Received: by 10.223.185.111 with SMTP id b44csp62530wrg; Fri, 9 Mar 2018 00:56:11 -0800 (PST) X-Google-Smtp-Source: AG47ELv6pcIdukZkClv/GhYzRi8V6kF0Vw2hWG034Bym5WIlJm1H9xajd7tfeMfKsPF3cELvd1R7 X-Received: by 10.98.86.151 with SMTP id h23mr29037255pfj.79.1520585771196; Fri, 09 Mar 2018 00:56:11 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520585771; cv=none; d=google.com; s=arc-20160816; b=bbhmo7prB0lqBbP1rTuY+/x94JZVTUEKZB8OdEsfCQwZqKtyc+GkzXW2yg/B1vLVVb njBDL5W9/NTX8jfHNZ3eZ1VX2HQlOpo1yXLs8E7bXdegRmDlC/pkDWoKnURKg2DfQqKM Ye2hpacNIiRgJPR1kl5F1zOy+l65pdfJv7ff8AozGA79PJ5MkzADQVCGndJsD7Ukug4h 0AL2Ag+t0hFMqmW13Yw64yeyXL9SNkyodICOogKEhUeYWArtgCwXECLF5NarpOHH1w3O qZunnFIF2mzeqnMhcqh/Qpe0/a4j+Pk4jVZNjPYdSwohmUv76AMHcdV35ZC96yghPw7T WUPQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :content-id:content-language:accept-language:in-reply-to:references :message-id:date:thread-index:thread-topic:subject:cc:to:from :arc-authentication-results; bh=iCR8tseuFufzq567bg+kASLVOg4FI8/SeZytFweSYPU=; b=qio71BAp+Tjr1YOXwnHjnNuWAoytAKrTAof7lyuQSDkhSKFyl/pq7urpipGT5Inb5Z XPkmX/CZ2t5U+0xbWsKb+BbI3vfCiV1LkMaXnNWh5oMKG4QjOJd8cXLj5iVCYqu9VDbA eCI+1P8maNzg7pWKD5C94gU4WaeMklqQnDd6a9qJya1eqaA+uPXk1hpKx7zoW90k9C2/ /ljuCIQrCmR4TNCDOKmKPErexiyNWko2tY+Du0jvJuBy0/QOlqwNP7hgiP10INx5Vpbp GUYHbdOhuev0eZYKTfo3lFgIbsH6lFfFTfLUpdPL55Xp22tMzi1pCjv8Cpc0lVIRPCvX x8yw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h19si434025pgn.310.2018.03.09.00.55.56; Fri, 09 Mar 2018 00:56:11 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752318AbeCIIyc convert rfc822-to-8bit (ORCPT + 99 others); Fri, 9 Mar 2018 03:54:32 -0500 Received: from mga02.intel.com ([134.134.136.20]:34566 "EHLO mga02.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751486AbeCIIyb (ORCPT ); Fri, 9 Mar 2018 03:54:31 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 09 Mar 2018 00:54:30 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.47,444,1515484800"; d="scan'208";a="33653452" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by orsmga003.jf.intel.com with ESMTP; 09 Mar 2018 00:54:30 -0800 Received: from fmsmsx155.amr.corp.intel.com (10.18.116.71) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.319.2; Fri, 9 Mar 2018 00:54:30 -0800 Received: from FMSMSX109.amr.corp.intel.com ([169.254.15.144]) by FMSMSX155.amr.corp.intel.com ([169.254.5.47]) with mapi id 14.03.0319.002; Fri, 9 Mar 2018 00:54:29 -0800 From: "Dilger, Andreas" To: Kees Cook CC: Greg Kroah-Hartman , "devel@driverdev.osuosl.org" , Tycho Andersen , Kernel Hardening , Rasmus Villemoes , "linux-kernel@vger.kernel.org" , Gargi Sharma , "Drokin, Oleg" , Lustre Development List , "Tobin C. Harding" Subject: Re: [lustre-devel] [PATCH v2] staging: lustre: Remove VLA usage Thread-Topic: [lustre-devel] [PATCH v2] staging: lustre: Remove VLA usage Thread-Index: AQHTtlaLfWBjl7/Rn0q8LtJYujUiQaPIIeSA Date: Fri, 9 Mar 2018 08:54:29 +0000 Message-ID: References: <20180307205444.GA11349@beast> In-Reply-To: <20180307205444.GA11349@beast> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.254.37.249] Content-Type: text/plain; charset="us-ascii" Content-ID: <256AED917176C643BB96F1916F39FFBC@intel.com> Content-Transfer-Encoding: 8BIT MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mar 7, 2018, at 