lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 2 Dec 2020 14:40:53 +0100
From:   Martin Hundebøll <mhu@...icom.dk>
To:     Russ Weight <russell.h.weight@...el.com>, mdf@...nel.org,
        linux-fpga@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     trix@...hat.com, lgoncalv@...hat.com, yilun.xu@...el.com,
        hao.wu@...el.com, matthew.gerlach@...el.com
Subject: Re: [PATCH v6 2/7] fpga: sec-mgr: enable secure updates

Hi Russ,

On 02/12/2020 00.30, Russ Weight wrote:
> 
> On 12/1/20 12:47 AM, Martin Hundebøll wrote:
>> Hi Russ,
>>
>> On 01/12/2020 00.54, Russ Weight wrote:
>>> Thanks Martin. I'll work on a fix for this.
>> Attached is my in-house fix.
>>
>> // Martin
>>
>>> On 11/26/20 6:02 AM, Martin Hundebøll wrote:
>>>> Hi Russ,
>>>>
>>>> I found another thing while testing this...
>>>>
>>>> On 06/11/2020 02.09, Russ Weight wrote:
>>>>
>>>> <snip>
>>>>
>>>>> +static ssize_t filename_store(struct device *dev, struct device_attribute *attr,
>>>>> +                  const char *buf, size_t count)
>>>>> +{
>>>>> +    struct fpga_sec_mgr *smgr = to_sec_mgr(dev);
>>>>> +    int ret = count;
>>>>> +
>>>>> +    if (count == 0 || count >= PATH_MAX)
>>>>> +        return -EINVAL;
>>>>> +
>>>>> +    mutex_lock(&smgr->lock);
>>>>> +    if (smgr->driver_unload || smgr->progress != FPGA_SEC_PROG_IDLE) {
>>>>> +        ret = -EBUSY;
>>>>> +        goto unlock_exit;
>>>>> +    }
>>>>> +
>>>>> +    smgr->filename = kstrndup(buf, count - 1, GFP_KERNEL);
>>>> The `count - 1` is meant to remove a trailing newline, but opae-sdk writes the filename without newline, so better do it conditionally...
> After looking at how kstrndup() is used elsewhere, and after
> doing some experimentation, I think the best fix may be to just
> remove the "- 1":
> 
>      smgr->filename = kstrndup(buf, count, GFP_KERNEL);
> 
> The code shouldn't have assumed a "\n", and I don't think the
> kernel should be required to do white-space cleanup.
> 
> Does this fix seem OK to you?

Since we always use opae-sdk to write the filename, we wouldn't even notice.

While your'e at it, kerneldoc in mm/util.c suggests to use kmemdup_nul() 
when the size is known.

// Martin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