lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 2 Nov 2017 11:48:42 +0800 From: changbin.du@...el.com To: bhelgaas@...gle.com Cc: tglx@...utronix.de, mingo@...hat.com, x86@...nel.org, linux-pci@...r.kernel.org, linux-kernel@...r.kernel.org, Changbin Du <changbin.du@...el.com> Subject: [PATCH] PCI: Fail pci_map_rom if the PCI ROM is invalid From: Changbin Du <changbin.du@...el.com> If we detected a invalid PCI ROM (e.g. Invalid PCI ROM header signature), we should unmap it immediately and fail. It doesn't make any sense that return a mapped area with size of 0. I have seen this case on Intel GVTg vGPU, which have no vbios. It will not cause a real problem, but we should skip it as early as possible. Signed-off-by: Changbin Du <changbin.du@...el.com> --- drivers/pci/rom.c | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/drivers/pci/rom.c b/drivers/pci/rom.c index b6edb18..1f5e6af 100644 --- a/drivers/pci/rom.c +++ b/drivers/pci/rom.c @@ -147,12 +147,8 @@ void __iomem *pci_map_rom(struct pci_dev *pdev, size_t *size) return NULL; rom = ioremap(start, *size); - if (!rom) { - /* restore enable if ioremap fails */ - if (!(res->flags & IORESOURCE_ROM_ENABLE)) - pci_disable_rom(pdev); - return NULL; - } + if (!rom) + goto err_ioremap; /* * Try to find the true size of the ROM since sometimes the PCI window @@ -160,7 +156,18 @@ void __iomem *pci_map_rom(struct pci_dev *pdev, size_t *size) * True size is important if the ROM is going to be copied. */ *size = pci_get_rom_size(pdev, rom, *size); + if (!*size) + goto invalid_rom; + return rom; + +invalid_rom: + iounmap(rom); +err_ioremap: + /* restore enable if ioremap fails */ + if (!(res->flags & IORESOURCE_ROM_ENABLE)) + pci_disable_rom(pdev); + return NULL; } EXPORT_SYMBOL(pci_map_rom); -- 2.7.4
Powered by blists - more mailing lists