On Fri 2019-04-19 10:51:12, Sergey Senozhatsky wrote: > On (04/17/19 13:53), Petr Mladek wrote: > > Crash in vsprintf() might be silent when it happens under logbuf_lock > > in vprintk_emit(). This patch set prevents most of the crashes by probing > > the address. The check is done only by %s and some %p* specifiers that need > > to dereference the address. > > > > Only the first byte of the address is checked to keep it simple. It should > > be enough to catch most problems. > > > > The check is explicitly done in each function that does the dereference. > > It helps to avoid the questionable strchr() of affected specifiers. This > > change motivated me to do some preparation patches that consolidated > > the error handling and cleaned the code a bit. > > The patch set looks OK to me. > > I got confused by 'pC?' error string, but once you start looking > at it as a regex (? - zero or one occurrences) things look OK. > Regex in dmesg/serial output might be something very new to people, > stack traces, after all, is a rather common error reporting mechanism. > So the previous "WARN_ON() + exact unrecognized fmt[N] char" was not > totally awful or wrong (well, it was, before we introduced printk_safe()), > but I don't have strong objections against that new regex thing. > > FWIW, > Reviewed-by: Sergey Senozhatsky <sergey.senozhat...@gmail.com>
Thanks a lot for review. I have pushed the entire patchset into printk.git, branch for-5.2-vsprintf-hardening to get some test coverage via linux-next. I still expect some feedback, especially from Andy who seems to have a vacation these days. I think that Andy wanted these changes rather sooner than later, so I hope that he would be fine with it. I could take it back in case of disagreement. Best Regards, Petr