pstore: Avoid potential infinite loop
If a backend does not correctly iterate through its records, pstore will get stuck loading entries. Detect this with a large record count, and announce if we ever hit the limit. This will let future backend reading bugs less annoying to debug. Additionally adjust the error about pstore_mkfile() failing. Signed-off-by: Kees Cook <keescook@chromium.org>
This commit is contained in:
parent
f6525b96dd
commit
656de42e83
@ -822,6 +822,7 @@ void pstore_get_backend_records(struct pstore_info *psi,
|
|||||||
struct dentry *root, int quiet)
|
struct dentry *root, int quiet)
|
||||||
{
|
{
|
||||||
int failed = 0;
|
int failed = 0;
|
||||||
|
unsigned int stop_loop = 65536;
|
||||||
|
|
||||||
if (!psi || !root)
|
if (!psi || !root)
|
||||||
return;
|
return;
|
||||||
@ -835,7 +836,7 @@ void pstore_get_backend_records(struct pstore_info *psi,
|
|||||||
* may reallocate record.buf. On success, pstore_mkfile() will keep
|
* may reallocate record.buf. On success, pstore_mkfile() will keep
|
||||||
* the record.buf, so free it only on failure.
|
* the record.buf, so free it only on failure.
|
||||||
*/
|
*/
|
||||||
for (;;) {
|
for (; stop_loop; stop_loop--) {
|
||||||
struct pstore_record *record;
|
struct pstore_record *record;
|
||||||
int rc;
|
int rc;
|
||||||
|
|
||||||
@ -870,8 +871,11 @@ out:
|
|||||||
mutex_unlock(&psi->read_mutex);
|
mutex_unlock(&psi->read_mutex);
|
||||||
|
|
||||||
if (failed)
|
if (failed)
|
||||||
pr_warn("failed to load %d record(s) from '%s'\n",
|
pr_warn("failed to create %d record(s) from '%s'\n",
|
||||||
failed, psi->name);
|
failed, psi->name);
|
||||||
|
if (!stop_loop)
|
||||||
|
pr_err("looping? Too many records seen from '%s'\n",
|
||||||
|
psi->name);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void pstore_dowork(struct work_struct *work)
|
static void pstore_dowork(struct work_struct *work)
|
||||||
|
Loading…
Reference in New Issue
Block a user