| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 1 May 2020 16:44:15 +0300
From: Denis Efremov <efremov@...ux.com>
To: linux-block@...r.kernel.org
Cc: Denis Efremov <efremov@...ux.com>, Willy Tarreau <w@....eu>,
Christoph Hellwig <hch@...radead.org>,
Joe Perches <joe@...ches.com>, linux-kernel@...r.kernel.org,
Christoph Hellwig <hch@....de>
Subject: [PATCH v3 3/4] floppy: add defines for sizes of cmd & reply buffers of floppy_raw_cmd
Use FD_RAW_CMD_SIZE, FD_RAW_REPLY_SIZE defines instead of magic numbers
for cmd & reply buffers of struct floppy_raw_cmd. Remove local to
floppy.c MAX_REPLIES define, as it is now FD_RAW_REPLY_SIZE.
FD_RAW_CMD_FULLSIZE added as we allow command to also fill reply_count
and reply fields.
Reviewed-by: Christoph Hellwig <hch@....de>
Signed-off-by: Denis Efremov <efremov@...ux.com>
---
drivers/block/floppy.c | 19 +++++--------------
include/uapi/linux/fd.h | 14 ++++++++++++--
2 files changed, 17 insertions(+), 16 deletions(-)
diff --git a/drivers/block/floppy.c b/drivers/block/floppy.c
index b82b3d38b834..9e098d53b046 100644
--- a/drivers/block/floppy.c
+++ b/drivers/block/floppy.c
@@ -337,8 +337,7 @@ static bool initialized;
/*
* globals used by 'result()'
*/
-#define MAX_REPLIES 16
-static unsigned char reply_buffer[MAX_REPLIES];
+static unsigned char reply_buffer[FD_RAW_REPLY_SIZE];
static int inr; /* size of reply buffer, when called from interrupt */
#define ST0 0
#define ST1 1
@@ -1162,7 +1161,7 @@ static int result(int fdc)
int i;
int status = 0;
- for (i = 0; i < MAX_REPLIES; i++) {
+ for (i = 0; i < FD_RAW_REPLY_SIZE; i++) {
status = wait_til_ready(fdc);
if (status < 0)
break;
@@ -3079,7 +3078,7 @@ static void raw_cmd_done(int flag)
raw_cmd->flags |= FD_RAW_HARDFAILURE;
} else {
raw_cmd->reply_count = inr;
- if (raw_cmd->reply_count > MAX_REPLIES)
+ if (raw_cmd->reply_count > FD_RAW_REPLY_SIZE)
raw_cmd->reply_count = 0;
for (i = 0; i < raw_cmd->reply_count; i++)
raw_cmd->reply[i] = reply_buffer[i];
@@ -3190,18 +3189,10 @@ static int raw_cmd_copyin(int cmd, void __user *param,
if (ret)
return -EFAULT;
param += sizeof(struct floppy_raw_cmd);
- if (ptr->cmd_count > 33)
- /* the command may now also take up the space
- * initially intended for the reply & the
- * reply count. Needed for long 82078 commands
- * such as RESTORE, which takes ... 17 command
- * bytes. Murphy's law #137: When you reserve
- * 16 bytes for a structure, you'll one day
- * discover that you really need 17...
- */
+ if (ptr->cmd_count > FD_RAW_CMD_FULLSIZE)
return -EINVAL;
- for (i = 0; i < 16; i++)
+ for (i = 0; i < FD_RAW_REPLY_SIZE; i++)
ptr->reply[i] = 0;
ptr->resultcode = 0;
diff --git a/include/uapi/linux/fd.h b/include/uapi/linux/fd.h
index 3f6b7be4c096..2e9c2c1c18e6 100644
--- a/include/uapi/linux/fd.h
+++ b/include/uapi/linux/fd.h
@@ -360,10 +360,20 @@ struct floppy_raw_cmd {
int buffer_length; /* length of allocated buffer */
unsigned char rate;
+
+#define FD_RAW_CMD_SIZE 16
+#define FD_RAW_REPLY_SIZE 16
+#define FD_RAW_CMD_FULLSIZE (FD_RAW_CMD_SIZE + 1 + FD_RAW_REPLY_SIZE)
+
+ /* The command may take up the space initially intended for the reply
+ * and the reply count. Needed for long 82078 commands such as RESTORE,
+ * which takes 17 command bytes.
+ */
+
unsigned char cmd_count;
- unsigned char cmd[16];
+ unsigned char cmd[FD_RAW_CMD_SIZE];
unsigned char reply_count;
- unsigned char reply[16];
+ unsigned char reply[FD_RAW_REPLY_SIZE];
int track;
int resultcode;
--
2.25.3
Powered by blists - more mailing lists