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c
[]
> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct device_attribute *attr,
> ?
>
> ? if (!capable(CAP_SYS_ADMIN))
> ? return -EACCES;
> - return sysfs_emit(buf, "%llu\n",
> - (unsigned long long)iscsi_handle(priv->iscsi_transport));
> + return sysfs_emit(buf, "%p\n",
> + iscsi_ptr(priv->iscsi_transport));

iscsi_transport is a pointer isn't it?

so why not just

return sysfs_emit(buf, "%p\n", priv->iscsi_transport);

?

2021-10-09 04:36:26

by Guo Zhi

[permalink] [raw]
Subject: Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

I will send a V2 patch.

----- 原始邮件 -----
发件人: "Joe Perches" <[email protected]>
收件人: "Guo Zhi" <[email protected]>, "Lee Duncan" <[email protected]>, "Chris Leech" <[email protected]>, "James E.J. Bottomley" <[email protected]>, "Martin K. Petersen" <[email protected]>
抄送: [email protected], [email protected], "linux-kernel" <[email protected]>
发送时间: 星期六, 2021年 10 月 09日 上午 11:14:36
主题: Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
> Pointers should be printed with %p or %px rather than
> cast to (unsigned long long) and printed with %llu.
> Change %llu to %p to print the pointer into sysfs.
][]
> diff --git a/drivers/scsi/scsi_transport_iscsi.c b/drivers/scsi/scsi_transport_iscsi.c
[]
> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct device_attribute *attr,
>  
>
>   if (!capable(CAP_SYS_ADMIN))
>   return -EACCES;
> - return sysfs_emit(buf, "%llu\n",
> - (unsigned long long)iscsi_handle(priv->iscsi_transport));
> + return sysfs_emit(buf, "%p\n",
> + iscsi_ptr(priv->iscsi_transport));

iscsi_transport is a pointer isn't it?

so why not just

return sysfs_emit(buf, "%p\n", priv->iscsi_transport);

?

2021-10-11 11:38:23

by Ulrich Windl

[permalink] [raw]
Subject: Antw: [EXT] Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

>>> Joe Perches <[email protected]> schrieb am 09.10.2021 um 05:14 in Nachricht
<[email protected]>:
> On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
>> Pointers should be printed with %p or %px rather than
>> cast to (unsigned long long) and printed with %llu.
>> Change %llu to %p to print the pointer into sysfs.
> ][]
>> diff --git a/drivers/scsi/scsi_transport_iscsi.c
> b/drivers/scsi/scsi_transport_iscsi.c
> []
>> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct
> device_attribute *attr,
>>
>>
>> if (!capable(CAP_SYS_ADMIN))
>> return -EACCES;
>> - return sysfs_emit(buf, "%llu\n",
>> - (unsigned long long)iscsi_handle(priv->iscsi_transport));
>> + return sysfs_emit(buf, "%p\n",
>> + iscsi_ptr(priv->iscsi_transport));
>
> iscsi_transport is a pointer isn't it?
>
> so why not just
>
> return sysfs_emit(buf, "%p\n", priv->iscsi_transport);

Isn't the difference that %p outputs hex, while %u outputs decimal?

>
> ?
>
> --
> You received this message because you are subscribed to the Google Groups
> "open-iscsi" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/open-iscsi/5daf69b365e23ceecee911c4d0f2f66a
> 0b9ec95c.camel%40perches.com.




2021-10-11 16:41:34

by Mike Christie

[permalink] [raw]
Subject: Re: Antw: [EXT] Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

On 10/11/21 1:35 AM, Ulrich Windl wrote:
>>>> Joe Perches <[email protected]> schrieb am 09.10.2021 um 05:14 in Nachricht
> <[email protected]>:
>> On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
>>> Pointers should be printed with %p or %px rather than
>>> cast to (unsigned long long) and printed with %llu.
>>> Change %llu to %p to print the pointer into sysfs.
>> ][]
>>> diff --git a/drivers/scsi/scsi_transport_iscsi.c
>> b/drivers/scsi/scsi_transport_iscsi.c
>> []
>>> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct
>> device_attribute *attr,
>>>
>>>
>>> if (!capable(CAP_SYS_ADMIN))
>>> return -EACCES;
>>> - return sysfs_emit(buf, "%llu\n",
>>> - (unsigned long long)iscsi_handle(priv->iscsi_transport));
>>> + return sysfs_emit(buf, "%p\n",
>>> + iscsi_ptr(priv->iscsi_transport));
>>
>> iscsi_transport is a pointer isn't it?
>>
>> so why not just
>>
>> return sysfs_emit(buf, "%p\n", priv->iscsi_transport);
>
> Isn't the difference that %p outputs hex, while %u outputs decimal?
>

Yeah, I think this patch will break userspace, because it doesn't know it's
a pointer. It could be doing:

sscanf(str, "%llu", &val);

The value is just later passed back to the kernel to look up a driver in
iscsi_if_transport_lookup:

list_for_each_entry(priv, &iscsi_transports, list) {
if (tt == priv->iscsi_transport) {

so we could just replace priv->transport with an int and use an ida to assign
the value.

