On (02/08/19 16:23), Petr Mladek wrote:
[..]
> + /*
> + * This is not a fool-proof test. 99% of the time that this will fault is
> + * due to a bad pointer, not one that crosses into bad memory. Just test
> + * the address to make sure it doesn't fault due to a poorly added printk
> + * during debugging.
> + */
> +static const char *check_pointer_msg(const void *ptr)
> +{
> + char byte;
> +
> + if (!ptr)
> + return "(null)";
> +
> + if (probe_kernel_address(ptr, byte))
> + return "(efault)";
> +
> + return NULL;
> +}
Hmm... So the assumption here is that the target buffer always has
at least strlen("(efault)") bytes and, thus, we always can write the
error message to it.
> +static int check_pointer(char **buf, char *end, const void *ptr,
> + struct printf_spec spec)
> +{
> + const char *err_msg;
> +
> + err_msg = check_pointer_msg(ptr);
> + if (err_msg) {
> + *buf = string_nocheck(*buf, end, err_msg, spec);
> + return -EFAULT;
> + }
> +
> + return 0;
> +}
Suppose in my driver I sprintf() pointers to 4-bytes strings and, thus,
have only 5 spare bytes in target buffer. But one of the pointers is
faulty and now sprintf() writes "(efault)" to target buffer which can
hold only 5 bytes.
-ss
