| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 May 2016 11:56:36 -0700 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: Reza Arbab <arbab@...ux.vnet.ibm.com> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH] memory-hotplug: fix store_mem_state() return value On Thu, May 05, 2016 at 01:41:44PM -0500, Reza Arbab wrote: > Attempting to online memory which is already online will cause this: > > 1. store_mem_state() called with buf="online" > 2. device_online() returns 1 because device is already online > 3. store_mem_state() returns 1 > 4. calling code interprets this as 1-byte buffer read > 5. store_mem_state() called again with buf="nline" > 6. store_mem_state() returns -EINVAL > > Example: > > $ cat /sys/devices/system/memory/memory0/state > online > $ echo online > /sys/devices/system/memory/memory0/state > -bash: echo: write error: Invalid argument > > Fix the return value of store_mem_state() so this doesn't happen. > > Signed-off-by: Reza Arbab <arbab@...ux.vnet.ibm.com> > --- > drivers/base/memory.c | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > diff --git a/drivers/base/memory.c b/drivers/base/memory.c > index 961e2cf..031950f 100644 > --- a/drivers/base/memory.c > +++ b/drivers/base/memory.c > @@ -359,9 +359,7 @@ store_mem_state(struct device *dev, > err: > unlock_device_hotplug(); > > - if (ret) > - return ret; > - return count; > + return ret < 0 ? ret : count; Please spell this out as a real if () statement, it's very hard to now see if you really did change the logic here or not. Hint, it's only a 1 line patch that way, right? thanks, greg k-h
Powered by blists - more mailing lists