tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

preconditions of cache_enter

(I am not subscribed to this list, so please cc me in replies.)

cache_enter assumes that cnp->cn_namelen is at most NCHNAMLEN.[*]  Most
callers first call cache_lookup, which clears the MAKEENTRY flag if
the name is too long.  Some neither call cache_lookup nor check the
name length first, however.  I have observed a panic in puffs (without
harm to my system, thanks to rump_syspuffs) from cache_enter while
using long file names.

As far as I can tell from a cursory reading of the code, puffs_newnode
calls cache_enter without first calling cache_lookup and without
checking the name length, and the same goes for all four of its
callers (puffs_vnop_create, puffs_vnop_mknod, puffs_vnop_mkdir, and
puffs_vnop_symlink).  I believe the same goes for smbfs_create.

I don't know this code well enough to suggest a patch, I'm afraid.  It
would be easy to change all the callers of cache_enter that are not
protected by a preceding cache_lookup to check the name length
themselves, but that may be an abstraction violation.  What is the
right thing to do here?  (File a PR?)

[*] The man page namecache(9) does not say that cache_enter assumes
    that cnp->cn_namelen is at most NCHNAMLEN, or that cache_enter
    must be preceded by a call to cache_lookup.  It also doesn't say
    anything about the MAKEENTRY flag which all callers of cache_enter
    check before calling it, though.  Should the man page say anything
    about this, or are users of the cache abstraction expected to read
    its implementation and prior usage to find this?

Home | Main Index | Thread Index | Old Index