# echo "b $((0x7fffffff)):$((0x80000000)) rwm" > devices.allow
# cat devices.list
b 214748364:-21474836 rwm
though a major/minor number of 0x800000000 is meaningless, we
should not cast it to a negative value.
Signed-off-by: Li Zefan <[email protected]>
---
security/device_cgroup.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/device_cgroup.c b/security/device_cgroup.c
index fd764a0..1e2e28a 100644
--- a/security/device_cgroup.c
+++ b/security/device_cgroup.c
@@ -222,7 +222,7 @@ static void devcgroup_destroy(struct cgroup_subsys *ss,
#define DEVCG_DENY 2
#define DEVCG_LIST 3
-#define MAJMINLEN 10
+#define MAJMINLEN 13
#define ACCLEN 4
static void set_access(char *acc, short access)
@@ -254,7 +254,7 @@ static void set_majmin(char *str, unsigned m)
if (m == ~0)
sprintf(str, "*");
else
- snprintf(str, MAJMINLEN, "%d", m);
+ snprintf(str, MAJMINLEN, "%u", m);
}
static int devcgroup_seq_read(struct cgroup *cgroup, struct cftype *cft,
--
1.5.4.rc3
Quoting Li Zefan ([email protected]):
> # echo "b $((0x7fffffff)):$((0x80000000)) rwm" > devices.allow
> # cat devices.list
> b 214748364:-21474836 rwm
>
> though a major/minor number of 0x800000000 is meaningless, we
> should not cast it to a negative value.
>
> Signed-off-by: Li Zefan <[email protected]>
makes sense.
Acked-by: Serge Hallyn <[email protected]>
thanks,
-serge
> ---
> security/device_cgroup.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> index fd764a0..1e2e28a 100644
> --- a/security/device_cgroup.c
> +++ b/security/device_cgroup.c
> @@ -222,7 +222,7 @@ static void devcgroup_destroy(struct cgroup_subsys *ss,
> #define DEVCG_DENY 2
> #define DEVCG_LIST 3
>
> -#define MAJMINLEN 10
> +#define MAJMINLEN 13
> #define ACCLEN 4
>
> static void set_access(char *acc, short access)
> @@ -254,7 +254,7 @@ static void set_majmin(char *str, unsigned m)
> if (m == ~0)
> sprintf(str, "*");
> else
> - snprintf(str, MAJMINLEN, "%d", m);
> + snprintf(str, MAJMINLEN, "%u", m);
> }
>
> static int devcgroup_seq_read(struct cgroup *cgroup, struct cftype *cft,
> --
> 1.5.4.rc3
On Fri, Jul 4, 2008 at 10:39 PM, Li Zefan <[email protected]> wrote:
> # echo "b $((0x7fffffff)):$((0x80000000)) rwm" > devices.allow
> # cat devices.list
> b 214748364:-21474836 rwm
>
> though a major/minor number of 0x800000000 is meaningless, we
> should not cast it to a negative value.
>
> Signed-off-by: Li Zefan <[email protected]>
> ---
> security/device_cgroup.c | 4 ++--
> 1 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/security/device_cgroup.c b/security/device_cgroup.c
> index fd764a0..1e2e28a 100644
> --- a/security/device_cgroup.c
> +++ b/security/device_cgroup.c
> @@ -222,7 +222,7 @@ static void devcgroup_destroy(struct cgroup_subsys *ss,
> #define DEVCG_DENY 2
> #define DEVCG_LIST 3
>
> -#define MAJMINLEN 10
> +#define MAJMINLEN 13
> #define ACCLEN 4
>
> static void set_access(char *acc, short access)
> @@ -254,7 +254,7 @@ static void set_majmin(char *str, unsigned m)
> if (m == ~0)
> sprintf(str, "*");
Can't this just be strcat(str, "*")?
> else
> - snprintf(str, MAJMINLEN, "%d", m);
> + snprintf(str, MAJMINLEN, "%u", m);
I'm not sure that using snprintf() helps here over just sprintf() -
we're not actually basing it on the available space in the string,
we're just assuming there's enough space.
Paul
Paul Menage wrote:
> On Fri, Jul 4, 2008 at 10:39 PM, Li Zefan <[email protected]> wrote:
>> # echo "b $((0x7fffffff)):$((0x80000000)) rwm" > devices.allow
>> # cat devices.list
>> b 214748364:-21474836 rwm
>>
>> though a major/minor number of 0x800000000 is meaningless, we
>> should not cast it to a negative value.
>>
>> Signed-off-by: Li Zefan <[email protected]>
>> ---
>> security/device_cgroup.c | 4 ++--
>> 1 files changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/security/device_cgroup.c b/security/device_cgroup.c
>> index fd764a0..1e2e28a 100644
>> --- a/security/device_cgroup.c
>> +++ b/security/device_cgroup.c
>> @@ -222,7 +222,7 @@ static void devcgroup_destroy(struct cgroup_subsys *ss,
>> #define DEVCG_DENY 2
>> #define DEVCG_LIST 3
>>
>> -#define MAJMINLEN 10
>> +#define MAJMINLEN 13
>> #define ACCLEN 4
>>
>> static void set_access(char *acc, short access)
>> @@ -254,7 +254,7 @@ static void set_majmin(char *str, unsigned m)
>> if (m == ~0)
>> sprintf(str, "*");
>
> Can't this just be strcat(str, "*")?
>
No, but it can be strcpy(str, "*").
>> else
>> - snprintf(str, MAJMINLEN, "%d", m);
>> + snprintf(str, MAJMINLEN, "%u", m);
>
> I'm not sure that using snprintf() helps here over just sprintf() -
> we're not actually basing it on the available space in the string,
> we're just assuming there's enough space.
>
Agreed.
On Mon, Jul 7, 2008 at 6:27 PM, Li Zefan <[email protected]> wrote:
>>> @@ -254,7 +254,7 @@ static void set_majmin(char *str, unsigned m)
>>> if (m == ~0)
>>> sprintf(str, "*");
>>
>> Can't this just be strcat(str, "*")?
>>
>
> No, but it can be strcpy(str, "*").
Oops, yes, that's what I should have put ...
Paul