lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Tue, 10 Mar 2015 10:59:02 -0400
From:	Nicholas Mc Guire <hofrat@...dl.org>
To:	Joshua Morris <josh.h.morris@...ibm.com>
Cc:	Philip Kelleher <pjk1939@...ux.vnet.ibm.com>,
	linux-kernel@...r.kernel.org, Nicholas Mc Guire <hofrat@...dl.org>
Subject: [PATCH] rsxx: match wait_for_completion_timeout return type

return type of wait_for_completion_timeout is unsigned long not int. An
appropriately named unsigned long is added and the
assignment fixed up.

Signed-off-by: Nicholas Mc Guire <hofrat@...dl.org>
---

Note that there does not seem to be any protection against the on stack
struct completion going out of scope if timeout occurs ! Any call to
complete() after timeout occurred would be potentially corrupting the stack
(though with high probability incorrect spin_lock magic would cause an oops).

This was only compile tested for x86_64_defconfig + CONFIG_BLK_DEV_RSXX=m

Patch is against 4.0-rc2 linux-next (localversion-next is -next-20150306)

 drivers/block/rsxx/cregs.c |    6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/block/rsxx/cregs.c b/drivers/block/rsxx/cregs.c
index 926dce9..8b9d0e3 100644
--- a/drivers/block/rsxx/cregs.c
+++ b/drivers/block/rsxx/cregs.c
@@ -392,7 +392,7 @@ static int __issue_creg_rw(struct rsxx_cardinfo *card,
 {
 	DECLARE_COMPLETION_ONSTACK(cmd_done);
 	struct creg_completion completion;
-	unsigned long timeout;
+	unsigned long timeout, time_left;
 	int st;
 
 	completion.cmd_done = &cmd_done;
@@ -416,8 +416,8 @@ static int __issue_creg_rw(struct rsxx_cardinfo *card,
 	 * The creg interface is guaranteed to complete. It has a timeout
 	 * mechanism that will kick in if hardware does not respond.
 	 */
-	st = wait_for_completion_timeout(completion.cmd_done, timeout);
-	if (st == 0) {
+	time_left = wait_for_completion_timeout(completion.cmd_done, timeout);
+	if (!time_left) {
 		/*
 		 * This is really bad, because the kernel timer did not
 		 * expire and notify us of a timeout!
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists