From: Nelson Elhage <nelhage@ksplice•com>
To: David Miller <davem@davemloft•net>
Cc: robert.olsson@its•uu.se, linux-kernel@vger•kernel.org,
netdev@vger•kernel.org, eugene@redhat•com
Subject: Re: [PATCH] pktgen: Remove a dangerous debug print.
Date: Wed, 27 Oct 2010 15:28:08 -0400 [thread overview]
Message-ID: <20101027192808.GP16803@ksplice.com> (raw)
In-Reply-To: <20101027.122143.02260950.davem@davemloft.net>
How would you feel about limiting the debug print to at most, say, 512 or 1024
bytes? Even if it's only accessible to root by default, I don't a userspace
program should be able to accidentally corrupt the kernel stack by writing too
many bytes to a file in /proc.
- Nelson
On Wed, Oct 27, 2010 at 12:21:43PM -0700, David Miller wrote:
> From: Nelson Elhage <nelhage@ksplice•com>
> Date: Wed, 27 Oct 2010 15:13:08 -0400
>
> > We were allocating an arbitrarily-large buffer on the stack, which would allow a
> > buggy or malicious userspace program to overflow the kernel stack.
> >
> > Since the debug printk() was just printing exactly the text passed from
> > userspace, it's probably just as easy for anyone who might use it to augment (or
> > just strace(1)) the program writing to the pktgen file, so let's just not bother
> > trying to print the whole buffer.
> >
> > Signed-off-by: Nelson Elhage <nelhage@ksplice•com>
>
> Only root can write to the pktgen control file.
>
> Also, the debug feature really is used by people's pktgen scripts, you
> can't just turn it off.
next prev parent reply other threads:[~2010-10-27 19:28 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-27 19:13 [PATCH] pktgen: Remove a dangerous debug print Nelson Elhage
2010-10-27 19:21 ` David Miller
2010-10-27 19:28 ` Nelson Elhage [this message]
2010-10-27 19:30 ` David Miller
2010-10-27 19:41 ` Eric Dumazet
2010-10-27 19:49 ` Nelson Elhage
2010-10-27 20:38 ` Ben Greear
2010-10-27 22:12 ` [patch] fix stack overflow in pktgen_if_write() Dan Carpenter
2010-10-27 22:40 ` Dan Carpenter
2010-10-27 22:43 ` [patch v2] " Dan Carpenter
2010-10-27 23:06 ` Nelson Elhage
2010-10-28 6:05 ` Dan Carpenter
2010-10-28 6:05 ` [patch v3] " Dan Carpenter
2010-10-28 15:22 ` Nelson Elhage
2010-10-28 16:28 ` Dan Carpenter
2010-10-28 16:30 ` Nelson Elhage
2010-10-28 23:11 ` Andi Kleen
2010-11-01 3:47 ` Dan Carpenter
2010-10-28 15:20 ` [PATCH] pktgen: Limit how much data we copy onto the stack Nelson Elhage
2010-10-28 18:32 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101027192808.GP16803@ksplice.com \
--to=nelhage@ksplice$(echo .)com \
--cc=davem@davemloft$(echo .)net \
--cc=eugene@redhat$(echo .)com \
--cc=linux-kernel@vger$(echo .)kernel.org \
--cc=netdev@vger$(echo .)kernel.org \
--cc=robert.olsson@its$(echo .)uu.se \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox