| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1472654302-29788-1-git-send-email-arbab@linux.vnet.ibm.com>
Date: Wed, 31 Aug 2016 09:38:22 -0500
From: Reza Arbab <arbab@...ux.vnet.ibm.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org
Subject: [RESEND PATCH v2] memory-hotplug: fix store_mem_state() return value
Attempting to online memory which is already online will cause this:
1. store_mem_state() called with buf="online"
2. device_online() returns 1 because device is already online
3. store_mem_state() returns 1
4. calling code interprets this as 1-byte buffer read
5. store_mem_state() called again with buf="nline"
6. store_mem_state() returns -EINVAL
Example:
$ cat /sys/devices/system/memory/memory0/state
online
$ echo online > /sys/devices/system/memory/memory0/state
-bash: echo: write error: Invalid argument
Fix the return value of store_mem_state() so this doesn't happen.
Signed-off-by: Reza Arbab <arbab@...ux.vnet.ibm.com>
---
drivers/base/memory.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/base/memory.c b/drivers/base/memory.c
index 1cea0ba..8e385ea 100644
--- a/drivers/base/memory.c
+++ b/drivers/base/memory.c
@@ -359,7 +359,7 @@ store_mem_state(struct device *dev,
err:
unlock_device_hotplug();
- if (ret)
+ if (ret < 0)
return ret;
return count;
}
--
1.8.3.1
Powered by blists - more mailing lists