From patchwork Sat Nov 18 03:32:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 166434 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9910:0:b0:403:3b70:6f57 with SMTP id i16csp968300vqn; Fri, 17 Nov 2023 19:32:36 -0800 (PST) X-Google-Smtp-Source: AGHT+IEHKCPyLZEanHrolcajUxwfN9F40pQmYg+ZgtA6DhZNSTq7Ut+EFRXndS0XPFFA7aEgsWTF X-Received: by 2002:a05:6358:248c:b0:16d:b577:e9f5 with SMTP id m12-20020a056358248c00b0016db577e9f5mr1512701rwc.11.1700278356168; Fri, 17 Nov 2023 19:32:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700278356; cv=none; d=google.com; s=arc-20160816; b=KfoUIXLWAtCWmXTTfg8V+pG/H+eBtSSidj+9NigmiFUiFg0NrMGLEu+/iiRw+nQPQu rHA4AzeVorSOsnPKYX0n/fwrgRzLAEIac+JmpBBl8Nc1kurRmLno08cSg4c4qqWQOUrB Ugo4wbZzuQUs//QR92EyRrmSUsRLchDot3yJi72RwV0qb+UMsdkSQJtnIsip+iE2IIcI ApKxcgobXpeSO19lP7mAOmN+Z5WsQVRhPNNTwqc6opY9NQ4crajyNbNeYn2R1o55BM2H l2tomyEYe3OWsr5IPFu00f3slCY7HVibgVE1VBFisuGCRABHkg0MYkber5tNFXl6r2c5 DPTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=ZuOAsHHFZPOuWQfa7HR/CRP8rWW9OFa4zlb7H8K+PqI=; fh=jPF1t1OjVWw43kqQI21RGk54ztKXfsMiTjLe7/DkAmM=; b=wpTvvc1Fh5o0r2ZLY1vzucdiG0QKipE/cc01cT4ruaA01APf2Cs4R9/QyLzULk7O5S DplO3ImijzDcxpfJm/KTwqzpVgbxsLgLUWsRU4QkftTkU/nCXs9DW5JdNiTUV1d4l5gn phkUvaY51kkZpi2WiKzcwu9kDM8Gigw6dM7vUO8u9V370Iy0NimP9pwfia3fcd0Kr7ff B+tkoQLR0H/tUKAV0nvMAh//SWkVTNpxWxMWV6AAY20/bpvg9dLXkbQO6QiOWQnBcUNH tDK5kAwt7emIch2W7K7SBoQtywvnS/7F7wBAgivRkdbgpc/Z7q4I+N/vLvq4O0//L4oU yBzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=hRw7TE3A; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id w22-20020a63c116000000b005b9602a7badsi3436459pgf.688.2023.11.17.19.32.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 17 Nov 2023 19:32:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=hRw7TE3A; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 4AE18804DDAF; Fri, 17 Nov 2023 19:32:35 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232923AbjKRDcd (ORCPT + 29 others); Fri, 17 Nov 2023 22:32:33 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54156 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229737AbjKRDcb (ORCPT ); Fri, 17 Nov 2023 22:32:31 -0500 Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com [IPv6:2607:f8b0:4864:20::22d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1A900D79 for ; Fri, 17 Nov 2023 19:32:28 -0800 (PST) Received: by mail-oi1-x22d.google.com with SMTP id 5614622812f47-3b40d5ea323so1716869b6e.0 for ; Fri, 17 Nov 2023 19:32:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1700278347; x=1700883147; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZuOAsHHFZPOuWQfa7HR/CRP8rWW9OFa4zlb7H8K+PqI=; b=hRw7TE3Aw9mQGJeK8iKAqXHV4cXi1r/D8nRX/XkqFKl20avtMidhRSDLOd2ByznuDq VzP6oxDEnobAZJtuHScSkingQNUDhvs0tO1lO1h10DIXadeb2ZVcJ2aPC4OyLSIUFSqM ywvWhGLsaf1C9NP9wsn9iPpr8gqoyxZSGcGhs= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700278347; x=1700883147; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZuOAsHHFZPOuWQfa7HR/CRP8rWW9OFa4zlb7H8K+PqI=; b=KllK00r+sBmraJPGdTF5xudovWkF48GPXNSvAdWTkyYssUS8b2V5G58hfZY+lYKJU/ 