Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp22875pxj; Wed, 9 Jun 2021 15:21:46 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzpXvLT1kAWvX27guYSqi9omt2Ei4mD40yJ3ZOtxCG2Zgg22C/2NorB2esemCcQbnOhgDgj X-Received: by 2002:a17:906:340d:: with SMTP id c13mr1714543ejb.457.1623277306570; Wed, 09 Jun 2021 15:21:46 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623277306; cv=none; d=google.com; s=arc-20160816; b=g2KKGy+B68x8kKrRN8bo6lksW6E2bni7IUBvDi7aT+CSWgbLEYgql7x5YxE1SzzPZp t5EKfR7K7whsNbUAUzVN8HHd0GkjEFAkFpEqrBrFg1Ax01agxMFh+PF9X/a3IYtMkQfX f1ZqKECMtEDU4Ci6tnHTJPEf/kfy6T28Hv7eXgkLhIy2HYXSfJm3hX3PkQdxiQkNi1Fy 0m4A8fZVw6fzqGLgVwDebhyLz4U8XUBlYyggyChCc7zhoOErveZZeQvD3CncjaanoMwl K5n6IAh1Umi6t2nf+1gn60dmRvHSt5eoc4oerucAxqx5oRMkW8HzSOclP7gpBfEh0viU Wt9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=aywcnP0YrohbYMJCOwCUTdGTE9FOQqyaxeblawAX6mc=; b=crzinS5znvQCttA8y5hR6xsK/kVaNDfBUqQcb907wXp2xq6SreCWtVM5YzUYDQz6Fz arMH1n0klyjVOPcmAzHc+1kertiuYzbI62g26BAOouKEwuQdpUzIgQCb7SPhkxFNffCE kpWzG+sTCLWr3teHdLWVaQI8USp6n87Smp9t/3tPnMBQrEiQG+bQFQgNZlY0WfwIa8bF 1euCnZJfwG/yXLSUg1nvrs1VD6HyhqmDVkRunll+O+lop8TdrrJ1gUIyI4CULJHQziOS Zt0iS1shamj9N7Q9BWEy+4kzhAcV1iugiqqY/RYNiwKdVKiLpE4khW8FtgUgmxCYKEtY ZNfA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id kl18si847372ejc.160.2021.06.09.15.21.22; Wed, 09 Jun 2021 15:21:46 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229655AbhFIWUy (ORCPT + 99 others); Wed, 9 Jun 2021 18:20:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:57288 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229542AbhFIWUx (ORCPT ); Wed, 9 Jun 2021 18:20:53 -0400 Received: from oasis.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 7A13C61184; Wed, 9 Jun 2021 22:18:57 +0000 (UTC) Date: Wed, 9 Jun 2021 18:18:55 -0400 From: Steven Rostedt To: Linus Torvalds Cc: James Wang , Liangyan , Linux Kernel Mailing List , Ingo Molnar , Xunlei Pang , yinbinbin@alibabacloud.com, wetp , stable , Greg Kroah-Hartman Subject: Re: [PATCH] tracing: Correct the length check which causes memory corruption Message-ID: <20210609181855.7aeab6eb@oasis.local.home> In-Reply-To: References: <20210607125734.1770447-1-liangyan.peng@linux.alibaba.com> <71fa2e69-a60b-0795-5fef-31658f89591a@linux.alibaba.com> <20210609165154.3eab1749@oasis.local.home> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 9 Jun 2021 14:43:51 -0700 Linus Torvalds wrote: > On Wed, Jun 9, 2021 at 1:52 PM Steven Rostedt wrote: > > > > > > That "sizeof(*entry)" is clearly wrong, because it doesn't take the > > > unsized array into account. > > > > Correct. That's because I forgot that the structure has that empty array :-( > > Note that 'sparse' does have the option to warn about odd flexible > array uses. Including 'sizeof()'. > > You can do something like > > CF='-Wflexible-array-sizeof' make C=2 kernel/trace/trace.o > > and you'll see > > kernel/trace/trace.c:1022:17: warning: using sizeof on a flexible structure alloc = sizeof(*entry) + size + 2; /* possible \n added */ Entry is created via a macro. But I guess that too could use a struct_size(). > kernel/trace/trace.c:2645:17: warning: using sizeof on a flexible structure memset(event, 0, sizeof(*event)); Hah, this is the part that is clearing the first part of the ring_buffer_event structure of that temp buffer. Where it's setting "type_len" to zero. It doesn't care about the extended portion here. > kernel/trace/trace.c:2739:41: warning: using sizeof on a flexible structure This is the code we are talking about now. > kernel/trace/trace.c:3290:16: warning: using sizeof on a flexible structure This is like the first one. A macro created the structure, but probably could be switched over. > kernel/trace/trace.c:3350:16: warning: using sizeof on a flexible structure Same as the first occurrence. > kernel/trace/trace.c:6989:16: warning: using sizeof on a flexible structure Also the same as the first. > kernel/trace/trace.c:7070:16: warning: using sizeof on a flexible structure And same as the first. > > and I suspect every single one of those should be using > 'struct_size()' instead for a sizeof() on the base structure plus some > manual arithmetic (or, as in the case of this bug, _without_ the extra > arithmetic). Most of the above are for structures that hold dynamic size strings. But I have no problem converting them to struct_size. But since they are created by FTRACE_ENTRY*() macros in kernel/trace/trace_entries.h, we need to be careful in picking the field to use. > > And yeah, it isn't just the tracing code that does this. We have it > all over, so that sparse check isn't on by default. Sparse is pretty > darn noisy even without it, but it can be worth using that > CF='-Wflexible-array-sizeof' on individual files that you want to > check. Could be a task for an intern to do? -- Steve