2005-03-08 13:46:14

by Kristian Sørensen

[permalink] [raw]
Subject: Reading large /proc entry from kernel module

Hi all!

I have some trouble reading a 2346 byte /proc entry from our Umbrella kernel
module.

Proc file is created write-only and I am able to write text to the file, and
read it from kernel space. The function reading the entry is in short this:

static int umb_proc_write(struct file *file, const char *buffer,
unsigned long count, void *data) {
char *policy;
int *lbuf;
int i;

if (count != UMB_POLICY_SIZE) {
printk("Umbrella: Error - /proc/umbrella is of invalid size\n");
return -EFAULT;
}

/* Initialization of lbuf */
policy = kmalloc(sizeof(char)*UMB_POLICY_SIZE, GFP_ATOMIC);
lbuf = kmalloc(count, GFP_KERNEL);
if (!lbuf || !policy) {
kfree(lbuf);
kfree(policy);
return -EFAULT;
}
if (copy_from_user(lbuf, buffer, count)) {
kfree(lbuf);
kfree(policy);
return -EFAULT;
}

strcpy(policy, lbuf);
umb_parse_proc(policy);

}


If I read byte by byte will only give the characters on every fourth index.
E.g. reading lbuf with the string "abcd", then lbuf[0]==a and lbuf[1]==d ...
- Do anyone have an explanation for this behaviour? Making the strcpy does fix
the problem - and the complete string is available! :-/ ...

Now that everything works, I want to write a string of excactly 2346
characters to the /proc/umbrella file. However when I make the
copy_from_user, I only get the first 1003 characters :-((
- Do you have a pointer to where I do this thing wrong?

What is the limit regarding the size of writing a /proc entry? (we consider
importing binary public keys to the kernel this way in the future).


Best regards,
Kristian.

--
Kristian S?rensen
- The Umbrella Project -- Security for Consumer Electronics
http://umbrella.sourceforge.net

E-mail: [email protected], Phone: +45 29723816


2005-03-08 23:11:16

by Peter Chubb

[permalink] [raw]
Subject: Re: Reading large /proc entry from kernel module

>>>>> "Kristian" == Kristian S?rensen <[email protected]> writes:

Kristian> Hi all! I have some trouble reading a 2346 byte /proc entry
Kristian> from our Umbrella kernel module.


Kristian> static int umb_proc_write(struct file *file, const char *buffer,
Kristian> unsigned long count, void *data) {
Kristian> char *policy;
Kristian> int *lbuf;
Kristian> int i;

Here's your problem: lbuf should be a char * not an int *.
When you look lbuf[0] you'll get the first four characters packed
into the int.
--
Dr Peter Chubb http://www.gelato.unsw.edu.au peterc AT gelato.unsw.edu.au
The technical we do immediately, the political takes *forever*

2005-03-08 23:37:21

by Kristian Sørensen

[permalink] [raw]
Subject: Re: Reading large /proc entry from kernel module

On Wednesday 09 March 2005 00:04, Peter Chubb wrote:
> >>>>> "Kristian" == Kristian S?rensen <[email protected]> writes:
>
> Kristian> Hi all! I have some trouble reading a 2346 byte /proc entry
> Kristian> from our Umbrella kernel module.
>
>
> Kristian> static int umb_proc_write(struct file *file, const char *buffer,
> Kristian> unsigned long count, void *data) {
> Kristian> char *policy;
> Kristian> int *lbuf;
> Kristian> int i;
>
> Here's your problem: lbuf should be a char * not an int *.
> When you look lbuf[0] you'll get the first four characters packed
> into the int.
Okay, thanks! :-D That solves the first error :)

However, I still only get the the first 1003 characters, when I traverse the
buffer :-/

--
Kristian S?rensen
E-mail: [email protected], Phone: +45 29723816

2005-03-09 19:21:58

by Bob Bennett

[permalink] [raw]
Subject: Re: Reading large /proc entry from kernel module

Kristian Sørensen <ks <at> cs.aau.dk> writes:

>
> Hi all!
>
> I have some trouble reading a 2346 byte /proc entry from our Umbrella kernel
> module.

> if (count != UMB_POLICY_SIZE) {
> printk("Umbrella: Error - /proc/umbrella is of invalid size\n");
> return -EFAULT;

> if (copy_from_user(lbuf, buffer, count)) {
> kfree(lbuf);
> kfree(policy);
> return -EFAULT;
> }
>
> strcpy(policy, lbuf);
> umb_parse_proc(policy);
>
> }
>

> Now that everything works, I want to write a string of excactly 2346
> characters to the /proc/umbrella file. However when I make the
> copy_from_user, I only get the first 1003 characters (
> - Do you have a pointer to where I do this thing wrong?
>
> What is the limit regarding the size of writing a /proc entry? (we consider
> importing binary public keys to the kernel this way in the future).
>
> Best regards,
> Kristian.
>

What makes you think you only have 1003 bytes? If UMB_POLICY_SIZE is defined as
2346, then user space must have written that amount. Probably the problem is
that you used strcpy() to copy the data from lbuf to policy, and there is a null
character after 1003 bytes. It is an unnecessary extra step to allocate two
buffers (lbuf & policy) and copy data from one to the other. Why not just pass
lbuff to umb_parse_proc()??

Regards,
Bob Bennett

2005-03-09 23:05:21

by Kristian Sørensen

[permalink] [raw]
Subject: Re: Reading large /proc entry from kernel module

On Wednesday 09 March 2005 16:17, Bob Bennett wrote:
> Kristian Sørensen <ks <at> cs.aau.dk> writes:
> > Hi all!
> >
> > I have some trouble reading a 2346 byte /proc entry from our Umbrella
> > kernel module.
> >
> > if (count != UMB_POLICY_SIZE) {
> > printk("Umbrella: Error - /proc/umbrella is of invalid size\n");
> > return -EFAULT;
> >
> > if (copy_from_user(lbuf, buffer, count)) {
> > kfree(lbuf);
> > kfree(policy);
> > return -EFAULT;
> > }
> >
> > strcpy(policy, lbuf);
> > umb_parse_proc(policy);
> >
> > }
> >
> >
> > Now that everything works, I want to write a string of excactly 2346
> > characters to the /proc/umbrella file. However when I make the
> > copy_from_user, I only get the first 1003 characters (
> > - Do you have a pointer to where I do this thing wrong?
> >
> > What is the limit regarding the size of writing a /proc entry? (we
> > consider importing binary public keys to the kernel this way in the
> > future).
> >
> > Best regards,
> > Kristian.
>
> What makes you think you only have 1003 bytes? If UMB_POLICY_SIZE is
> defined as 2346, then user space must have written that amount. Probably
> the problem is that you used strcpy() to copy the data from lbuf to policy,
> and there is a null character after 1003 bytes. It is an unnecessary extra
> step to allocate two buffers (lbuf & policy) and copy data from one to the
> other. Why not just pass lbuff to umb_parse_proc()??
You are right - that does not make sense having both the buffers :-)))

The input that I write to the /proc/umbrella file is stored in a file in
usermode Linux... Can the '\0' be hidden somewhere in the text file - even
though everything looks normal in the vi editor?

Thanks for your answer!

Cheers, Kristian.

--
Kristian Sørensen
E-mail: [email protected]