6TB+GcKPLk9hGfrxeKo2R74b0MU8Oo4LuEadNo0FOMRdn2vgkZuum68IIRp/7HcfoBDM t5HWCk9IVNv7wJ/bFXc0nSbo3/lZ5kz9bc6NCag9HnUrJ1uu3uqjWm5yXT3+ZIviWuSI ZAvfHjT2NazkDtht5c+j6OW1eqfe16tpzyKhbuY0TezLS4kQy/+Ryw8lhmxNU+c1Rqv7 W9kvIvG3WPeF2xEA2QoZoGqupt+fRgM/CT/d+gU2BYBXI6fjrG+2Tq+azXs0KXs7qBba dCpQ== X-Gm-Message-State: AOJu0YzwErBTH3dpXA6TU/u0i/sICUHhMarpQqYW8uiySxJY19GQblLi 1y0SRrXLhNaIIqwxWPa29uY6QA== X-Received: by 2002:a05:6808:159c:b0:3b2:e520:dfab with SMTP id t28-20020a056808159c00b003b2e520dfabmr1858538oiw.44.1700278347367; Fri, 17 Nov 2023 19:32:27 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id p14-20020a63e64e000000b005bd3d6e270dsm2110896pgj.68.2023.11.17.19.32.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 17 Nov 2023 19:32:26 -0800 (PST) From: Kees Cook To: Anders Larsen Cc: Kees Cook , Ronald Monthero , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH 1/2] qnx4: Extract dir entry filename processing into helper Date: Fri, 17 Nov 2023 19:32:22 -0800 Message-Id: <20231118033225.2181299-1-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231118032638.work.955-kees@kernel.org> References: <20231118032638.work.955-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=5459; i=keescook@chromium.org; h=from:subject; bh=XEizXpbYB2hSkZgTWepdo9gwxqKciXPea2V6fD+lP5k=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlWDBGMRS5pTns5wDRKgex0lEioCJEEml3GQ5kv Nh32TbQdjeJAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZVgwRgAKCRCJcvTf3G3A JouAD/9ZvesC+kPMzN1CYhx7iEpEFQrI4FoTIpnppDCfjhk9vXwzvPtaa/M62cBMlQde1ZepANK GW8J3xOeaN4ZV1xQbiinxYQUwW/p2Tj56rkA8h12t8TF/MDj6Kxg5+umawN+95WNB8epZSkHNMk G65lyhqloSJfUGBu8AtmWgAkrtAn+Amo459NTcjo/ilLqjLt9Rl7E8A0AG/iv+ZW09D9nQVwCC+ TMSPPTXphxSYAPS7lzFhHtYK4E+d0did4ft3KEdjPfX/USAeuNuTR+lRbvDHkR9cVt5FZkw10cf DugNmZxA8oqUUlDbYM3nMD5emCwjow9guRLFrGEg+iVeYXAaJnFeFIrZQvOA/BgGdkX2g7RYBEG 17TOcyJBk7Cbwaih6Kix6kfm5YNOOqLS34h4V9Lx06KGwnQE2Uo1WPlrj3OIzPjZeiyygY7Ozi8 ZK+SX8Cvw3sK8Jn5NIdUdfoLIvhlf35wBSl3DZBOX8/2XcjCiIYGkFrIs7XzYsQf6oKl0DT7sRq dzkaWBRLcaM6K+tXhMCL2o1R1OyZKLe9Ieu1lW6u5TWjor0NPpFxJqrVmGlUjVrt0vdqKZ/lrtm A0gv9b0cwsnuWdMKSMjuZFmwv8IXjdPEi8DSllHujMPThw5UgbOleCo9pMyoTaTVclE4NV+ABCe 9HQ2VabwzIb9NRQ== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Fri, 17 Nov 2023 19:32:35 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1782871077836500903 X-GMAIL-MSGID: 1782871077836500903 Both dir.c and namei.c need to perform the same work to figure out a directory entry's name and size. Extract this into a helper for use in the next patch. Cc: Anders Larsen Signed-off-by: Kees Cook --- fs/qnx4/dir.c | 52 ++++++-------------------------------------- fs/qnx4/qnx4.h | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+), 45 deletions(-) diff --git a/fs/qnx4/dir.c b/fs/qnx4/dir.c index 66645a5a35f3..42a529e26bd6 100644 --- a/fs/qnx4/dir.c +++ b/fs/qnx4/dir.c @@ -15,43 +15,6 @@ #include #include "qnx4.h" -/* - * A qnx4 