olh@suse.de [Wed, 24 Mar 2004 02:52:52 +0000 (18:52 -0800)]
[PATCH] uninitialized variable for mknod and friend
mknod gets an uninitialized variable, which leads to interesting file
modes. the bug is in namedev, devices with no match must not use the
uninitialized stuff were dev points to.
On Mon, Mar 15, 2004 at 09:28:17PM +0100, Kay Sievers wrote:
> Here is a first simple and pretty stupid try to make a simple tool for
> composing of a udev rule.
>
> It reads the udevdb to get all currently handled devices and presents a
> list, where you can choose the device to compose the rule for.
>
> The composed rule is just printed out in a window, nothing else by now.
>
> Do we want something like this?
> Nevermind, I always wanted to know, how this newt thing works :)
Here is the next step, I still can't sleep and there are to many patches
pending to make something useful :)
Cause nobody wanted to play with me, I've made a screenshot.
The device list is sorted in alphabetical order now and if there are only
a few recently discovered devices, they are placed on top of the list.
For those who want to have a look:
http://vrfy.org/projects/udev/udevruler.png
The patch applies on top of today's mmap() patch. The db format is
changed to have the file and line number of the applied rule. So it
should be easy to edit the matching rule with this beast. It compiles
with "make all udevruler".
Hi, Greg. Appended is scsi-devfs.sh, a script for udev to implement
devfs-style names for SCSI hard discs, CD-ROM's and generic devices.
This has been tested with both hard discs and CD-ROM's. The SCSI
generic support should be OK for when there is sysfs/udev support for
SCSI generic devices. SCSI tapes are not yet implemented because I
don't have one to test with.
In addition, this script supports physical names, based on PCI bus
location, both longhand (/udev/bus/pci/...) and shorthand
(/udev/sd/pci/*).
[PATCH] replace fgets() with mmap() and introduce udev_lib.[hc]
Here we replace the various fgets() with a mmap() call for the config
file reading, due to the reported performance problems with klibc.
Thanks to Patrick's testing, it makes a very small, close to nothing
speed gain for libc users, but a 6 times speed increase for klibc users
with a 1000 line config file.
I've created a udev_lib.[hc] for this and also moved all the generic
stuff from udev.h in there and uninlined the functions.
Here are the missing pieces for udevtest. A simple man page is added,
the blacklist is removed, cause it can't work without having a subsystem.
The Makefile removes all manpages now with a uninstall and installs
udevtest in /usr/bin/.
Any old version from /sbin/ should be deleted by hand.
The only expected argument is the sysfs devpath, here I changed it to be
more tolerant to the input. The path may now be specified with or
without a leading slash and optionally with the /sys moutpoint prepended.
I hope this will end the confusion about the use of this program :)
On Thu, Mar 11, 2004 at 02:36:23PM +0100, Kay Sievers wrote:
> On Thu, 2004-03-11 at 15:02, Ananth N Mavinakayanahalli wrote:
> > On Thu, Mar 11, 2004 at 02:04:36PM +0100, Kay Sievers wrote:
> > > On Thu, Mar 11, 2004 at 11:53:50AM +0500, Ananth N Mavinakayanahalli wrote:
> > >
> > > > +#define safestrcpy(to, from) strncpy(to, from, sizeof(to)-1)
> > > > +#define safestrcat(to, from) strncat(to, from, sizeof(to) - strlen(to)-1)
> > >
> > > These strings are not terminated with '\0' if from is longer than
> > > the sizeof to.
> >
> > Did not do it on purpose as the "to" elements are either calloc'd or memset to
> > '0' explicitly in the library. Thats the reason I mentioned "scaled down" :)
>
> Ahh, sounds good.
>
> > > > +#define safestrncpy(to, from, maxsize) \
> > > > +do { \
> > > > + to[maxsize-1] = '\0'; \
> > > > + strncpy(to, from, maxsize-1); \
> > > > +} while (0)
> > > > +
> > > > +#define safestrncat(to, from, maxsize) \
> > > > +do { \
> > > > + to[maxsize-1] = '\0'; \
> > > > + strncat(to, from, maxsize - strlen(to)-1); \
> > > > +} while (0)
> > >
> > > We all expect a similar behavior like strncat/strncpy according to the
> > > names, but these macros are limiting by the target size and do not limit
> > > the count of chars copied.
> > > This is confusing I think and suggest using a different name like
> > > 'safestrcopymax()' or something.
> >
> > Good point.. will make the change
>
> Nice. I've had these *n* names too and I forgot about the logic and only
> 10 days later I introduced a ugly bug cause I can't limit the count of
> copied chars :)
Inlined is the patch for this... applies on the earlier _BIG_ patch.
Please find attached a _BIG_ patch to update udev's libsysfs. Patch applies
on udev-021 and contains:
1. Updates to get udev's libsysfs to the latest (to be released) level.
2. Changes for C++ compatibility (use "char" and not "unsigned char"
unless absolutely necessary).
3. More importantly, take care of buffer overflows. Libsysfs now uses a
scaled down version of Kay's "safe" macros.
Here I change the callout fork logic.
The current cersion is unable to read a pipe which is not flushed at once,
Now we read until it's closed.
The maximum argument count is calculated by the strlen now. We have 100
chars for our result buffer so we can't have more than 50 parameters.
So it's much more clear what will happen now and not some magic boundary
where we use shell behind it.
Parameter can be combined to one by using apostrophes.
this on works now:
BUS="scsi", PROGRAM="/bin/sh -c 'echo foo3 foo4 foo5 foo6 foo7 foo8 foo9 | sed s/foo9/bar9/'", KERNEL="sda3", NAME="%c{7}"
[PATCH] allow to specify node permissions in the rule
This allows to set the permissions along with the rule.
This is not a general replacement for the permissions config, but it
may be easier sometimes for the user to specify the permissions along
with the rule, cause the permissions config file wants the final node
name to match, which seems sometimes a bit difficult to guess, if
format % chars are used in the NAME field.
Any value not given in the rule is still be read from the permissions
file or set to the default. This one will also work:
Hey, I wrote the strn*() macros just 10 days ago and yesterday this trap
caught me with the %c{x} bug.
The names are misleading cause we all expect that the from field is limited by
the size argument, but we actually limit the overall size of the destination
string to prevent a overflow.
Here we rename all strn*() macros to str*max(). That should be
more self-explanatory.
md@Linux.IT [Fri, 5 Mar 2004 03:10:02 +0000 (19:10 -0800)]
[PATCH] udevstart fixes
udevstart_no_retval: currently udevstart will always return rc=22
because of the error handling code. I completely removed it because it
is not used, and returning a generic error to the init script is not
much useful anyway.
[PATCH] conditional remove of trailing sysfs whitespace
Hey, it may never happen, that one wants to distinguish attributes by
trailing spaces, but we should not lose the control over it, just for
being lazy :)
Here we remove the trailing spaces of the sysfs attribute only if the
configured value to match doesn't have any trailing spaces by itself.
So if you put a attribute in a rule with spaces at the end, the sysfs
attribute _must_ match exactly.
Is that cool for everyone?
As usual, 2 tests are added for it with a artificial sysfs file and
a few words to the man page.
[PATCH] better fix for NAME="foo-%c{N}" gets a truncated name
On Wed, Mar 03, 2004 at 04:56:34PM -0800, Greg KH wrote:
> On Wed, Mar 03, 2004 at 03:57:04PM -0800, Patrick Mansfield wrote:
> >
> > Here is a patch for some new tests.
>
> Applied, thanks.
Here is a small improvement, which looks much better.
Hey Pat, thanks a lot for finding the recent bug, hope this one will
not break it again :)
[PATCH] fix NAME="foo-%c{N}" gets a truncated name
On Wed, Mar 03, 2004 at 02:43:34PM -0800, Patrick Mansfield wrote:
> Here is a fix and a new test for the problem Atul hit, where if we have a
> NAME based on a result of the form:
>
> NAME="foo-%c{7}"
>
> udev truncates the name. Without any prefix (the foo- in this example),
> the rule was working OK.
Here I try to cleanup our various multifield iteration over the strings.
