On Mon, 2014-10-20 at 18:45 -0400, Mike Frysinger wrote:
> let's deploy extensive pr_debug markers at
> logical parse points, and add comments to the dense parsing logic. It
> let's you see exactly where the parsing aborts, the string the kernel
> received (useful when dealing with shell code), how it translated the
> buffers to binary data, and how it will apply the mask at runtime.
Mostly trivia:
> diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
[]
> @@ -323,46 +343,113 @@ static Node *create_entry(const char __user *buffer,
> size_t count)
[]
> + if (e->mask) {
> + int i;
> + char *masked = kmalloc(e->size, GFP_USER);
Why GFP_USER? Does it need it?
> + print_hex_dump_bytes(
> + KBUILD_MODNAME ": register:
> mask[decoded]: ",
> + DUMP_PREFIX_NONE, e->mask, e->size);
> +
> + if (masked) {
> + for (i = 0; i < e->size; ++i)
> + masked[i] = e->magic[i] &
> e->mask[i];
> + print_hex_dump_bytes(
> + KBUILD_MODNAME ": register:
> magic[masked]: ",
> + DUMP_PREFIX_NONE, masked,
> e->size);
> +
> + kfree(masked);
[]
> @@ -553,11 +645,17 @@ static ssize_t bm_entry_write(struct file *file, const
> char __user *buffer,
> int res = parse_command(buffer, count);
>
> switch (res) {
> - case 1: clear_bit(Enabled, &e->flags);
> + case 1:
> + /* Disable this handler. */
> + clear_bit(Enabled, &e->flags);
> break;
> - case 2: set_bit(Enabled, &e->flags);
> + case 2:
> + /* Enable this handler. */
> + set_bit(Enabled, &e->flags);
> break;
> - case 3: root = dget(file->f_path.dentry->d_sb->s_root);
> + case 3:
> + /* Delete this handler. */
> + root = dget(file->f_path.dentry->d_sb->s_root);
> mutex_lock(&root->d_inode->i_mutex);
>
> kill_node(e);
Maybe move the case indents one tab position left
switch (res) {
case 1: /* Disable handler */
clear_bit(Enabled, ...);
break;
case 2: /* Enable handler */
set_bit(...);
break;
case 3: /* Delete handler */
etc...
}
> @@ -661,9 +759,17 @@ static ssize_t bm_status_write(struct file * file, const
> char __user * buffer,
> struct dentry *root;
>
> switch (res) {
> - case 1: enabled = 0; break;
> - case 2: enabled = 1; break;
> - case 3: root = dget(file->f_path.dentry->d_sb->s_root);
> + case 1:
> + /* Disable all handlers. */
> + enabled = 0;
> + break;
> + case 2:
> + /* Enable all handlers. */
> + enabled = 1;
> + break;
> + case 3:
> + /* Delete all handlers. */
> + root = dget(file->f_path.dentry->d_sb->s_root);
> mutex_lock(&root->d_inode->i_mutex);
>
> while (!list_empty(&entries))
here too.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
