lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1389097816.15325.7.camel@oc7383187364.ibm.com>
Date:	Tue, 07 Jan 2014 13:30:16 +0100
From:	Frank Haverkamp <haver@...ux.vnet.ibm.com>
To:	Dan Carpenter <dan.carpenter@...cle.com>
Cc:	fengguang.wu@...el.com, jim.epost@...il.com, sfr@...b.auug.org.au,
	gregkh@...uxfoundation.org, linux-next@...r.kernel.org,
	linux-kernel@...r.kernel.org, kbuild-all@...org
Subject: Re: [PATCH 1/2] GenWQE: Fix endian issues detected by sparse

Hi Dan,

Am Dienstag, den 07.01.2014, 09:41 +0300 schrieb Dan Carpenter:
> Could you also fix this Smatch warning?
> drivers/misc/genwqe/card_dev.c:658 do_flash_update() warn: maybe return -EFAULT instead of the bytes remaining?

I thought i fixed this already in my posting:
   [PATCH] GenWQE: Rework return code for flash-update ioctl
from 22.12.2013 14:16:36:

Here the spot:

@@ -565,14 +552,13 @@ static int do_flash_update(struct genwqe

                rc = copy_from_user(xbuf, buf, tocopy);
                if (rc) {
-                       dev_err(&pci_dev->dev,
-                               "err: could not copy all data rc=%d\n",
rc);
+                       rc = -EFAULT;
                        goto free_buffer;
                }
                crc = genwqe_crc32(xbuf, tocopy, 0xffffffff);

-               dev_info(&pci_dev->dev,
-                        "[%s] DMA: 0x%llx CRC: %08x SZ: %ld %d\n",
+               dev_dbg(&pci_dev->dev,
+                       "[%s] DMA: 0x%llx CRC: %08x SZ: %ld %d\n",
                        __func__, dma_addr, crc, tocopy,
blocks_to_flash);

> 
> Also we shouldn't be doing dev_err() on copy_to/from_user() problems.
> The user can trigger those and flood dmesg.  It is a DoS (annoying).
> 
> regards,
> dan carpenter
> 

In this patch I also removed most of the dev_err() messages. Fixing the
possibility to overflow the logs with error messages from user-side.
Greg did not pick up this patch yet, as far as I can see.

Regards

Frank

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