Re: [tip:tracing/blktrace-v2] blktrace: fix a bug in blk_msg_write()

From: Li Zefan
Date: Tue Apr 07 2009 - 21:32:16 EST

Next message: Masami Hiramatsu: "Re: [RFC][PROTO][PATCH -tip 0/7] kprobes: support jump optimizationon x86"
Previous message: Pallipadi, Venkatesh: "Re: 2.6.29 git master and PAT problems"
In reply to: Li Zefan: "[tip:tracing/blktrace-v2] blktrace: small cleanup in blk_msg_write()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Ingo,

Though Carl <chlunde@xxxxxxxxxxx>'s patch has been applied,
(a4b3ada83d06554d307dd54abdc62b2e5648264a), this patch hasn't
been dropped, thus the code in -tip looks like:

static ssize_t blk_msg_write(...)
{
...
if (copy_from_user(msg, buffer, count)) {
kfree(msg);
return -EFAULT;
}
msg[count] = '\0'; <---

msg[count] = '\0'; <---
...
}

Li Zefan wrote:
> Commit-ID: 48cefde3c17bbf37fee99e2889bcc718e5805dfa
> Gitweb: http://git.kernel.org/tip/48cefde3c17bbf37fee99e2889bcc718e5805dfa
> Author: Li Zefan <lizf@xxxxxxxxxxxxxx>
> AuthorDate: Fri, 3 Apr 2009 15:31:34 +0800
> Committer: Ingo Molnar <mingo@xxxxxxx>
> CommitDate: Fri, 3 Apr 2009 13:15:53 +0200
>
> blktrace: fix a bug in blk_msg_write()
>
> Impact: fix corrupted blkparse output
>
> This is another long-standing blktrace bug:
>
> (console 1)
> # echo -n 'a' > /sys/kernel/debug/block/sda/msg
> (console 2)
> # blktrace -d /dev/sda -a pc -o - | blkparse -i -
> 8,0 0 0 0.000000000 0 m N aïïïïïï@ïï
>
> We should terminate the msg buffer with '\0'.
>
> Signed-off-by: Li Zefan <lizf@xxxxxxxxxxxxxx>
> Cc: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
> Cc: "Alan D. Brunelle" <alan.brunelle@xxxxxx>
> Cc: Jens Axboe <jens.axboe@xxxxxxxxxx>
> LKML-Reference: <49D5BB56.7000807@xxxxxxxxxxxxxx>
> Signed-off-by: Ingo Molnar <mingo@xxxxxxx>
>
>
> ---
> kernel/trace/blktrace.c | 5 +++--
> 1 files changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/trace/blktrace.c b/kernel/trace/blktrace.c
> index 947c5b3..b7fa92c 100644
> --- a/kernel/trace/blktrace.c
> +++ b/kernel/trace/blktrace.c
> @@ -327,10 +327,10 @@ static ssize_t blk_msg_write(struct file *filp, const char __user *buffer,
> char *msg;
> struct blk_trace *bt;
>
> - if (count > BLK_TN_MAX_MSG)
> + if (count >= BLK_TN_MAX_MSG)
> return -EINVAL;
>
> - msg = kmalloc(count, GFP_KERNEL);
> + msg = kmalloc(count + 1, GFP_KERNEL);
> if (msg == NULL)
> return -ENOMEM;
>
> @@ -338,6 +338,7 @@ static ssize_t blk_msg_write(struct file *filp, const char __user *buffer,
> kfree(msg);
> return -EFAULT;
> }
> + msg[count] = '\0';
>
> bt = filp->private_data;
> __trace_note_message(bt, "%s", msg);
>
>

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Masami Hiramatsu: "Re: [RFC][PROTO][PATCH -tip 0/7] kprobes: support jump optimizationon x86"
Previous message: Pallipadi, Venkatesh: "Re: 2.6.29 git master and PAT problems"
In reply to: Li Zefan: "[tip:tracing/blktrace-v2] blktrace: small cleanup in blk_msg_write()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]