directory entry is an inode entry or link info - * depending on the status field in the last byte. The - * first byte is where the name start either way, and a - * zero means it's empty. - * - * Also, due to a bug in gcc, we don't want to use the - * real (differently sized) name arrays in the inode and - * link entries, but always the 'de_name[]' one in the - * fake struct entry. - * - * See - * - * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578#c6 - * - * for details, but basically gcc will take the size of the - * 'name' array from one of the used union entries randomly. - * - * This use of 'de_name[]' (48 bytes) avoids the false positive - * warnings that would happen if gcc decides to use 'inode.di_name' - * (16 bytes) even when the pointer and size were to come from - * 'link.dl_name' (48 bytes). - * - * In all cases the actual name pointer itself is the same, it's - * only the gcc internal 'what is the size of this field' logic - * that can get confused. - */ -union qnx4_directory_entry { - struct { - const char de_name[48]; - u8 de_pad[15]; - u8 de_status; - }; - struct qnx4_inode_entry inode; - struct qnx4_link_info link; -}; - static int qnx4_readdir(struct file *file, struct dir_context *ctx) { struct inode *inode = file_inode(file); @@ -74,26 +37,25 @@ static int qnx4_readdir(struct file *file, struct dir_context *ctx) ix = (ctx->pos >> QNX4_DIR_ENTRY_SIZE_BITS) % QNX4_INODES_PER_BLOCK; for (; ix < QNX4_INODES_PER_BLOCK; ix++, ctx->pos += QNX4_DIR_ENTRY_SIZE) { union qnx4_directory_entry *de; + const char *fname; offset = ix * QNX4_DIR_ENTRY_SIZE; de = (union qnx4_directory_entry *) (bh->b_data + offset); - if (!de->de_name[0]) - continue; - if (!(de->de_status & (QNX4_FILE_USED|QNX4_FILE_LINK))) + fname = get_entry_fname(de, &size); + if (!fname) continue; + if (!(de->de_status & QNX4_FILE_LINK)) { - size = sizeof(de->inode.di_fname); ino = blknum * QNX4_INODES_PER_BLOCK + ix - 1; } else { - size = sizeof(de->link.dl_fname); ino = ( le32_to_cpu(de->link.dl_inode_blk) - 1 ) * QNX4_INODES_PER_BLOCK + de->link.dl_inode_ndx; } - size = strnlen(de->de_name, size); - QNX4DEBUG((KERN_INFO "qnx4_readdir:%.*s\n", size, name)); - if (!dir_emit(ctx, de->de_name, size, ino, DT_UNKNOWN)) { + + QNX4DEBUG((KERN_INFO "qnx4_readdir:%.*s\n", size, fname)); + if (!dir_emit(ctx, fname, size, ino, DT_UNKNOWN)) { brelse(bh); return 0; } diff --git a/fs/qnx4/qnx4.h b/fs/qnx4/qnx4.h index 6283705466a4..0b6b86ee09dd 100644 --- a/fs/qnx4/qnx4.h +++ b/fs/qnx4/qnx4.h @@ -44,3 +44,62 @@ static inline struct qnx4_inode_entry *qnx4_raw_inode(struct inode *inode) { return &qnx4_i(inode)->raw; } + +/* + * A qnx4 directory entry is an inode entry or link info + * depending on the status field in the last byte. The + * first byte is where the name start either way, and a + * zero means it's empty. + * + * Also, due to a bug in gcc, we don't want to use the + * real (differently sized) name arrays in the inode and + * link entries, but