Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special... | linux-rdma

[PATCH for-next 0/7] Misc update for RTRS · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
[PATCH for-next 1/7] RDMA/rtrs: Use sysfs_emit instead of s*printf function for sysfs show · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
[PATCH for-next 2/7] RDMA/rtrs: Remove len parameter from helper print functions of sysfs · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
[PATCH for-next 3/7] RDMA/rtrs: Fix warning when use poll mode on client side. · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
[PATCH for-next 4/7] RDMA/rtrs: Replace duplicate check with is_pollqueue helper · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
[PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Leon Romanovsky <leon@kernel.org> · 2021-09-27
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jack Wang <hidden> · 2021-09-28
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Leon Romanovsky <leon@kernel.org> · 2021-09-28
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jack Wang <hidden> · 2021-09-29
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Leon Romanovsky <leon@kernel.org> · 2021-09-29
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jinpu Wang <jinpu.wang@ionos.com> · 2021-09-30
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Leon Romanovsky <leon@kernel.org> · 2021-09-30
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jinpu Wang <jinpu.wang@ionos.com> · 2021-09-30
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Leon Romanovsky <leon@kernel.org> · 2021-09-30
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jinpu Wang <jinpu.wang@ionos.com> · 2021-10-01
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Leon Romanovsky <leon@kernel.org> · 2021-10-01
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jinpu Wang <jinpu.wang@ionos.com> · 2021-10-04
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jason Gunthorpe <jgg@ziepe.ca> · 2021-10-04
Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and . · Jinpu Wang <jinpu.wang@ionos.com> · 2021-10-04
[PATCH for-next 5/7] RDMA/rtrs: Introduce destroy_cq helper · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
[PATCH for-next 7/7] RDMA/rtrs-clt: Follow "one entry one value" rule for IO migration stats · Md Haris Iqbal <haris.iqbal@ionos.com> · 2021-09-22
Re: [PATCH for-next 0/7] Misc update for RTRS · Jason Gunthorpe <jgg@nvidia.com> · 2021-10-04

Re: [PATCH for-next 6/7] RDMA/rtrs: Do not allow sessname to contain special symbols / and .

From: Jinpu Wang <jinpu.wang@ionos.com>
Date: 2021-09-30 07:10:47

On Thu, Sep 30, 2021 at 9:01 AM Leon Romanovsky [off-list ref] wrote:

On Thu, Sep 30, 2021 at 08:03:40AM +0200, Jinpu Wang wrote:

quoted

On Wed, Sep 29, 2021 at 2:04 PM Leon Romanovsky [off-list ref] wrote:

quoted

On Wed, Sep 29, 2021 at 09:00:56AM +0200, Jack Wang wrote:

quoted

Leon Romanovsky [off-list ref] 于2021年9月28日周二 上午9:28写道：

quoted

On Tue, Sep 28, 2021 at 09:08:26AM +0200, Jack Wang wrote:

quoted

Leon Romanovsky [off-list ref] 于2021年9月27日周一 下午2:23写道：

quoted

On Wed, Sep 22, 2021 at 02:53:32PM +0200, Md Haris Iqbal wrote:

quoted

Allowing these characters in sessname can lead to unexpected results,
particularly because / is used as a separator between files in a path,
and . points to the current directory.

Signed-off-by: Md Haris Iqbal <haris.iqbal@ionos.com>
Reviewed-by: Gioh Kim <redacted>
Reviewed-by: Aleksei Marov <redacted>
---
 drivers/infiniband/ulp/rtrs/rtrs-clt.c | 6 ++++++
 drivers/infiniband/ulp/rtrs/rtrs-srv.c | 5 +++++
 2 files changed, 11 insertions(+)

It will be safer if you check for only allowed symbols and disallow
everything else. Check for: a-Z, 0-9 and "-".

Hi Leon,

Thanks for your suggestions.
The reasons we choose to do disallow only '/' and '.':
1 more flexible, most UNIX filenames allow any 8-bit set, except '/' and null.

So you need to add all possible protections and checks that VFS has to allow "random" name.

It's only about sysfs here, as we use sessname to create dir in sysfs,
and I checked the code, it allows any 8-bit set, and convert '/' to
'!', see https://elixir.bootlin.com/linux/latest/source/lib/kobject.c#L299

quoted

2 matching for 2 characters is faster than checking all the allowed
symbols during session establishment.

Extra CPU cycles won't make any difference here.

As we can have hundreds of sessions, in the end, it matters.

Your rtrs_clt_open() function is far from being optimized for
performance. It allocates memory, iterates over all paths, creates
sysfs and kobject.

So no, it doesn't matter here.

Let me reiterate, why do we want to further slow it down, what do you
anticipate if we only do the disallow approach
as we do it now?

It is common practice to sanitize user input and explicitly allow known
good input, instead of relying on deny of bad input. We don't know the
future and can't be sure that "deny" is actually closed all holes.

Thanks for the clarification, but still what kind of holes do you have
in mind, the input string length is already checked and it's
not duplicated with other sessname. and sysfs does allow all 8 bit set IIUC.

Thanks!

Thanks

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help