On Thu, 16 Nov 2023 11:21:25 -0800 Kees Cook <[email protected]> wrote:
> One of the last remaining users of strlcpy() in the kernel is > kernfs_path_from_node_locked(), which passes back the problematic "length > we _would_ have copied" return value to indicate truncation. Convert the > chain of all callers to use the negative return value (some of which > already doing this explicitly). All callers were already also checking > for negative return values, so the risk to missed checks looks very low. > > In this analysis, it was found that cgroup1_release_agent() actually > didn't handle the "too large" condition, so this is technically also a > bug fix. :) > > Here's the chain of callers, and resolution identifying each one as now > handling the correct return value: > > kernfs_path_from_node_locked() > kernfs_path_from_node() > pr_cont_kernfs_path() > returns void > kernfs_path() > sysfs_warn_dup() > return value ignored > cgroup_path() > blkg_path() > bfq_bic_update_cgroup() > return value ignored > TRACE_IOCG_PATH() > return value ignored > TRACE_CGROUP_PATH() > return value ignored > perf_event_cgroup() > return value ignored > task_group_path() > return value ignored > damon_sysfs_memcg_path_eq() > return value ignored > get_mm_memcg_path() > return value ignored > lru_gen_seq_show() > return value ignored > cgroup_path_from_kernfs_id() > return value ignored > cgroup_show_path() > already converted "too large" error to negative value > cgroup_path_ns_locked() > cgroup_path_ns() > bpf_iter_cgroup_show_fdinfo() > return value ignored > cgroup1_release_agent() > wasn't checking "too large" error > proc_cgroup_show() > already converted "too large" to negative > value > > Cc: Greg Kroah-Hartman <[email protected]> > Cc: Tejun Heo <[email protected]> > Cc: Zefan Li <[email protected]> > Cc: Johannes Weiner <[email protected]> > Cc: Waiman Long <[email protected]> > Cc: Steven Rostedt <[email protected]> > Cc: Masami Hiramatsu <[email protected]> > Cc: [email protected] > Cc: [email protected] > Co-developed-by: Azeem Shaikh <[email protected]> > Signed-off-by: Azeem Shaikh <[email protected]> > Signed-off-by: Kees Cook <[email protected]> > --- > fs/kernfs/dir.c | 37 ++++++++++++++++++++----------------- > kernel/cgroup/cgroup-v1.c | 2 +- > kernel/cgroup/cgroup.c | 4 ++-- > kernel/cgroup/cpuset.c | 2 +- > kernel/trace/trace_uprobe.c | 2 +- trace_uprobe.c seems out of scope for this patch. -- Steve