2021-10-12 07:07:29

by Ulrich Windl

[permalink] [raw]
Subject: Re: Antw: [EXT] Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

>>> Mike Christie <[email protected]> schrieb am 11.10.2021 um 17:29 in
Nachricht <[email protected]>:
> On 10/11/21 1:35 AM, Ulrich Windl wrote:
>>>>> Joe Perches <[email protected]> schrieb am 09.10.2021 um 05:14 in Nachricht
>> <[email protected]>:
>>> On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
>>>> Pointers should be printed with %p or %px rather than
>>>> cast to (unsigned long long) and printed with %llu.
>>>> Change %llu to %p to print the pointer into sysfs.
>>> ][]
>>>> diff --git a/drivers/scsi/scsi_transport_iscsi.c
>>> b/drivers/scsi/scsi_transport_iscsi.c
>>> []
>>>> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct
>>> device_attribute *attr,
>>>>
>>>>
>>>> if (!capable(CAP_SYS_ADMIN))
>>>> return -EACCES;
>>>> - return sysfs_emit(buf, "%llu\n",
>>>> - (unsigned long long)iscsi_handle(priv->iscsi_transport));
>>>> + return sysfs_emit(buf, "%p\n",
>>>> + iscsi_ptr(priv->iscsi_transport));
>>>
>>> iscsi_transport is a pointer isn't it?
>>>
>>> so why not just
>>>
>>> return sysfs_emit(buf, "%p\n", priv->iscsi_transport);
>>
>> Isn't the difference that %p outputs hex, while %u outputs decimal?
>>
>
> Yeah, I think this patch will break userspace, because it doesn't know it's
> a pointer. It could be doing:
>
> sscanf(str, "%llu", &val);
>
> The value is just later passed back to the kernel to look up a driver in
> iscsi_if_transport_lookup:
>
> list_for_each_entry(priv, &iscsi_transports, list) {
> if (tt == priv->iscsi_transport) {
>
> so we could just replace priv->transport with an int and use an ida to assign
> the value.

I'm not in the details, but if that value is used as an ID, shouldn't it have been something like "ID%llu" right from the start?
If so it would be rather easy to use "ID%p" instead (if the syntax of the ID is left unspecified). At least nobody would treat it as a number.

Regards,
Ulrich


>
> --
> You received this message because you are subscribed to the Google Groups
> "open-iscsi" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/open-iscsi/ae7a82c2-5b19-493a-8d61-cdccb00c
> f46c%40oracle.com.




2021-10-15 13:46:41

by Guo Zhi

[permalink] [raw]
Subject: Re: Antw: [EXT] Re: [PATCH] scsi scsi_transport_iscsi.c: fix misuse of %llu in scsi_transport_iscsi.c

On 2021/10/11 23:29, Mike Christie wrote:
> On 10/11/21 1:35 AM, Ulrich Windl wrote:
>>>>> Joe Perches <[email protected]> schrieb am 09.10.2021 um 05:14 in Nachricht
>> <[email protected]>:
>>> On Sat, 2021-10-09 at 11:02 +0800, Guo Zhi wrote:
>>>> Pointers should be printed with %p or %px rather than
>>>> cast to (unsigned long long) and printed with %llu.
>>>> Change %llu to %p to print the pointer into sysfs.
>>> ][]
>>>> diff --git a/drivers/scsi/scsi_transport_iscsi.c
>>> b/drivers/scsi/scsi_transport_iscsi.c
>>> []
>>>> @@ -129,8 +129,8 @@ show_transport_handle(struct device *dev, struct
>>> device_attribute *attr,
>>>>
>>>>
>>>> if (!capable(CAP_SYS_ADMIN))
>>>> return -EACCES;
>>>> - return sysfs_emit(buf, "%llu\n",
>>>> - (unsigned long long)iscsi_handle(priv->iscsi_transport));
>>>> + return sysfs_emit(buf, "%p\n",
>>>> + iscsi_ptr(priv->iscsi_transport));
>>> iscsi_transport is a pointer isn't it?
>>>
>>> so why not just
>>>
>>> return sysfs_emit(buf, "%p\n", priv->iscsi_transport);
>> Isn't the difference that %p outputs hex, while %u outputs decimal?
>>
> Yeah, I think this patch will break userspace, because it doesn't know it's
> a pointer. It could be doing:
>
> sscanf(str, "%llu", &val);
>
> The value is just later passed back to the kernel to look up a driver in
> iscsi_if_transport_lookup:
>
> list_for_each_entry(priv, &iscsi_transports, list) {
> if (tt == priv->iscsi_transport) {
>
> so we could just replace priv->transport with an int and use an ida to assign
> the value.

Taking security into consideration, We should not print kernel pointer
into sysfs.

However if this is a special pointer to lookup a driver,  It's really
tricky for me to fix it,

as I don't have a scsi device to test my code.


Guo