On Thu, Sep 30, 2021 at 09:10:33AM +0200, Jinpu Wang wrote: > On Thu, Sep 30, 2021 at 9:01 AM Leon Romanovsky <leon@xxxxxxxxxx> wrote: > > > > On Thu, Sep 30, 2021 at 08:03:40AM +0200, Jinpu Wang wrote: > > > On Wed, Sep 29, 2021 at 2:04 PM Leon Romanovsky <leon@xxxxxxxxxx> wrote: > > > > > > > > On Wed, Sep 29, 2021 at 09:00:56AM +0200, Jack Wang wrote: > > > > > Leon Romanovsky <leon@xxxxxxxxxx> 于2021年9月28日周二 上午9:28写道: > > > > > > > > > > > > On Tue, Sep 28, 2021 at 09:08:26AM +0200, Jack Wang wrote: > > > > > > > Leon Romanovsky <leon@xxxxxxxxxx> 于2021年9月27日周一 下午2:23写道: > > > > > > > > > > > > > > > > On Wed, Sep 22, 2021 at 02:53:32PM +0200, Md Haris Iqbal wrote: > > > > > > > > > Allowing these characters in sessname can lead to unexpected results, > > > > > > > > > particularly because / is used as a separator between files in a path, > > > > > > > > > and . points to the current directory. > > > > > > > > > > > > > > > > > > Signed-off-by: Md Haris Iqbal <haris.iqbal@xxxxxxxxx> > > > > > > > > > Reviewed-by: Gioh Kim <gi-oh.kim@xxxxxxxxx> > > > > > > > > > Reviewed-by: Aleksei Marov <aleksei.marov@xxxxxxxxx> > > > > > > > > > --- > > > > > > > > > drivers/infiniband/ulp/rtrs/rtrs-clt.c | 6 ++++++ > > > > > > > > > drivers/infiniband/ulp/rtrs/rtrs-srv.c | 5 +++++ > > > > > > > > > 2 files changed, 11 insertions(+) > > > > > > > > > > > > > > > > It will be safer if you check for only allowed symbols and disallow > > > > > > > > everything else. Check for: a-Z, 0-9 and "-". > > > > > > > > > > > > > > > Hi Leon, > > > > > > > > > > > > > > Thanks for your suggestions. > > > > > > > The reasons we choose to do disallow only '/' and '.': > > > > > > > 1 more flexible, most UNIX filenames allow any 8-bit set, except '/' and null. > > > > > > > > > > > > So you need to add all possible protections and checks that VFS has to allow "random" name. > > > > > It's only about sysfs here, as we use sessname to create dir in sysfs, > > > > > and I checked the code, it allows any 8-bit set, and convert '/' to > > > > > '!', see https://elixir.bootlin.com/linux/latest/source/lib/kobject.c#L299 > > > > > > > > > > > > > 2 matching for 2 characters is faster than checking all the allowed > > > > > > > symbols during session establishment. > > > > > > > > > > > > Extra CPU cycles won't make any difference here. > > > > > As we can have hundreds of sessions, in the end, it matters. > > > > > > > > Your rtrs_clt_open() function is far from being optimized for > > > > performance. It allocates memory, iterates over all paths, creates > > > > sysfs and kobject. > > > > > > > > So no, it doesn't matter here. > > > > > > > Let me reiterate, why do we want to further slow it down, what do you > > > anticipate if we only do the disallow approach > > > as we do it now? > > > > It is common practice to sanitize user input and explicitly allow known > > good input, instead of relying on deny of bad input. We don't know the > > future and can't be sure that "deny" is actually closed all holes. > > Thanks for the clarification, but still what kind of holes do you have > in mind, the input string length is already checked and it's > not duplicated with other sessname. and sysfs does allow all 8 bit set IIUC. As an example, symbols like "/" and "\". > > Thanks! > > > Thanks