From: Sergey Bugaev <bugaevc@gmail.com>
To: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Cc: libc-alpha@sourceware.org, Joseph Myers <joseph@codesourcery.com>
Subject: Re: [RFC PATCH] debug: Add tests for fortified fcntl ()
Date: Tue, 23 May 2023 22:19:13 +0300 [thread overview]
Message-ID: <CAN9u=HfZJq7NBYOeAu3Cu6xxDfXy4PydFCRUgLx8U0vF-q8=Og@mail.gmail.com> (raw)
In-Reply-To: <2ee46c72-ea05-b45b-0848-30f31a2696ac@linaro.org>
Hello,
thank you for taking a look.
On Tue, May 23, 2023 at 9:40 PM Adhemerval Zanella Netto
<adhemerval.zanella@linaro.org> wrote:
> > + res = __fcntl (lockfd1, F_OFD_GETLK, &flock);
>
> This is an external case, so use the external default name.
Do you mean that this should be s/__fcntl/fcntl/?
If that is what you mean -- here's why I used __fcntl here, but not in
all the other places:
The point of the OFD tests in the patch is to check for 32-bit vs
64-bit confusion in the fortification. If, for example, in some
configuration the plain fcntl is supposed to be 32-bit (and struct
flock is 32-bit), but the fortified version of fcntl mistakenly
forwards to fcntl64, then the 32-bit struct flock will not be
converted to struct flock64, and will be passed to the kernel as-is.
It will yield some garbage when interpreted as a struct flock64, and
the kernel will likely reject it with an error (EINVAL, perhaps) --
which is what the test checks against.
But the test also needs to work on the kernel versions that do not
support OFD locks, so it does this check for support being present at
all first, and skips running the OFD tests if the kernel does not
support it. But how do you check for OFD locks support? -- you try to
F_OFD_GETLK and see if the kernel returns EINVAL. If it does return
that, OFD locks are unsupported.
And herein lies the problem, we cannot differentiate between EINVALs
caused by missing kernel support from EINVALs caused by the very kind
of bugs this test checks against! We'd mistake the actual issue we
wanted to catch for missing kernel support, skip the bulk of the test,
and report success.
So in this first check of whether or not OFD locks are supported at
all, I've used __fcntl, which does not get fortified and so cannot
suffer from the 32-bit vs 64-bit confusion bug. The rest of the code
uses the regular fcntl. There's a comment above briefly mentioning
this, too -- clearly it has to be expanded.
So, with this in mind, should I be using __fcntl here, or is there a
better option?
Sergey
next prev parent reply other threads:[~2023-05-23 19:19 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-19 21:30 [RFC PATCH 0/1] Attempt to detect missing fcntl argument at compile time Sergey Bugaev
2023-05-19 21:30 ` [RFC PATCH 1/1] io: Add FORTIFY_SOURCE check for fcntl arguments Sergey Bugaev
2023-05-19 21:55 ` Joseph Myers
2023-05-20 11:46 ` Sergey Bugaev
2023-05-20 18:21 ` [RFC PATCH] debug: Add tests for fortified fcntl () Sergey Bugaev
2023-05-23 18:40 ` Adhemerval Zanella Netto
2023-05-23 19:19 ` Sergey Bugaev [this message]
2023-05-23 19:48 ` Adhemerval Zanella Netto
2023-05-24 7:15 ` Sergey Bugaev
2023-05-24 12:15 ` Adhemerval Zanella Netto
2023-05-23 19:09 ` [RFC PATCH 1/1] io: Add FORTIFY_SOURCE check for fcntl arguments Adhemerval Zanella Netto
2023-05-23 19:43 ` Sergey Bugaev
2023-05-23 19:56 ` Adhemerval Zanella Netto
2023-05-23 20:24 ` Sergey Bugaev
2023-05-23 20:44 ` Sergey Bugaev
2023-05-24 12:04 ` Adhemerval Zanella Netto
2023-05-23 19:15 ` Siddhesh Poyarekar
2023-05-23 20:01 ` Sergey Bugaev
2023-05-23 20:06 ` Sergey Bugaev
2023-05-23 21:46 ` Florian Weimer
2023-05-24 7:31 ` Sergey Bugaev
2023-05-24 8:29 ` Florian Weimer
2023-05-24 10:51 ` Sergey Bugaev
2023-05-24 11:18 ` Florian Weimer
2023-05-24 11:46 ` Siddhesh Poyarekar
2023-05-24 12:12 ` Andreas Schwab
2023-05-24 12:18 ` Florian Weimer
2023-05-24 12:37 ` Sergey Bugaev
2023-05-24 12:45 ` Florian Weimer
2023-05-24 13:02 ` Sergey Bugaev
2023-05-24 13:18 ` Florian Weimer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAN9u=HfZJq7NBYOeAu3Cu6xxDfXy4PydFCRUgLx8U0vF-q8=Og@mail.gmail.com' \
--to=bugaevc@gmail.com \
--cc=adhemerval.zanella@linaro.org \
--cc=joseph@codesourcery.com \
--cc=libc-alpha@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).