| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202008080124.yAQ037y0%lkp@intel.com>
Date: Sat, 8 Aug 2020 01:14:28 +0800
From: kernel test robot <lkp@...el.com>
To: Jon Hunter <jonathanh@...dia.com>
Cc: kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org,
Thierry Reding <treding@...dia.com>
Subject: drivers/firmware/tegra/bpmp-debugfs.c:335:11-18: WARNING opportunity
for memdup_user
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 86cfccb66937dd6cbf26ed619958b9e587e6a115
commit: 5e37b9c137ee5a3a9dc2815ca51f71746c2609a6 firmware: tegra: Add support for in-band debug
date: 3 weeks ago
config: arm64-randconfig-c003-20200807 (attached as .config)
compiler: aarch64-linux-gcc (GCC) 9.3.0
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
coccinelle warnings: (new ones prefixed by >>)
>> drivers/firmware/tegra/bpmp-debugfs.c:335:11-18: WARNING opportunity for memdup_user
vim +335 drivers/firmware/tegra/bpmp-debugfs.c
320
321 static ssize_t bpmp_debug_store(struct file *file, const char __user *buf,
322 size_t count, loff_t *f_pos)
323 {
324 struct inode *inode = file_inode(file);
325 struct tegra_bpmp *bpmp = inode->i_private;
326 char *databuf = NULL;
327 char fnamebuf[256];
328 const char *filename;
329 ssize_t err;
330
331 filename = get_filename(bpmp, file, fnamebuf, sizeof(fnamebuf));
332 if (!filename)
333 return -ENOENT;
334
> 335 databuf = kmalloc(count, GFP_KERNEL);
336 if (!databuf)
337 return -ENOMEM;
338
339 if (copy_from_user(databuf, buf, count)) {
340 err = -EFAULT;
341 goto free_ret;
342 }
343
344 err = mrq_debug_write(bpmp, filename, databuf, count);
345
346 free_ret:
347 kfree(databuf);
348
349 return err ?: count;
350 }
351
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Download attachment ".config.gz" of type "application/gzip" (35153 bytes)
Powered by blists - more mailing lists