Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe... | linuxppc-dev

[PATCH v3 0/7] powerpc: a few kprobe fixes and refactoring · Naveen N. Rao <hidden> · 2017-04-19
[PATCH v3 2/7] powerpc: kprobes: fix handling of function offsets on ABIv2 · Naveen N. Rao <hidden> · 2017-04-19
Re: [v3,2/7] powerpc: kprobes: fix handling of function offsets on ABIv2 · Michael Ellerman <hidden> · 2017-04-24
[PATCH v3 3/7] kprobes: validate the symbol name length · Naveen N. Rao <hidden> · 2017-04-19
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-19
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Naveen N. Rao <hidden> · 2017-04-19
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-21
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Naveen N. Rao <hidden> · 2017-04-23
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-25
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Michael Ellerman <mpe@ellerman.id.au> · 2017-04-20
Re: [PATCH v3 3/7] kprobes: validate the symbol name length · Naveen N. Rao <hidden> · 2017-04-20
[PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration · Naveen N. Rao <hidden> · 2017-04-21
Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration · Paul Clarke <hidden> · 2017-04-21
Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration · Naveen N. Rao <hidden> · 2017-04-21
Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-21
Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration · Michael Ellerman <mpe@ellerman.id.au> · 2017-04-22
Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration · Naveen N. Rao <hidden> · 2017-04-23
[PATCH v4 4/7] powerpc/kprobes: Use safer string functions in kprobe_lookup_name() · Naveen N. Rao <hidden> · 2017-04-21
Re: [PATCH v4 4/7] powerpc/kprobes: Use safer string functions in kprobe_lookup_name() · Paul Clarke <hidden> · 2017-04-21
Re: [PATCH v4 4/7] powerpc/kprobes: Use safer string functions in kprobe_lookup_name() · Paul Clarke <hidden> · 2017-04-21
Re: [PATCH v4 4/7] powerpc/kprobes: Use safer string functions in kprobe_lookup_name() · Paul Clarke <hidden> · 2017-04-21
Re: [PATCH v4 4/7] powerpc/kprobes: Use safer string functions in kprobe_lookup_name() · Naveen N. Rao <hidden> · 2017-04-23
[PATCH v3 4/7] powerpc: kprobes: use safer string functions in kprobe_lookup_name() · Naveen N. Rao <hidden> · 2017-04-19
RE: [PATCH v3 4/7] powerpc: kprobes: use safer string functions in kprobe_lookup_name() · David Laight <hidden> · 2017-04-21
[PATCH v3 5/7] powerpc: kprobes: factor out code to emulate instruction into a helper · Naveen N. Rao <hidden> · 2017-04-19
Re: [PATCH v3 5/7] powerpc: kprobes: factor out code to emulate instruction into a helper · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-19
Re: [v3, 5/7] powerpc: kprobes: factor out code to emulate instruction into a helper · Michael Ellerman <hidden> · 2017-04-24
[PATCH v3 1/7] kprobes: convert kprobe_lookup_name() to a function · Naveen N. Rao <hidden> · 2017-04-19
Re: [v3,1/7] kprobes: convert kprobe_lookup_name() to a function · Michael Ellerman <hidden> · 2017-04-24
[PATCH v3 6/7] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Naveen N. Rao <hidden> · 2017-04-19
Re: [PATCH v3 6/7] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-19
Re: [PATCH v3 6/7] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Naveen N. Rao <hidden> · 2017-04-19
Re: [PATCH v3 6/7] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Michael Ellerman <mpe@ellerman.id.au> · 2017-04-20
Re: [PATCH v3 6/7] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-21
Re: [v3, 6/7] powerpc: kprobes: emulate instructions on kprobe handler re-entry · Michael Ellerman <hidden> · 2017-04-24
[PATCH v3 7/7] powerpc: kprobes: remove duplicate saving of msr · Naveen N. Rao <hidden> · 2017-04-19
Re: [PATCH v3 7/7] powerpc: kprobes: remove duplicate saving of msr · Masami Hiramatsu <mhiramat@kernel.org> · 2017-04-19
Re: [v3,7/7] powerpc: kprobes: remove duplicate saving of msr · Michael Ellerman <hidden> · 2017-04-23

Re: [PATCH v4 3/7] kprobes: validate the symbol name provided during probe registration

From: Michael Ellerman <mpe@ellerman.id.au>
Date: 2017-04-22 05:55:26
Also in: lkml

"Naveen N. Rao" [off-list ref] writes:

When a kprobe is being registered, we use the symbol_name field to
lookup the address where the probe should be placed. Since this is a
user-provided field, let's ensure that the length of the string is
within expected limits.

What are we actually trying to protect against here?

If you ignore powerpc for a moment, kprobe_lookup_name() is just
kallsyms_lookup_name().

All kallsyms_lookup_name() does with name is strcmp() it against a
legitimate symbol name which is at most KSYM_NAME_LEN.

So I don't think any of this validation helps in that case?

In the powerpc version of kprobe_lookup_name() we do need to do some
string juggling, for which it helps to know the input is sane. But I
think we should just make that code more robust by checking the input
before we do anything with it.

cheers

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help