lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 26 Jan 2009 16:29:55 -0800
From:	Arve Hjønnevåg <arve@...roid.com>
To:	Andrew Morton <akpm@...ux-foundation.org>
Cc:	Ferenc Wagner <wferi@...f.hu>, linux-kernel@...r.kernel.org
Subject: Re: 2.6.29-rc2 dies on startup

On Sun, Jan 25, 2009 at 10:46 PM, Andrew Morton
<akpm@...ux-foundation.org> wrote:
> At a guess I'd say that drivers/staging/android/ram_console.c is calling
> the reed-solomon code earlier than it's expecting.  But that might be
> totally wrong.

Yes, but it also is trying to use a zero sized buffer at virtual
address 0 so it will not work much better if you turn off ecc.

This patch (to the android kernel tree) add some validation:
----
diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig
index 0ce27ab..b226ccc 100644
--- a/drivers/misc/Kconfig
+++ b/drivers/misc/Kconfig
@@ -525,7 +525,6 @@ menuconfig ANDROID_RAM_CONSOLE_ERROR_CORRECTION
         bool "Enable error correction"
         default n
         depends on ANDROID_RAM_CONSOLE
-        depends on !ANDROID_RAM_CONSOLE_EARLY_INIT
         select REED_SOLOMON
         select REED_SOLOMON_ENC8
         select REED_SOLOMON_DEC8
diff --git a/drivers/misc/ram_console.c b/drivers/misc/ram_console.c
index 2a1274b..aec20f7 100644
--- a/drivers/misc/ram_console.c
+++ b/drivers/misc/ram_console.c
@@ -224,23 +224,9 @@ static int __init ram_console_init(struct
ram_console_buffer *buffer,
        ram_console_buffer_size =
                buffer_size - sizeof(struct ram_console_buffer);

-       if (ram_console_buffer_size > buffer_size) {
-               pr_err("ram_console: buffer %p, invalid size %d, datasize %d\n",
-                      buffer, buffer_size, ram_console_buffer_size);
-               return 0;
-       }
-
-
 #ifdef CONFIG_ANDROID_RAM_CONSOLE_ERROR_CORRECTION
        ram_console_buffer_size -= (DIV_ROUND_UP(ram_console_buffer_size,
                                                ECC_BLOCK_SIZE) + 1) * ECC_SIZE;
-       if (ram_console_buffer_size > buffer_size) {
-               pr_err("ram_console: buffer %p, invalid size %d, "
-                      "non-ecc datasize %d\n",
-                      buffer, buffer_size, ram_console_buffer_size);
-               return 0;
-       }
-
        ram_console_par_buffer = buffer->data + ram_console_buffer_size;


----

-- 
Arve Hjønnevåg
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