lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 11 Sep 2007 23:41:34 -0700 From: Kees Cook <kees@...ntu.com> To: linux-kernel@...r.kernel.org Cc: Ben Collins <bcollins@...ntu.com>, Michael Wu <flamingice@...rmilk.net> Subject: [PATCH] pci: fix unterminated pci_device_id lists This patch against 2.6.23-rc6 fixes a couple drivers that do not correctly terminate their pci_device_id lists. This results in garbage being spewed into modules.pcimap when the module happens to not have 28 NULL bytes following the table, and/or the last PCI ID is actually truncated from the table when calculating the modules.alias PCI aliases, cause those unfortunate device IDs to not auto-load. Signed-off-by: Kees Cook <kees@...ntu.com> --- For example, cafe_nand... drivers/mtd/nand/cafe_nand.c: static struct pci_device_id cafe_nand_tbl[] = { { 0x11ab, 0x4100, PCI_ANY_ID, PCI_ANY_ID, PCI_CLASS_MEMORY_FLASH << 8, 0xFFFF0 } }; # should have 1 PCI alias, but we have none $ modinfo cafe_nand | grep alias | wc -l 0 # should have 1 PCI map, but we have lots of trash $ grep cafe_nand /lib/modules/$(uname -r)/modules.pcimap modules.pcimap:cafe_nand 0x000011ab 0x00004100 0xffffffff 0xffffffff 0x00050100 0x000ffff0 0x0 modules.pcimap:cafe_nand 0x696d6974 0x0000676e 0x00000000 0x00000000 0x00000000 0x00000000 0x0 modules.pcimap:cafe_nand 0x00000003 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x0 modules.pcimap:cafe_nand 0x00000004 0x00000000 0x00000000 0x00000000 0x63656863 0x6363656b 0x0 modules.pcimap:cafe_nand 0x65640067 0x00677562 0x70696b73 0x00746262 0x64657375 0x4200616d 0x0 modules.pcimap:cafe_nand 0x000000bc 0x00000000 0x00000000 0x00000000 0x00000000 0x00000000 0x0 It may make sense to patch module-init-tools to correctly yell about mismatches, as it has all the details when examining the ELF. Note also, then p54 driver (in p54/prism54pci.c, not in mainline yet) suffers from the same problem. linux-2.6.23-rc6/drivers/char/ipmi/ipmi_si_intf.c | 3 ++- linux-2.6.23-rc6/drivers/mtd/nand/cafe_nand.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) --- diff -uNrp linux-2.6.23-rc6~/drivers/char/ipmi/ipmi_si_intf.c linux-2.6.23-rc6/drivers/char/ipmi/ipmi_si_intf.c --- linux-2.6.23-rc6~/drivers/char/ipmi/ipmi_si_intf.c 2007-09-11 23:17:13.000000000 -0700 +++ linux-2.6.23-rc6/drivers/char/ipmi/ipmi_si_intf.c 2007-09-11 23:21:51.000000000 -0700 @@ -2215,7 +2215,8 @@ static int ipmi_pci_resume(struct pci_de static struct pci_device_id ipmi_pci_devices[] = { { PCI_DEVICE(PCI_HP_VENDOR_ID, PCI_MMC_DEVICE_ID) }, - { PCI_DEVICE_CLASS(PCI_ERMC_CLASSCODE, PCI_ERMC_CLASSCODE_MASK) } + { PCI_DEVICE_CLASS(PCI_ERMC_CLASSCODE, PCI_ERMC_CLASSCODE_MASK) }, + { 0, } }; MODULE_DEVICE_TABLE(pci, ipmi_pci_devices); diff -uNrp linux-2.6.23-rc6~/drivers/mtd/nand/cafe_nand.c linux-2.6.23-rc6/drivers/mtd/nand/cafe_nand.c --- linux-2.6.23-rc6~/drivers/mtd/nand/cafe_nand.c 2007-07-08 16:32:17.000000000 -0700 +++ linux-2.6.23-rc6/drivers/mtd/nand/cafe_nand.c 2007-09-11 23:22:11.000000000 -0700 @@ -816,7 +816,8 @@ static void __devexit cafe_nand_remove(s } static struct pci_device_id cafe_nand_tbl[] = { - { 0x11ab, 0x4100, PCI_ANY_ID, PCI_ANY_ID, PCI_CLASS_MEMORY_FLASH << 8, 0xFFFF0 } + { 0x11ab, 0x4100, PCI_ANY_ID, PCI_ANY_ID, PCI_CLASS_MEMORY_FLASH << 8, 0xFFFF0 }, + { 0, } }; MODULE_DEVICE_TABLE(pci, cafe_nand_tbl); -- Kees Cook - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists