lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <SN4PR0201MB3472341FB4C4F3C0EA4265A9CBEA0@SN4PR0201MB3472.namprd02.prod.outlook.com>
Date:   Mon, 9 Nov 2020 17:12:47 +0000
From:   Dragan Cvetic <draganc@...inx.com>
To:     Harshal Chaudhari <harshalchau04@...il.com>,
        "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
CC:     Derek Kiernan <dkiernan@...inx.com>,
        "arnd@...db.de" <arnd@...db.de>, Michal Simek <michals@...inx.com>,
        "linux-arm-kernel@...ts.infradead.org" 
        <linux-arm-kernel@...ts.infradead.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] misc: xilinx-sdfec: remove check for ioctl cmd and
 argument.


> -----Original Message-----
> From: Harshal Chaudhari <harshalchau04@...il.com>
> Sent: Sunday 1 November 2020 17:10
> To: gregkh@...uxfoundation.org; Dragan Cvetic <draganc@...inx.com>
> Cc: Derek Kiernan <dkiernan@...inx.com>; arnd@...db.de; Michal Simek <michals@...inx.com>; linux-arm-
> kernel@...ts.infradead.org; linux-kernel@...r.kernel.org
> Subject: [PATCH] misc: xilinx-sdfec: remove check for ioctl cmd and argument.
> 
> if (_IOC_TYPE(cmd) != PP_IOCTL)
>         return -ENOTTY;
> 
> Invalid ioctl command check normally performs by “default” case.
> 
> if (_IOC_DIR(cmd) != _IOC_NONE) {
>        argp = (void __user *)arg;
>        if (!argp)
>              return -EINVAL; }
> 
> And for checking ioctl arguments, copy_from_user()/copy_to_user()
> checks are enough.
> 
> Signed-off-by: Harshal Chaudhari <harshalchau04@...il.com>
> ---
>  drivers/misc/xilinx_sdfec.c | 16 +++-------------
>  1 file changed, 3 insertions(+), 13 deletions(-)
> 
> diff --git a/drivers/misc/xilinx_sdfec.c b/drivers/misc/xilinx_sdfec.c
> index 92291292756a..ff104c894b3b 100644
> --- a/drivers/misc/xilinx_sdfec.c
> +++ b/drivers/misc/xilinx_sdfec.c
> @@ -944,8 +944,8 @@ static long xsdfec_dev_ioctl(struct file *fptr, unsigned int cmd,
>  			     unsigned long data)
>  {
>  	struct xsdfec_dev *xsdfec;
> -	void __user *arg = NULL;
> -	int rval = -EINVAL;
> +	void __user *arg = (void __user *)data;
> +	int rval;
> 
>  	xsdfec = container_of(fptr->private_data, struct xsdfec_dev, miscdev);
> 
> @@ -956,16 +956,6 @@ static long xsdfec_dev_ioctl(struct file *fptr, unsigned int cmd,
>  		return -EPERM;
>  	}
> 
> -	if (_IOC_TYPE(cmd) != XSDFEC_MAGIC)
> -		return -ENOTTY;
> -
> -	/* check if ioctl argument is present and valid */
> -	if (_IOC_DIR(cmd) != _IOC_NONE) {
> -		arg = (void __user *)data;
> -		if (!arg)
> -			return rval;
> -	}
> -
>  	switch (cmd) {
>  	case XSDFEC_START_DEV:
>  		rval = xsdfec_start(xsdfec);
> @@ -1010,7 +1000,7 @@ static long xsdfec_dev_ioctl(struct file *fptr, unsigned int cmd,
>  		rval = xsdfec_is_active(xsdfec, (bool __user *)arg);
>  		break;
>  	default:
> -		/* Should not get here */
> +		rval = -ENOTTY;
>  		break;
>  	}
>  	return rval;
> --
> 2.17.1

Acked-by: Dragan Cvetic <dragan.cvetic@...inx.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