Re: [PATCH v2 03/10] blktrace: fix debugfs use after free

From: Bart Van Assche
Date: Sun Apr 19 2020 - 17:55:52 EST

Next message: Andrew Lunn: "Re: [PATCH net-next 3/3] net: phy: bcm54140: add hwmon support"
Previous message: David Laight: "RE: [RFC] WRITE_ONCE_INC() and friends"
In reply to: Luis Chamberlain: "[PATCH v2 03/10] blktrace: fix debugfs use after free"
Next in thread: Luis Chamberlain: "Re: [PATCH v2 03/10] blktrace: fix debugfs use after free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/19/20 12:45 PM, Luis Chamberlain wrote:

+int __must_check blk_queue_debugfs_register(struct request_queue *q)
+{
+ struct dentry *dir = NULL;
+
+ /* This can happen if we have a bug in the lower layers */

What does "this" refer to? Which layers does "lower layers" refer to? Most software developers consider a module that calls directly into another module as a higher layer (callbacks through function pointers do not count; see also https://en.wikipedia.org/wiki/Modular_programming). According to that definition block drivers are a software layer immediately above the block layer core.

How about changing that comment into the following to make it unambiguous (if this is what you meant)?

/*
* Check whether the debugfs directory already exists. This can
* only happen as the result of a bug in a block driver.
*/

+ dir = debugfs_lookup(kobject_name(q->kobj.parent), blk_debugfs_root);
+ if (dir) {
+ pr_warn("%s: registering request_queue debugfs directory twice is not allowed\n",
+ kobject_name(q->kobj.parent));
+ dput(dir);
+ return -EALREADY;
+ }
+
+ q->debugfs_dir = debugfs_create_dir(kobject_name(q->kobj.parent),
+ blk_debugfs_root);
+ if (!q->debugfs_dir)
+ return -ENOMEM;
+
+ return 0;
+}

kobject_name(q->kobj.parent) is used three times in the above function. How about introducing a local variable that holds the result of that expression?

+static bool blk_trace_target_disk(const char *target, const char *diskname)
+{
+ if (strlen(target) != strlen(diskname))
+ return false;
+
+ if (!strncmp(target, diskname,
+ min_t(size_t, strlen(target), strlen(diskname))))
+ return true;
+
+ return false;
+}

The above code looks weird to me. When the second if-statement is reached, it is guaranteed that 'target' and 'diskname' have the same length. So why to calculate the minimum length in the second if-statement of two strings that have the same length?

Independent of what the purpose of the above code is, can that code be rewritten such that it does not depend on the details of how names are assigned to disks and partitions? Would disk_get_part() be useful here?

Thanks,

Bart.

Next message: Andrew Lunn: "Re: [PATCH net-next 3/3] net: phy: bcm54140: add hwmon support"
Previous message: David Laight: "RE: [RFC] WRITE_ONCE_INC() and friends"
In reply to: Luis Chamberlain: "[PATCH v2 03/10] blktrace: fix debugfs use after free"
Next in thread: Luis Chamberlain: "Re: [PATCH v2 03/10] blktrace: fix debugfs use after free"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]