Message ID | 2375c9f91002210041l1bf30871vdf3881589a654d5a@mail.gmail.com |
---|---|
State | Not Applicable, archived |
Delegated to: | David Miller |
Headers | show |
Américo Wang wrote: > On Sun, Feb 21, 2010 at 3:24 PM, Dongdong Deng > <dongdong.deng@windriver.com> wrote: >> The param_set_fn() function will get a parameter which is a NULL >> pointer when insmod module with params via following method: >> >> $insmod module.ko module_params >> >> BTW: the normal method usually as following format: >> $insmod module.ko module_params=example >> >> If the param_set_fn() function didn't check that parameter and used >> it directly, it could caused an OOPS due to NULL pointer dereference. >> >> The solution is simple: >> Just checking the parameter before using in param_set_fn(). >> >> Example: >> int set_module_params(const char *val, struct kernel_param *kp) >> { >> /*Checking the val parameter before using */ >> if (!val) >> return -EINVAL; >> ... >> } >> module_param_call(module_params, set_module_params, NULL, NULL, 0644); >> > > Why not just checking all of them in the generic code? It is no problem that we check the params before invoking param_set_fn(). But I trend to do the checking in param_set_*fn(), because we can offer some special prompt infos to user if we want and handle some special cases like param_set_bool(). Thanks, Dongdong > How about my _untested_ patch below? > > Thanks. > > ----------- > > When a module parameter "foo" is not bool, we shouldn't accept arguments > like this "insmod ./foo.ko foo". However, currently only standard > ->set functions > check this, several non-standard ->set functions ignore this, thus could cause > NULL def oops. > > Reported-by: Dongdong Deng <dongdong.deng@windriver.com> > Signed-off-by: WANG Cong <xiyou.wangcong@gmail.com> > > --- > -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sun, Feb 21, 2010 at 5:16 PM, DDD <dongdong.deng@windriver.com> wrote: > Américo Wang wrote: >> >> On Sun, Feb 21, 2010 at 3:24 PM, Dongdong Deng >> <dongdong.deng@windriver.com> wrote: >>> >>> The param_set_fn() function will get a parameter which is a NULL >>> pointer when insmod module with params via following method: >>> >>> $insmod module.ko module_params >>> >>> BTW: the normal method usually as following format: >>> $insmod module.ko module_params=example >>> >>> If the param_set_fn() function didn't check that parameter and used >>> it directly, it could caused an OOPS due to NULL pointer dereference. >>> >>> The solution is simple: >>> Just checking the parameter before using in param_set_fn(). >>> >>> Example: >>> int set_module_params(const char *val, struct kernel_param *kp) >>> { >>> /*Checking the val parameter before using */ >>> if (!val) >>> return -EINVAL; >>> ... >>> } >>> module_param_call(module_params, set_module_params, NULL, NULL, 0644); >>> >> >> Why not just checking all of them in the generic code? > > It is no problem that we check the params before invoking param_set_fn(). > > But I trend to do the checking in param_set_*fn(), because we can offer some > special prompt infos to user if we want and handle some special cases like > param_set_bool(). > Yeah, I knew standard bool parameters can accept that, the problem is that KPARAM_ISBOOL is not enough to check if a parameter is bool or not. Probably we need a new flag... Thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Sun, 21 Feb 2010 07:11:36 pm Américo Wang wrote: > On Sun, Feb 21, 2010 at 3:24 PM, Dongdong Deng > <dongdong.deng@windriver.com> wrote: > > The param_set_fn() function will get a parameter which is a NULL > > pointer when insmod module with params via following method: > > > > $insmod module.ko module_params > > > > BTW: the normal method usually as following format: > > $insmod module.ko module_params=example > > > > If the param_set_fn() function didn't check that parameter and used > > it directly, it could caused an OOPS due to NULL pointer dereference. > > > > The solution is simple: > > Just checking the parameter before using in param_set_fn(). > > > > Example: > > int set_module_params(const char *val, struct kernel_param *kp) > > { > > /*Checking the val parameter before using */ > > if (!val) > > return -EINVAL; > > ... > > } > > module_param_call(module_params, set_module_params, NULL, NULL, 0644); > > > > Why not just checking all of them in the generic code? It seemed useful to allow 'foo' as well as 'foo='. But given these examples, obviously that was too easy to misuse. So I like your patch; please annotate it properly and put a comment like: /* We used to hand NULL for bare params, but most code didn't handle it :( */ I assume none of those non-standard param parsers *want* to handle NULL? Thanks, Rusty.
Rusty Russell wrote: > On Sun, 21 Feb 2010 07:11:36 pm Américo Wang wrote: >> On Sun, Feb 21, 2010 at 3:24 PM, Dongdong Deng >> <dongdong.deng@windriver.com> wrote: >>> The param_set_fn() function will get a parameter which is a NULL >>> pointer when insmod module with params via following method: >>> >>> $insmod module.ko module_params >>> >>> BTW: the normal method usually as following format: >>> $insmod module.ko module_params=example >>> >>> If the param_set_fn() function didn't check that parameter and used >>> it directly, it could caused an OOPS due to NULL pointer dereference. >>> >>> The solution is simple: >>> Just checking the parameter before using in param_set_fn(). >>> >>> Example: >>> int set_module_params(const char *val, struct kernel_param *kp) >>> { >>> /*Checking the val parameter before using */ >>> if (!val) >>> return -EINVAL; >>> ... >>> } >>> module_param_call(module_params, set_module_params, NULL, NULL, 0644); >>> >> Why not just checking all of them in the generic code? > > It seemed useful to allow 'foo' as well as 'foo='. Ah, this is a good method to deal with this issue. I will redo this patch shortly. Thanks, Dongdong But given these examples, > obviously that was too easy to misuse. > > So I like your patch; please annotate it properly and put a comment > like: > /* We used to hand NULL for bare params, but most code didn't handle it :( */ > > I assume none of those non-standard param parsers *want* to handle NULL? > > Thanks, > Rusty. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/kernel/params.c b/kernel/params.c index cf1b691..84a1466 100644 --- a/kernel/params.c +++ b/kernel/params.c @@ -59,6 +59,8 @@ static int parse_one(char *param, /* Find parameter */ for (i = 0; i < num_params; i++) { if (parameq(param, params[i].name)) { + if ((!params[i].flags & KPARAM_ISBOOL) && !val) + return -EINVAL; DEBUGP("They are equal! Calling %p\n", params[i].set); return params[i].set(val, ¶ms[i]);