always the 'de_name[]' one in the + * fake struct entry. + * + * See + * + * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578#c6 + * + * for details, but basically gcc will take the size of the + * 'name' array from one of the used union entries randomly. + * + * This use of 'de_name[]' (48 bytes) avoids the false positive + * warnings that would happen if gcc decides to use 'inode.di_name' + * (16 bytes) even when the pointer and size were to come from + * 'link.dl_name' (48 bytes). + * + * In all cases the actual name pointer itself is the same, it's + * only the gcc internal 'what is the size of this field' logic + * that can get confused. + */ +union qnx4_directory_entry { + struct { + const char de_name[48]; + u8 de_pad[15]; + u8 de_status; + }; + struct qnx4_inode_entry inode; + struct qnx4_link_info link; +}; +/* Make sure the status byte is in the same place for all structs. */ +_Static_assert(offsetof(struct qnx4_inode_entry, di_status) == + offsetof(struct qnx4_link_info, dl_status)); +_Static_assert(offsetof(struct qnx4_inode_entry, di_status) == + offsetof(union qnx4_directory_entry, de_status)); + +static inline const char *get_entry_fname(union qnx4_directory_entry *de, + int *size) +{ + if (!de->de_name[0]) + return NULL; + if (!(de->de_status & (QNX4_FILE_USED|QNX4_FILE_LINK))) + return NULL; + if (!(de->de_status & QNX4_FILE_LINK)) + *size = sizeof(de->inode.di_fname); + else + *size = sizeof(de->link.dl_fname); + + *size = strnlen(de->de_name, *size); + + return de->de_name; +} From patchwork Sat Nov 18 03:32:23 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kees Cook X-Patchwork-Id: 166435 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:9910:0:b0:403:3b70:6f57 with SMTP id i16csp968341vqn; Fri, 17 Nov 2023 19:32:43 -0800 (PST) X-Google-Smtp-Source: AGHT+IHU4elWjrII0A5amxtMzm/tJZjw1FDWbdesVi1SuiwyHIzitD0u2Uh9K1FyucoGNR/Acpyn X-Received: by 2002:a17:902:ea04:b0:1cc:51b8:80f7 with SMTP id s4-20020a170902ea0400b001cc51b880f7mr1681090plg.26.1700278363411; Fri, 17 Nov 2023 19:32:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700278363; cv=none; d=google.com; s=arc-20160816; b=M1Kqf4TVSNYefs4/yI9BhYOUEurbKR6Btb+zoQ8SOR4OakO/vzazbJWAo5q0smRgDU NNs0U7bfw3Q7zQg/sqR9CjyX7xz4QJnJT/kFjcI6Gxy5vabGFLKmynsro4PrsbyyXsi2 7D/BjCReGixrkp21U7hA2RAOFv8/SuG2ckq2bQTYWbRwlvKVWbK0Wf/unh0qje1yvLiO tzM0OTS50c6XwkKVdwItMXfjV4sVOYSAyXh3jTPDII5X6Q7nlvP4zCJnUIOy3yhcUbuW V/XOrtSdAZTXPmVtFnCtpFYysWPxmdq3WBTH9tUiS7dNYnbIgph7bY+AqkI+Du2h+4EI 2R7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=hUNX4Pr0e63GOp5Q1i8+8pUFIEK3hETBMWLJLAQNpAU=; fh=jPF1t1OjVWw43kqQI21RGk54ztKXfsMiTjLe7/DkAmM=; b=e92rUtNSOVTu4R7Qvh/ifOxG4VN8Vd3oqtDwfrxy4G1+5KaMxUS1y73X87SKEvNEHQ IFncNuf6jSY4BKfBGKTul+LKfUWELIBGDhZrUh4sp6VjaIwci864C2Cjs7KYo/Z518dl YK3RlFOzmdY0mV/kUWXqJOJ3I4++zv3Wnd5BOpL47hPhp19sNrx8iI+zjaKibrVUhPZb broSIhdUzDXUX9gwXIcAy1SIbZ4UKNKYsxT3Q9PnId8XU4yxaJkHBbIeD4JvJ7ZczdxF 2iLh9E7iyqC+b907NzxOTCQRTHH4YW6kkLfKYhcJ9Bjr6GHQvIH3+wK4nLFL5L1hNL55 s92g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=LIl7Imyg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id g10-20020a170902868a00b001cc50114667si3003619plo.551.2023.11.17.19.32.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 17 Nov 2023 19:32:43 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=LIl7Imyg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 764F880C2441; Fri, 17 Nov 2023 19:32:42 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346396AbjKRDch (ORCPT + 29 others); Fri, 17 Nov 2023 22:32:37 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54166 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232930AbjKRDcd (ORCPT ); Fri, 17 Nov 2023 22:32:33 -0500 Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9AE0610CE for ; Fri, 17 Nov 2023 19:32:29 -0800 (PST) Received: by mail-pf1-x42b.google.com with SMTP id d2e1a72fcca58-6c320a821c4so2411000b3a.2 for ; Fri, 17 Nov 2023 19:32:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; t=1700278349; x=1700883149; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=hUNX4Pr0e63GOp5Q1i8+8pUFIEK3hETBMWLJLAQNpAU=; b=LIl7ImygH4QE78Jnvt+8VjpRoBbEt0RybWpiIkGZSYockNCRcmOIH5adk9WuQ5CYWS RADZ7ULcmEVAalURw4bprUX+feuPDCPHSoMSZJiyFsCBLS4h6c7MvwS/hDeHTwLmdl8t yud28OFYY2+s/ohY0ZIbzVtpBS4UFvQMFjRwg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700278349; x=1700883149; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=hUNX4Pr0e63GOp5Q1i8+8pUFIEK3hETBMWLJLAQNpAU=; b=SB0oRrljhmkJNPo/X8w0MgIxbB6vT6H2jBP8ho/gVD0UnBE4ss2+vdJ2Q3T0JjdW5a XyFXshBFLFjkwfiYR3BuYHE38CMItlMel7T3gPR3mLHyumEmR49176obTYAxbWrAaQxz ovG8ZNNz1dwDfUGPj8fprX/x5l9gGTrxDCjl1q+KQDYnRN4u/zIJUG7+AgFYj/Vt6j20 OB9xvncOCj0MjGoyY1I9aIrL8z8fiMkw8KeTtca9jU7BmD2GK41npil2tUsrfBUr/e67 PM6bW0H0dUJ89K4xZX2NBlWqLbs4lrr6yEUvXnaxvRuo119BWNNPyMKikVkfR1Srof6i lzTA== X-Gm-Message-State: AOJu0YxI7rMBdsCbKwQp5FwUY5K7S/RXFxO/i2DP8hKif0OG2K24XAMe oO254PigErslRdoDVA3pSu9LdQ== X-Received: by 2002:a05:6a20:3e16:b0:187:1015:bf88 with SMTP id m22-20020a056a203e1600b001871015bf88mr803069pzc.29.1700278349034; Fri, 17 Nov 2023 19:32:29 -0800 (PST) Received: from www.outflux.net (198-0-35-241-static.hfc.comcastbusiness.net. [198.0.35.241]) by smtp.gmail.com with ESMTPSA id ja5-20020a170902efc500b001c60a2b5c61sm2068173plb.134.2023.11.17.19.32.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 17 Nov 2023 19:32:26 -0800 (PST) From: Kees Cook To: Anders Larsen Cc: Kees Cook , Ronald Monthero , linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org Subject: [PATCH 2/2] qnx4: Use get_directory_fname() in qnx4_match() Date: Fri, 17 Nov 2023 19:32:23 -0800 Message-Id: <20231118033225.2181299-2-keescook@chromium.