linux.git/drivers/staging/p9auth, branch v2.6.31 Linux kernel source tree staging: p9auth: prevent some oopses and memory leaks 2009-06-19T18:00:54+00:00 Serge E. Hallyn serue@us.ibm.com 2009-05-20T15:15:28+00:00 f82ebea5c8ef9ed9378fc6402051a4860a805397 Before all testcases, do: mknod /dev/caphash c 253 0 mknod /dev/capuse c 253 1 This patch does the following: 1. caphash write of > CAP_NODE_SIZE bytes overruns node_ptr->data (test: cat /etc/mime.types > /dev/caphash) 2. make sure we don't dereference a NULL cap_devices[0].head (test: cat serge@root@abab > /dev/capuse) 3. don't let strlen dereference a NULL target_user etc (test: echo ab > /dev/capuse) 4. Don't leak a bunch of memory in cap_write(). Note that technically node_ptr is not needed for the capuse write case. As a result I have a much more extensive patch splitting up cap_write(), but I thought a smaller patch that is easier to test and verify would be a better start. To test: cnt=0 while [ 1 ]; do echo /etc/mime.types > /dev/capuse if [ $((cnt%25)) -eq 0 ]; then head -2 /proc/meminfo fi cnt=$((cnt+1)) sleep 0.3 done Without this patch, it MemFree steadily drops. With the patch, it does not. I have *not* tested this driver (with or without these patches) with factotum or anything - only using the tests described above. Signed-off-by: Serge E. Hallyn <serue@us.ibm.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
Before all testcases, do:
	mknod /dev/caphash c 253 0
	mknod /dev/capuse c 253 1

This patch does the following:

1. caphash write of > CAP_NODE_SIZE bytes overruns node_ptr->data
	(test: cat /etc/mime.types > /dev/caphash)
2. make sure we don't dereference a NULL cap_devices[0].head
	(test: cat serge@root@abab > /dev/capuse)
3. don't let strlen dereference a NULL target_user etc
	(test: echo ab > /dev/capuse)
4. Don't leak a bunch of memory in cap_write().  Note that
   technically node_ptr is not needed for the capuse write case.
   As a result I have a much more extensive patch splitting up
   cap_write(), but I thought a smaller patch that is easier to test
   and verify would be a better start.  To test:
	cnt=0
	while [ 1 ]; do
		echo /etc/mime.types > /dev/capuse
		if [ $((cnt%25)) -eq 0 ]; then
			head -2 /proc/meminfo
		fi
		cnt=$((cnt+1))
		sleep 0.3
	done
   Without this patch, it MemFree steadily drops.  With the patch,
   it does not.

I have *not* tested this driver (with or without these patches)
with factotum or anything - only using the tests described above.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: clean up #includes 2009-04-03T21:54:24+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:37:55+00:00 2418a628ff9d1cfc4fecd9899f915326ff6e7b96 Not all of these files needed to be included, clean up the list. Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
Not all of these files needed to be included, clean up the list.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: use kzalloc 2009-04-03T21:54:24+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:31:39+00:00 6d0d63bd7a9c0a6373c7759cb55580b806269dae It's nicer than doing kmalloc/memset. Also check the return value of all allocations, one was previously not being checked properly. Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
It's nicer than doing kmalloc/memset.

Also check the return value of all allocations, one was previously not
being checked properly.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: fix up sparse warnings 2009-04-03T21:54:23+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:25:02+00:00 0f386e2b4c6109164e82277513a9570fc9ec644c Everything needs to be static, as sparse complains and you don't want to polute the global kernel symbol namespace. So mark everything as such and move one function around to prevent a forward declaration from being needed. Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
Everything needs to be static, as sparse complains and you don't want to
polute the global kernel symbol namespace.  So mark everything as such
and move one function around to prevent a forward declaration from being
needed.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: fix up codingstyle issues 2009-04-03T21:54:23+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:21:55+00:00 77dc1139f4a125d46e03fdbb3ac8ab8737ab67d6 This fixes up a number of scripts/codingstyle.pl warnings and errors Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
This fixes up a number of scripts/codingstyle.pl warnings and errors

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: remove unneeded header file 2009-04-03T21:54:23+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:11:39+00:00 4bf0438332d5173836fdc2d6471fec526d0a14a8 The p9auth.h file is not needed, move the stuff into p9auth.c file and delete it. Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
The p9auth.h file is not needed, move the stuff into p9auth.c file and
delete it.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: fix dependency/build error 2009-04-03T21:54:23+00:00 Randy Dunlap randy.dunlap@oracle.com 2009-03-10T18:59:36+00:00 9752ef46c6d32b7ccf10b874f00e433844db2b1a Fix p9auth dependency/build failure. It needs to depend on CRYPTO. p9auth.c:(.text+0x107297): undefined reference to `crypto_alloc_base' p9auth.c:(.text+0x1073d4): undefined reference to `crypto_destroy_tfm' Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com> Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
Fix p9auth dependency/build failure.  It needs to depend on
CRYPTO.

p9auth.c:(.text+0x107297): undefined reference to `crypto_alloc_base'
p9auth.c:(.text+0x1073d4): undefined reference to `crypto_destroy_tfm'

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: add to the kernel build 2009-04-03T21:54:23+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:08:20+00:00 00db8a8ecc91abeb46d1128a788a194018c51e77 This adds the p9auth code to the kernel build Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
This adds the p9auth code to the kernel build

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: p9auth: fix credential logic 2009-04-03T21:54:23+00:00 Greg Kroah-Hartman gregkh@suse.de 2009-02-25T04:06:34+00:00 5dba0826999683fe39aa8b49480b0e953afd117a current->uid is no longer allowed in the 2.6.29 kernel, so use the proper credential api to be able to alter the uid and euid values. Note, this now builds properly, hopefully still works properly, would be good for someone to test it out... Cc: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
current->uid is no longer allowed in the 2.6.29 kernel, so use
the proper credential api to be able to alter the uid and euid values.

Note, this now builds properly, hopefully still works properly, would be
good for someone to test it out...

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Staging: add p9auth driver 2009-04-03T21:54:23+00:00 Ashwin Ganti ashwin.ganti@gmail.com 2009-02-25T03:48:44+00:00 55643171de7ba429fbf2cb72fb1f2c6f2df0dcf3 This is a driver that adds Plan 9 style capability device implementation. From: Ashwin Ganti <ashwin.ganti@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> 
This is a driver that adds Plan 9 style capability device
implementation.

From: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>