lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20200309120542.GC4101@sirena.org.uk>
Date:   Mon, 9 Mar 2020 12:05:42 +0000
From:   Mark Brown <broonie@...nel.org>
To:     peng.fan@....com
Cc:     gregkh@...uxfoundation.org, rafael@...nel.org, linux-imx@....com,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] regmap: debugfs: check count when read regmap file

On Sun, Mar 08, 2020 at 09:10:58PM +0800, peng.fan@....com wrote:
> From: Peng Fan <peng.fan@....com>

> @@ -283,9 +283,10 @@ static ssize_t regmap_map_read_file(struct file *file, char __user *user_buf,
>  				    size_t count, loff_t *ppos)
>  {
>  	struct regmap *map = file->private_data;
> +	size_t num = count > map->max_register ? map->max_register : count;

I can see that it might be useful to limit the read size (though our
error checking is doing the right thing here, it's just that kmalloc()
is very verbose) but this doesn't seem like a good limit, especially for
smaller register maps.  Since it's limiting reads to the number of
registers it's going to result in it being impossible to dump the full
register map in a single read.  This is fine from a filesystem API point
of view, reads can always return less data than was asked for, but it's
annoying from the point of view of anyone hacking together something
like a little program to monitor a specific register during testing or
whatever.  If the register map is small enough you won't even be able to
read a single register in a read which is going to be annoying.  Having
either a lower bound or a more generous upper bound would be better.

Please also write normal conditional statements, the ternery operator
isn't great for legibility.

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