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20231118032638.work.955-kees@kernel.org> References: <20231118032638.work.955-kees@kernel.org> MIME-Version: 1.0 X-Developer-Signature: v=1; a=openpgp-sha256; l=2057; i=keescook@chromium.org; h=from:subject; bh=OhI/ZifeBTDlKg1Qzh7oz3gDWu25PlWJzlLQLPT3/7Y=; b=owEBbQKS/ZANAwAKAYly9N/cbcAmAcsmYgBlWDBHYnwwXN6DifyScJCDU1k4klZEHrQeAbVxO WPackvO556JAjMEAAEKAB0WIQSlw/aPIp3WD3I+bhOJcvTf3G3AJgUCZVgwRwAKCRCJcvTf3G3A JghJD/9FcggML2h6nM/xEZ50lWpdxVZnBj1oQhkTQJtXykLeD4GhH3Fo7k4wqHPGNt3NHcOjxDz 8wc9HYXWEdWEhBhR2IFQE+iETopUHDNGJ+Z2qpnCRUgFiwCJML4VvMjs/OLU1WsDtvvXmmtSApA j1dggGXIm1aDFES3WZj7MLbICqDNORhV1AB0/2kOyIVDdy0f/lLHNArhA4H1jwc80maFqJAQsna mHOCblm6l1RbytvX53le+z8IXhcOlEnVvQNKlJ2ljWpElpTRl3fHEIReyTkwfiVVUrWFAbG/Laa zo2KNadtfSTwLxBDv2rodZSDt4TTvdqw413rAGeQi/EmSbRjfA0kGuy5FnU9yOu8czTWentFWTB sE4FLVY3uR8To4VIRPuXX+bokslF1pCD/EcFiJRU3hcEZPeNmiCP9nFd186ToTxhpulkNCatmlM l4YAogd+8vgEhUuEK3skqO9VcnpUw1EyUo0uM8agp5K7Sc1VHhDjIAaeEr+v6Rq7KfrtoxUIZGj d77dTo1pMyiCAYIoh7ZeG8j4qemCL2ndbDN+Eo1XyXnVbqgDBoXEpVtd5td3biUTIJ6ig5hiDF+ D4WXLfkY1OSZWAIw/1lAwHrT0eiUqa3ZhKvcKr6OyTNppZ1Q6xKQdd8QSHbZmFcrsw6YS/Khswq v5xIgGNbr5C5aJA== X-Developer-Key: i=keescook@chromium.org; a=openpgp; fpr=A5C3F68F229DD60F723E6E138972F4DFDC6DC026 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Fri, 17 Nov 2023 19:32:42 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1782871085020622705 X-GMAIL-MSGID: 1782871085020622705 Use the new common directory entry name accessor helper to avoid confusing the compiler about over-running the file name buffer. Avoids false positive buffer overflow warning: [ 4849.636861] detected buffer overflow in strlen [ 4849.636897] ------------[ cut here ]------------ [ 4849.636902] kernel BUG at lib/string.c:1165! ... [ 4849.637047] Call Trace: ... [ 4849.637251] qnx4_find_entry.cold+0xc/0x18 [qnx4] [ 4849.637264] qnx4_lookup+0x3c/0xa0 [qnx4] Cc: Anders Larsen Reported-by: Ronald Monthero Closes: https://lore.kernel.org/lkml/20231112095353.579855-1-debug.penguin32@gmail.com/ Signed-off-by: Kees Cook --- fs/qnx4/namei.c | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/fs/qnx4/namei.c b/fs/qnx4/namei.c index 8d72221735d7..bb8db6550ca5 100644 --- a/fs/qnx4/namei.c +++ b/fs/qnx4/namei.c @@ -26,31 +26,24 @@ static int qnx4_match(int len, const char *name, struct buffer_head *bh, unsigned long *offset) { - struct qnx4_inode_entry *de; - int namelen, thislen; + union qnx4_directory_entry *de; + const char *fname; + int fnamelen; if (bh == NULL) { printk(KERN_WARNING "qnx4: matching unassigned buffer !\n"); return 0; } - de = (struct qnx4_inode_entry *) (bh->b_data + *offset); + de = (union qnx4_directory_entry *) (bh->b_data + *offset); *offset += QNX4_DIR_ENTRY_SIZE; - if ((de->di_status & QNX4_FILE_LINK) != 0) { - namelen = QNX4_NAME_MAX; - } else { - namelen = QNX4_SHORT_NAME_MAX; - } - thislen = strlen( de->di_fname ); - if ( thislen > namelen ) - thislen = namelen; - if (len != thislen) { + + fname = get_entry_fname(de, &fnamelen); + if (!fname || len != fnamelen) return 0; - } - if (strncmp(name, de->di_fname, len) == 0) { - if ((de->di_status & (QNX4_FILE_USED|QNX4_FILE_LINK)) != 0) { - return 1; - } - } + + if (strncmp(name, fname, len) == 0) + return 1; + return 0; }