[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <a1d3919182011d26eb6cbef018050ef416bd6f55.1509561822.git.mario.limonciello@dell.com>
Date: Wed, 1 Nov 2017 14:25:24 -0500
From: Mario Limonciello <mario.limonciello@...l.com>
To: dvhart@...radead.org, Andy Shevchenko <andy.shevchenko@...il.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
platform-driver-x86@...r.kernel.org,
Andy Lutomirski <luto@...nel.org>, quasisec@...gle.com,
pali.rohar@...il.com, rjw@...ysocki.net, mjg59@...gle.com,
hch@....de, Greg KH <greg@...ah.com>,
Alan Cox <gnomes@...rguk.ukuu.org.uk>,
Mario Limonciello <mario.limonciello@...l.com>
Subject: [PATCH v12 03/16] platform/x86: dell-wmi: increase severity of some failures
There is a lot of error checking in place for the format of the WMI
descriptor buffer, but some of the potentially raised issues should
be considered critical failures.
If the buffer size or header don't match, this is a good indication
that the buffer format changed in a way that the rest of the data
should not be relied upon.
For the remaining data set vectors, continue to notate a warning
in undefined results, but as those are fields that the descriptor
intended to refer to other applications, don't fail if they're new
values.
Signed-off-by: Mario Limonciello <mario.limonciello@...l.com>
Reviewed-by: Edward O'Callaghan <quasisec@...gle.com>
Reviewed-by: Pali Rohár <pali.rohar@...il.com>
---
drivers/platform/x86/dell-wmi.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/drivers/platform/x86/dell-wmi.c b/drivers/platform/x86/dell-wmi.c
index 1fbef560ca67..2cfaaa8faf0a 100644
--- a/drivers/platform/x86/dell-wmi.c
+++ b/drivers/platform/x86/dell-wmi.c
@@ -657,17 +657,18 @@ static int dell_wmi_check_descriptor_buffer(struct wmi_device *wdev)
dev_err(&wdev->dev,
"Dell descriptor buffer has invalid length (%d)\n",
obj->buffer.length);
- if (obj->buffer.length < 16) {
- ret = -EINVAL;
- goto out;
- }
+ ret = -EINVAL;
+ goto out;
}
buffer = (u32 *)obj->buffer.pointer;
- if (buffer[0] != 0x4C4C4544 && buffer[1] != 0x494D5720)
- dev_warn(&wdev->dev, "Dell descriptor buffer has invalid signature (%*ph)\n",
+ if (buffer[0] != 0x4C4C4544 && buffer[1] != 0x494D5720) {
+ dev_err(&wdev->dev, "Dell descriptor buffer has invalid signature (%*ph)\n",
8, buffer);
+ ret = -EINVAL;
+ goto out;
+ }
if (buffer[2] != 0 && buffer[2] != 1)
dev_warn(&wdev->dev, "Dell descriptor buffer has unknown version (%d)\n",
--
2.14.1
Powered by blists - more mailing lists