| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 17 Nov 2020 14:05:41 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
stable@...r.kernel.org, Matteo Croce <mcroce@...rosoft.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Guenter Roeck <linux@...ck-us.net>,
Petr Mladek <pmladek@...e.com>, Arnd Bergmann <arnd@...db.de>,
Mike Rapoport <rppt@...nel.org>,
Kees Cook <keescook@...omium.org>,
Pavel Tatashin <pasha.tatashin@...een.com>,
Robin Holt <robinmholt@...il.com>,
Fabian Frederick <fabf@...net.be>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Sudip Mukherjee <sudipm.mukherjee@...il.com>
Subject: [PATCH 4.9 75/78] Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
From: Matteo Croce <mcroce@...rosoft.com>
commit 8b92c4ff4423aa9900cf838d3294fcade4dbda35 upstream.
Patch series "fix parsing of reboot= cmdline", v3.
The parsing of the reboot= cmdline has two major errors:
- a missing bound check can crash the system on reboot
- parsing of the cpu number only works if specified last
Fix both.
This patch (of 2):
This reverts commit 616feab753972b97.
kstrtoint() and simple_strtoul() have a subtle difference which makes
them non interchangeable: if a non digit character is found amid the
parsing, the former will return an error, while the latter will just
stop parsing, e.g. simple_strtoul("123xyx") = 123.
The kernel cmdline reboot= argument allows to specify the CPU used for
rebooting, with the syntax `s####` among the other flags, e.g.
"reboot=warm,s31,force", so if this flag is not the last given, it's
silently ignored as well as the subsequent ones.
Fixes: 616feab75397 ("kernel/reboot.c: convert simple_strtoul to kstrtoint")
Signed-off-by: Matteo Croce <mcroce@...rosoft.com>
Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
Cc: Guenter Roeck <linux@...ck-us.net>
Cc: Petr Mladek <pmladek@...e.com>
Cc: Arnd Bergmann <arnd@...db.de>
Cc: Mike Rapoport <rppt@...nel.org>
Cc: Kees Cook <keescook@...omium.org>
Cc: Pavel Tatashin <pasha.tatashin@...een.com>
Cc: Robin Holt <robinmholt@...il.com>
Cc: Fabian Frederick <fabf@...net.be>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: <stable@...r.kernel.org>
Link: https://lkml.kernel.org/r/20201103214025.116799-2-mcroce@linux.microsoft.com
Signed-off-by: Linus Torvalds <torvalds@...ux-foundation.org>
[sudip: use reboot_mode instead of mode]
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@...il.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
---
kernel/reboot.c | 21 +++++++--------------
1 file changed, 7 insertions(+), 14 deletions(-)
--- a/kernel/reboot.c
+++ b/kernel/reboot.c
@@ -512,22 +512,15 @@ static int __init reboot_setup(char *str
break;
case 's':
- {
- int rc;
-
- if (isdigit(*(str+1))) {
- rc = kstrtoint(str+1, 0, &reboot_cpu);
- if (rc)
- return rc;
- } else if (str[1] == 'm' && str[2] == 'p' &&
- isdigit(*(str+3))) {
- rc = kstrtoint(str+3, 0, &reboot_cpu);
- if (rc)
- return rc;
- } else
+ if (isdigit(*(str+1)))
+ reboot_cpu = simple_strtoul(str+1, NULL, 0);
+ else if (str[1] == 'm' && str[2] == 'p' &&
+ isdigit(*(str+3)))
+ reboot_cpu = simple_strtoul(str+3, NULL, 0);
+ else
reboot_mode = REBOOT_SOFT;
break;
- }
+
case 'g':
reboot_mode = REBOOT_GPIO;
break;
Powered by blists - more mailing lists