13:54, Kees Cook wrote: > > The kernel would like to have all stack VLA usage removed[1]. This switches > to a simple kasprintf() instead, and in the process fixes an off-by-one > between the allocation and the sprintf (allocation did not include NULL > byte in calculation). > > [1] https://lkml.org/lkml/2018/3/7/621 > > Signed-off-by: Kees Cook > Reviewed-by: Rasmus Villemoes This seems better than the VLA_SAFE() macro, at the cost of an extra kmalloc. I don't think these code paths are super performance critical. Reviewed-by: Andreas Dilger > --- > drivers/staging/lustre/lustre/llite/xattr.c | 19 +++++++++++++------ > 1 file changed, 13 insertions(+), 6 deletions(-) > > diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c > index 532384c91447..ff6fe81a4ddb 100644 > --- a/drivers/staging/lustre/lustre/llite/xattr.c > +++ b/drivers/staging/lustre/lustre/llite/xattr.c > @@ -87,10 +87,10 @@ ll_xattr_set_common(const struct xattr_handler *handler, > const char *name, const void *value, size_t size, > int flags) > { > - char fullname[strlen(handler->prefix) + strlen(name) + 1]; > struct ll_sb_info *sbi = ll_i2sbi(inode); > struct ptlrpc_request *req = NULL; > const char *pv = value; > + char *fullname; > __u64 valid; > int rc; > > @@ -141,10 +141,13 @@ ll_xattr_set_common(const struct xattr_handler *handler, > return -EPERM; > } > > - sprintf(fullname, "%s%s\n", handler->prefix, name); > + fullname = kasprintf(GFP_KERNEL, "%s%s\n", handler->prefix, name); > + if (!fullname) > + return -ENOMEM; > rc = md_setxattr(sbi->ll_md_exp, ll_inode2fid(inode), > valid, fullname, pv, size, 0, flags, > ll_i2suppgid(inode), &req); > + kfree(fullname); > if (rc) { > if (rc == -EOPNOTSUPP && handler->flags == XATTR_USER_T) { > LCONSOLE_INFO("Disabling user_xattr feature because it is not supported on the server\n"); > @@ -364,11 +367,11 @@ static int ll_xattr_get_common(const struct xattr_handler *handler, > struct dentry *dentry, struct inode *inode, > const char *name, void *buffer, size_t size) > { > - char fullname[strlen(handler->prefix) + strlen(name) + 1]; > struct ll_sb_info *sbi = ll_i2sbi(inode); > #ifdef CONFIG_FS_POSIX_ACL > struct ll_inode_info *lli = ll_i2info(inode); > #endif > + char *fullname; > int rc; > > CDEBUG(D_VFSTRACE, "VFS Op:inode=" DFID "(%p)\n", > @@ -411,9 +414,13 @@ static int ll_xattr_get_common(const struct xattr_handler *handler, > if (handler->flags == XATTR_ACL_DEFAULT_T && !S_ISDIR(inode->i_mode)) > return -ENODATA; > #endif > - sprintf(fullname, "%s%s\n", handler->prefix, name); > - return ll_xattr_list(inode, fullname, handler->flags, buffer, size, > - OBD_MD_FLXATTR); > + fullname = kasprintf(GFP_KERNEL, "%s%s\n", handler->prefix, name); > + if (!fullname) > + return -ENOMEM; > + rc = ll_xattr_list(inode, fullname, handler->flags, buffer, size, > + OBD_MD_FLXATTR); > + kfree(fullname); > + return rc; > } > > static ssize_t ll_getxattr_lov(struct inode *inode, void *buf, size_t buf_size) > -- > 2.7.4 > > > -- > Kees Cook > Pixel Security > _______________________________________________ > lustre-devel mailing list > lustre-devel@lists.lustre.org > http://lists.lustre.org/listinfo.cgi/lustre-devel-lustre.org Cheers, Andreas -- Andreas Dilger Lustre Principal Architect Intel Corporation