Re: [PATCH 2/2] make shm_get_stat() more robust

From: Andrew Morton
Date: Tue Jan 27 2009 - 18:00:55 EST


On Tue, 27 Jan 2009 17:48:13 -0500
Tony Battersby <tonyb@xxxxxxxxxxxxxxx> wrote:

> shm_get_stat() assumes idr_find(&shm_ids(ns).ipcs_idr) returns
> "struct shmid_kernel *"; all other callers assume that it returns
> "struct kern_ipc_perm *". This works because "struct kern_ipc_perm"
> is currently the first member of "struct shmid_kernel", but it would
> be better to use container_of() to prevent future breakage.
>
> Signed-off-by: Tony Battersby <tonyb@xxxxxxxxxxxxxxx>
> ---
> --- linux-2.6.29-rc2-git3/ipc/shm.c.orig 2009-01-27 16:23:10.000000000 -0500
> +++ linux-2.6.29-rc2-git3/ipc/shm.c 2009-01-27 16:24:19.000000000 -0500
> @@ -551,12 +551,14 @@ static void shm_get_stat(struct ipc_name
> in_use = shm_ids(ns).in_use;
>
> for (total = 0, next_id = 0; total < in_use; next_id++) {
> + struct kern_ipc_perm *ipc;
> struct shmid_kernel *shp;
> struct inode *inode;
>
> - shp = idr_find(&shm_ids(ns).ipcs_idr, next_id);
> - if (shp == NULL)
> + ipc = idr_find(&shm_ids(ns).ipcs_idr, next_id);
> + if (ipc == NULL)
> continue;
> + shp = container_of(ipc, struct shmid_kernel, shm_perm);
>
> inode = shp->shm_file->f_path.dentry->d_inode;
>

yup, well spotted.

It would be good to add a little typesafe wrapper:

static inline struct kern_ipc_perm *shm_idr_find(struct ipc_ids *ipc_ids)
{
return idr_find(&ipc_ids->ipcs_idr);
}

(or similar)

so that this sort of mistake cannot happen again.


As you've found, open-coded use of a bare void*-returning function is a
bit dangerous.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/