Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1755670AbbEUXEi (ORCPT <rfc822;w@1wt.eu>);
	Thu, 21 May 2015 19:04:38 -0400
Received: from li271-223.members.linode.com ([178.79.152.223]:58001 "EHLO
	mail.mleia.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1752558AbbEUXEg (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 21 May 2015 19:04:36 -0400
Message-ID: <555E647F.7070907@mleia.com>
Date: Fri, 22 May 2015 02:04:31 +0300
From: Vladimir Zapolskiy <vz@mleia.com>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Icedove/31.2.0
MIME-Version: 1.0
To: Tejun Heo <tj@kernel.org>
CC: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH] fs: sysfs: don't pass count == 0 to bin file readers
References: <1432243276-27733-1-git-send-email-vz@mleia.com> <20150521221423.GK4914@htj.duckdns.org>
In-Reply-To: <20150521221423.GK4914@htj.duckdns.org>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-49551924 
X-CRM114-CacheID: sfid-20150522_000658_448492_C6DD31CC 
X-CRM114-Status: GOOD (  20.49  )
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 2286
Lines: 82

Hello Tejun,

On 22.05.2015 01:14, Tejun Heo wrote:
> Hello,
> 
> On Fri, May 22, 2015 at 12:21:16AM +0300, Vladimir Zapolskiy wrote:
>> If count == 0 bytes are requested by a reader, sysfs_kf_bin_read()
>> deliberately returns 0 without passing a potentially harmful value to
>> some externally defined underlying battr->read() function.
>>
>> However in case of (pos == size && count) the next clause always sets
>> count to 0 and this value is handed over to battr->read().
>>
>> The change intends to make obsolete (and remove later) a redundant
>> sanity check in battr->read(), if it is present, or add more
>> protection to struct bin_attribute users, who does not care about
>> input arguments.
>>
>> Signed-off-by: Vladimir Zapolskiy <vz@mleia.com>
>> ---
>>  fs/sysfs/file.c |    2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/fs/sysfs/file.c b/fs/sysfs/file.c
>> index 7c2867b..6c95628 100644
>> --- a/fs/sysfs/file.c
>> +++ b/fs/sysfs/file.c
>> @@ -90,7 +90,7 @@ static ssize_t sysfs_kf_bin_read(struct kernfs_open_file *of, char *buf,
>>  		return 0;
>>  
>>  	if (size) {
>> -		if (pos > size)
>> +		if (pos >= size)
>>  			return 0;
>>  		if (pos + count > size)
>>  			count = size - pos;
> 
> Hmmm... maybe just move that test upwards?
> 
> 	if (!count || pos >= size)
> 		return 0;
> 
> 	count = min(count, size - pos);
> 

If the code block stays within if (size && count) { ... }, then !count
check is redundant (you may notice that !count check is already present
above but not shown in diff's 3 lines context), and I agree that

	if (pos >= size)
		return 0;

	if (pos + count > size)
		count = size - pos;

and

	if (pos >= size)
		return 0;

	count = min(count, size - pos);

are equal.

But "!size" is a special case,

	if (!count || pos >= size)
		return 0;

seems to be incorrect in case of !size ===> (pos >= size) == true.

To the sent change I may add a replacement of "if (pos + count > size)
..." with min_t (ssize_t, count, size - pos), if you wish.

--
With best wishes,
Vladimir
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/