Inspired by our nice list.h we now have a macro to iterate over the string
and process the parts of it:
It makes the code more readable and we don't change the string while we
process it like the former strsep() does.
For the callout part selector %c{2} we separate now not only by space but
also newline and return characters, cause some programs may give multiline
values back. A possible RESULT match must contain wildcards for these
characters.
Also a bug in the recent udevinfo symlink query feature is fixed.
Here we rename the former tiny $(HELPER) to $(INFO)
cause it's no longer only a helper :)
And install it in /usr/bin instead of /sbin cause any user
may want to call it and we don't need it on startup.
I just wanted to terminate the snprintf() strings, cause I can see a
overflow with closed eyes after all the audit :)
But then I changed a bit more to bring it in line with the style of the
other files. I replaced the exec_udev() function with the one from
udevd, cause we don't need to read the stdout from udev.
Please have a look if it still works for you too and not
only for usernames with 3 characters :)
While moving the local user logic in it's own function I missed to
change the "secure" string macro. We copy only the first 3 bytes
of the username. Guess why I didn't notice it :)
- clarify the use of the NAME{all_partitions} syntax
and add a example to udev.rules.example
- mention the empty NAME field to ignore the device
- prepare a SYMLINK field for the addition of Andrey's
"multiple symlinks" documentation :)
[PATCH] udev - fix debug info for multiple rule file config
On Sat, Feb 28, 2004 at 09:56:32PM +0100, Kay Sievers wrote:
> Andrey pointed out that we don't print the right filename in the debug
> output. Here is a fix for that. It applies on top of Andrey's symlink
> patch, cause we are touching the same part of the code.
The copy/paste devil catched me :)
Here is a fixed one.
We carried the the old callout part selector syntax for two releases
now after it was replaced by the new %c{1} syntax. So here we remove
the old syntax and use the code to possibly specify the maximum count
of chars to insert into the string. It will work with all of our format
chars.
I don't know if somebody will use it, but the code is already there :)
's%3s{vendor}' returns "IBM" now, instead of "IBM-ESXS".
Also added is a test for it and a few words in the man page.
Here is for now my last patch to the string handling for a rather
theorethical case, where the node is very very very long. :)
We have accordant to strfieldcat(to, from) now a strintcat(to, i) macro,
which appends the ascii representation of a integer to a string in a
safe way.
On Thu, Feb 12, 2004 at 05:26:37PM -0800, Greg KH wrote:
> On Fri, Feb 13, 2004 at 12:45:38AM +0100, Kay Sievers wrote:
> >
> > Here a few questions about my favorite file in the tree :)
> > - better permission handling
> >
> > What is missing here?
>
> I don't know for sure. Just a vague feeling that the way we currently
> handle permissions is pretty lousy. Anyone else feel this way too?
Seems that nobody cares and perhaps the recent klibc permission changes
and the multiple file config directory are enough to kill these lines? :)
Mainly a cleanup of the earlier patches with a few missing pieces
and some cosmetical changes.
I've moved the udev_init_config() to very early init, otherwise we
don't get any logging for the processing of the input. What would I
do without gdb :)
Greg, it's the 7th patch in your box to apply. I will stop now and
wait for you :)
Here we truncate our input strings from the environment to our
defined limit. It's a bit theroretical but better check for it.
It cleans up some magic length definitions and removes the code
duplication in udev, udevtest and udevsend.
udevd needs to be killed after installation, cause the message size
is changed with this patch.
Should we do this with the 'make install', like we do with the '.udevdb'?
[PATCH] udev - safer string handling all over the place
On Tue, Feb 24, 2004 at 11:50:52PM +0100, Kay Sievers wrote:
> Here is the first step towards a safer string handling.
> More will follow, but for now only the easy ones :)
>
> Thanks to all who pointed this out. strncat() isn't a nice function. We
> all should remember that the destination string is not terminated if the
> given lenght is shorter than the strlen of the source string.
>
> And shame on the various implementers of strfieldcat() I found in the
> unapplied patches on this list, it's not really better than strncpy()
> and hides the real problem.
Hmm, bk didn't checked in one file, maybe I edited it again as root.
Nevermind, here is the more complete version.