Message ID | 20230322141206.56347-2-andriy.shevchenko@linux.intel.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:604a:0:0:0:0:0 with SMTP id j10csp2373614wrt; Wed, 22 Mar 2023 07:32:24 -0700 (PDT) X-Google-Smtp-Source: AK7set+/oHUkWr6uh0vZkYadfysJDGS8ykRiiXO29BgoSHTTEVJZ/E9NzLCLjOEmHI00S4Awxdvq X-Received: by 2002:aa7:d890:0:b0:4fa:57bf:1416 with SMTP id u16-20020aa7d890000000b004fa57bf1416mr7319693edq.35.1679495544043; Wed, 22 Mar 2023 07:32:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1679495544; cv=none; d=google.com; s=arc-20160816; b=rHPrrDoW/6Y38DD00tgOc2ZWycAlloqPojQ0UnTubRrV3AWP9H7HG+1BY/GLddnLbU gIAjh1gi0Klk+ZS+Eqrec31b8vDCz1xdnjmota8NXmWbzxbohOmBulbA04YZduBDTNJg 0LlLALH3XzBSZt4LUwfjaoEDaQpyAvFCIpNtj6nTO64LU3FW8QuODhnfLLn5Goy7nAuV MPTpJp/WqxQ5nOjXxB84sWT1kHVbbSYIQCupPgtFurckELr0LH5+U6ASkwBx0uLwtT5w 9GKREPRo5QcYkmZ+RCxTD1+3hSegu+hMQ8KPbqqy33GnOR0mzm9E27evWSVfFsqco46x O3/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=mk4ZGRYEfeE/GMxDR79aRdln6iwF07NtyhXdPeOdTu4=; b=KDWn1HGo8aCFz5lHMDSZ7j791VKADTSrqPE/7o3kL4lzwVXnqMzjDo8fX7HSNSZGcf yrgKTwfBKh2ta0i1bqkDpsw0gdUM52d2UXHeyrs6x0p4VsXS5VIDkhJkQ8pJ3u4GKphD gzEo87krFY+djlYKyfvYselRMJxh+PLZrOTM/skgdASVYziIs6Tz2T9ulzmnaVByPwZw sBb1LByR0uRwuyaraHC+k4JWDDA3peKTYE5DPwqXutB/7tVTr8QLNc0LdyNlP+LicOFt QeCgZLil+3/Jgz1brhmK8LA66SfpC33NCBNoFEkUn9F12LqCan7+B1J1qUH2+a5zciyF r+ZQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=WheSQgqF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id c13-20020aa7c98d000000b004fd29e75157si17087685edt.343.2023.03.22.07.32.00; Wed, 22 Mar 2023 07:32:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=WheSQgqF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231349AbjCVOME (ORCPT <rfc822;pusanteemu@gmail.com> + 99 others); Wed, 22 Mar 2023 10:12:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37416 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231299AbjCVOL5 (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Wed, 22 Mar 2023 10:11:57 -0400 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DE4B062329; Wed, 22 Mar 2023 07:11:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1679494316; x=1711030316; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=7YSrH58f/8PCUQYRKrz3TF1JgsLkqas7q/pNYTkDdYg=; b=WheSQgqFqkhGk6imopb2h1P4H1rqvyS8a99bKra+DmoCEf7E2mz4Aq5R 6VWwqvJJVj169H4a59yd13JK6r71cWrj/JTyqH73KTbyBTQTBJBQj7kY/ wUei93bxePoW+m+5P2EA5gMbqXvio5cdwmm2CV3Z+SkoycnOaTQjF9Tf3 3e/Vt5SGhHAGJHLvhSb3r2763llOh+Ctz5KZYT5CJzJacfiTS4mdWqUCo Edyda6w8X4JtZ+IXVVE7w1nkfJycvD4VEnBtyLuAUmHXymY/dL+BvI2jb wjBjz96+TKuY4bV0bhWmA7HJmFyuK6Q1OamcAY9GnHm+avHnoLuQUFYSX A==; X-IronPort-AV: E=McAfee;i="6600,9927,10657"; a="318865981" X-IronPort-AV: E=Sophos;i="5.98,282,1673942400"; d="scan'208";a="318865981" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 22 Mar 2023 07:11:36 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10657"; a="1011377031" X-IronPort-AV: E=Sophos;i="5.98,282,1673942400"; d="scan'208";a="1011377031" Received: from black.fi.intel.com ([10.237.72.28]) by fmsmga005.fm.intel.com with ESMTP; 22 Mar 2023 07:11:34 -0700 Received: by black.fi.intel.com (Postfix, from userid 1003) id 5AC3C3DD; Wed, 22 Mar 2023 16:12:20 +0200 (EET) From: Andy Shevchenko <andriy.shevchenko@linux.intel.com> To: Kees Cook <keescook@chromium.org>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Andy