| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Jun 2016 11:35:20 +0530
From: Vinod Koul <vinod.koul@...el.com>
To: Colin King <colin.king@...onical.com>
Cc: Dan Williams <dan.j.williams@...el.com>, dmaengine@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] dmaengine: do not allow access outside of unmap_pool
On Tue, May 17, 2016 at 01:00:46PM +0100, Colin King wrote:
> From: Colin Ian King <colin.king@...onical.com>
>
> When CONFIG_DMA_ENGINE_RAID is defined, unmap_pool[] is just 1
> element in size, however, allows orders of 2..8 to access
> outside unmap_pool and returns an invalid address. Ensure
> we fall into the default path and report a BUG() when
> CONFIG_DMA_ENGINE_RAID is defined and order is out of range.
>
> Signed-off-by: Colin Ian King <colin.king@...onical.com>
> ---
> drivers/dma/dmaengine.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/drivers/dma/dmaengine.c b/drivers/dma/dmaengine.c
> index 8c9f45f..6027e66 100644
> --- a/drivers/dma/dmaengine.c
> +++ b/drivers/dma/dmaengine.c
> @@ -1100,12 +1100,14 @@ static struct dmaengine_unmap_pool *__get_unmap_pool(int nr)
> switch (order) {
> case 0 ... 1:
> return &unmap_pool[0];
> + #if IS_ENABLED(CONFIG_DMA_ENGINE_RAID)
Okay if CONFIG_DMA_ENGINE_RAID is enabled (m or y) then IS_ENABLED
return 1, so we will go inside and not fall into default. And I though
by changelog that you want it to go to default in CONFIG_DMA_ENGINE_RAID
is defined!
What did I miss...
> case 2 ... 4:
> return &unmap_pool[1];
> case 5 ... 7:
> return &unmap_pool[2];
> case 8:
> return &unmap_pool[3];
> + #endif
> default:
> BUG();
> return NULL;
> --
> 2.8.1
>
--
~Vinod
Powered by blists - more mailing lists