Shevchenko <andriy.shevchenko@linux.intel.com>, Cezary Rojewski <cezary.rojewski@intel.com>, linux-ext4@vger.kernel.org, linux-kernel@vger.kernel.org Cc: "Theodore Ts'o" <tytso@mit.edu>, Jan Kara <jack@suse.com>, Andy Shevchenko <andy@kernel.org>, "Rafael J. Wysocki" <rafael@kernel.org> Subject: [PATCH v1 1/3] jbd2: Avoid printing out the boundary Date: Wed, 22 Mar 2023 16:12:04 +0200 Message-Id: <20230322141206.56347-2-andriy.shevchenko@linux.intel.com> X-Mailer: git-send-email 2.40.0.1.gaa8946217a0b In-Reply-To: <20230322141206.56347-1-andriy.shevchenko@linux.intel.com> References: <20230322141206.56347-1-andriy.shevchenko@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.4 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_PASS,SPF_NONE, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1761078719787076814?= X-GMAIL-MSGID: =?utf-8?q?1761078719787076814?= |
Series |
lib/string_helpers et al.: Change return value of strreplace()
|
|
Commit Message
Andy Shevchenko
March 22, 2023, 2:12 p.m. UTC
Theoretically possible that "%pg" will take all room for the j_devname
and hence the "-%lu" will go out the boundary due to unconditional
sprintf() in use. To make this code more robust, replace two sequential
s*printf():s by a single call and then replace forbidden character.
It's possible to do this way, because '/' won't ever be in the result
of "-%lu".
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
---
fs/jbd2/journal.c | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
Comments
Hi Andy,
I love your patch! Perhaps something to improve:
[auto build test WARNING on driver-core/driver-core-testing]
[also build test WARNING on driver-core/driver-core-next driver-core/driver-core-linus kees/for-next/pstore kees/for-next/kspp tytso-ext4/dev linus/master v6.3-rc3 next-20230322]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Andy-Shevchenko/jbd2-Avoid-printing-out-the-boundary/20230322-221425
patch link: https://lore.kernel.org/r/20230322141206.56347-2-andriy.shevchenko%40linux.intel.com
patch subject: [PATCH v1 1/3] jbd2: Avoid printing out the boundary
config: x86_64-kexec (https://download.01.org/0day-ci/archive/20230323/202303230045.2JeedPWH-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
reproduce (this is a W=1 build):
# https://github.com/intel-lab-lkp/linux/commit/6154f5a987ef2ce0084db0eb245d2c3bcde2a02a
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Andy-Shevchenko/jbd2-Avoid-printing-out-the-boundary/20230322-221425
git checkout 6154f5a987ef2ce0084db0eb245d2c3bcde2a02a
# save the config file
mkdir build_dir && cp config build_dir/.config
make W=1 O=build_dir ARCH=x86_64 olddefconfig
make W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash fs/jbd2/
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/oe-kbuild-all/202303230045.2JeedPWH-lkp@intel.com/
All warnings (new ones prefixed by >>):
fs/jbd2/journal.c: In function 'jbd2_journal_init_inode':
>> fs/jbd2/journal.c:1491:15: warning: unused variable 'p' [-Wunused-variable]
1491 | char *p;
| ^
vim +/p +1491 fs/jbd2/journal.c
470decc613ab20 Dave Kleikamp 2006-10-11 1478
470decc613ab20 Dave Kleikamp 2006-10-11 1479 /**
f7f4bccb729844 Mingming Cao 2006-10-11 1480 * journal_t * jbd2_journal_init_inode () - creates a journal which maps to a inode.
470decc613ab20 Dave Kleikamp 2006-10-11 1481 * @inode: An inode to create the journal in
470decc613ab20 Dave Kleikamp 2006-10-11 1482 *
f7f4bccb729844 Mingming Cao 2006-10-11 1483 * jbd2_journal_init_inode creates a journal which maps an on-disk inode as
470decc613ab20 Dave Kleikamp 2006-10-11 1484 * the journal. The inode must exist already, must support bmap() and
470decc613ab20 Dave Kleikamp 2006-10-11 1485 * must have all data blocks preallocated.
470decc613ab20 Dave Kleikamp 2006-10-11 1486 */
f7f4bccb729844 Mingming Cao 2006-10-11 1487 journal_t *jbd2_journal_init_inode(struct inode *inode)
470decc613ab20 Dave Kleikamp 2006-10-11 1488 {
f0c9fd5458bacf Geliang Tang 2016-09-15 1489 journal_t *journal;
30460e1ea3e62f Carlos Maiolino 2020-01-09 1490 sector_t blocknr;
05496769e5da83 Theodore Ts'o 2008-09-16 @1491 char *p;
30460e1ea3e62f Carlos Maiolino 2020-01-09 1492 int err = 0;
30460e1ea3e62f Carlos Maiolino 2020-01-09 1493
30460e1ea3e62f Carlos Maiolino 2020-01-09 1494 blocknr = 0;
30460e1ea3e62f Carlos Maiolino 2020-01-09 1495 err = bmap(inode, &blocknr);
470decc613ab20 Dave Kleikamp 2006-10-11 1496
30460e1ea3e62f Carlos Maiolino 2020-01-09 1497 if (err || !blocknr) {
f0c9fd5458bacf Geliang Tang 2016-09-15 1498 pr_err("%s: Cannot locate journal superblock\n",
f0c9fd5458bacf Geliang Tang 2016-09-15 1499 __func__);
f0c9fd5458bacf Geliang Tang 2016-09-15 1500 return NULL;
f0c9fd5458bacf Geliang Tang 2016-09-15 1501 }
f0c9fd5458bacf Geliang Tang 2016-09-15 1502
cb3b3bf22cf337 Jan Kara 2022-06-08 1503 jbd2_debug(1, "JBD2: inode %s/%ld, size %lld, bits %d, blksize %ld\n",
f0c9fd5458bacf Geliang Tang 2016-09-15 1504 inode->i_sb->s_id, inode->i_ino, (long long) inode->i_size,
f0c9fd5458bacf Geliang Tang 2016-09-15 1505 inode->i_sb->s_blocksize_bits, inode->i_sb->s_blocksize);
f0c9fd5458bacf Geliang Tang 2016-09-15 1506
f0c9fd5458bacf Geliang Tang 2016-09-15 1507 journal = journal_init_common(inode->i_sb->s_bdev, inode->i_sb->s_bdev,
f0c9fd5458bacf Geliang Tang 2016-09-15 1508 blocknr, inode->i_size >> inode->i_sb->s_blocksize_bits,
f0c9fd5458bacf Geliang Tang 2016-09-15 1509 inode->i_sb->s_blocksize);
470decc613ab20 Dave Kleikamp 2006-10-11 1510 if (!journal)
470decc613ab20 Dave Kleikamp 2006-10-11 1511 return NULL;
470decc613ab20 Dave Kleikamp 2006-10-11 1512
470decc613ab20 Dave Kleikamp 2006-10-11 1513 journal->j_inode = inode;
900d156bac2bc4 Christoph Hellwig 2022-07-13 1514 snprintf(journal->j_devname, sizeof(journal->j_devname),
6154f5a987ef2c Andy Shevchenko 2023-03-22 1515 "%pg-%lu", journal->j_dev, journal->j_inode->i_ino);
6154f5a987ef2c Andy Shevchenko 2023-03-22 1516 strreplace(journal->j_devname, '/', '!');
8e85fb3f305b24 Johann Lombardi 2008-01-28 1517 jbd2_stats_proc_init(journal);
470decc613ab20 Dave Kleikamp 2006-10-11 1518
470decc613ab20 Dave Kleikamp 2006-10-11 1519 return journal;
470decc613ab20 Dave Kleikamp 2006-10-11 1520 }
470decc613ab20 Dave Kleikamp 2006-10-11 1521
On Wed 22-03-23 16:12:04, Andy Shevchenko wrote: > Theoretically possible that "%pg" will take all room for the j_devname > and hence the "-%lu" will go out the boundary due to unconditional > sprintf() in use. To make this code more robust, replace two sequential > s*printf():s by a single call and then replace forbidden character. > It's possible to do this way, because '/' won't ever be in the result > of "-%lu". > > Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Looks good. Feel free to add: Reviewed-by: Jan Kara <jack@suse.cz> Honza > --- > fs/jbd2/journal.c | 5 ++--- > 1 file changed, 2 insertions(+), 3 deletions(-) > > diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c > index 8ae419152ff6..00c0aa4a3a91 100644 > --- a/fs/jbd2/journal.c > +++ b/fs/jbd2/journal.c > @@ -1515,9 +1515,8 @@ journal_t *jbd2_journal_init_inode(struct inode *inode) > > journal->j_inode = inode; > snprintf(journal->j_devname, sizeof(journal->j_devname), > - "%pg", journal->j_dev); > - p = strreplace(journal->j_devname, '/', '!'); > - sprintf(p, "-%lu", journal->j_inode->i_ino); > + "%pg-%lu", journal->j_dev, journal->j_inode->i_ino); > + strreplace(journal->j_devname, '/', '!'); > jbd2_stats_proc_init(journal); > > return journal; > -- > 2.40.0.1.gaa8946217a0b >
On Thu, Mar 23, 2023 at 10:53:46AM +0100, Jan Kara wrote: > On Wed 22-03-23 16:12:04, Andy Shevchenko wrote: > > Theoretically possible that "%pg" will take all room for the j_devname > > and hence the "-%lu" will go out the boundary due to unconditional > > sprintf() in use. To make this code more robust, replace two sequential > > s*printf():s by a single call and then replace forbidden character. > > It's possible to do this way, because '/' won't ever be in the result > > of "-%lu". > > > > Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> > > Looks good. Feel free to add: > > Reviewed-by: Jan Kara <jack@suse.cz> Thank you! I'll incorporate this into v2 with dropping not anymore used variable (as found by LKP).
diff --git a/fs/jbd2/journal.c b/fs/jbd2/journal.c index 8ae419152ff6..00c0aa4a3a91 100644 --- a/fs/jbd2/journal.c +++ b/fs/jbd2/journal.c @@ -1515,9 +1515,8 @@ journal_t *jbd2_journal_init_inode(struct inode *inode) journal->j_inode = inode; snprintf(journal->j_devname, sizeof(journal->j_devname), - "%pg", journal->j_dev); - p = strreplace(journal->j_devname, '/', '!'); - sprintf(p, "-%lu", journal->j_inode->i_ino); + "%pg-%lu", journal->j_dev, journal->j_inode->i_ino); + strreplace(journal->j_devname, '/', '!'); jbd2_stats_proc_init(journal); return journal;