lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210622024220.GA61485@sol>
Date:   Tue, 22 Jun 2021 10:42:20 +0800
From:   Kent Gibson <warthog618@...il.com>
To:     Gabriel Knezek <gabeknez@...ux.microsoft.com>,
        bgolaszewski@...libre.com
Cc:     linux-kernel@...r.kernel.org, linux-gpio@...r.kernel.org,
        linus.walleij@...aro.org, andy.shevchenko@...il.com
Subject: Re: [PATCH v3] gpiolib: cdev: zero padding during conversion to
 gpioline_info_changed

On Tue, Jun 22, 2021 at 10:06:55AM +0800, Kent Gibson wrote:
> On Mon, Jun 21, 2021 at 03:28:59PM -0700, Gabriel Knezek wrote:
> > When userspace requests a GPIO v1 line info changed event,
> > lineinfo_watch_read() populates and returns the gpioline_info_changed
> > structure. It contains 5 words of padding at the end which are not
> > initialized before being returned to userspace.
> > 
> > Zero the structure in gpio_v2_line_info_change_to_v1() before populating
> > its contents.
> > 
> > Fixes: aad955842d1c ("gpiolib: cdev: support GPIO_V2_GET_LINEINFO_IOCTL and
> > GPIO_V2_GET_LINEINFO_WATCH_IOCTL")
> > Signed-off-by: Gabriel Knezek <gabeknez@...ux.microsoft.com>
> > ---
> > Changes in v3:
> >   - Include the Fixes tag referencing the code being fixed and properly
> >     version the patch.
> > 
> > Changes in v2:
> >   - Update commit message and subject with suggestions about clarity.
> >   - Patch series at https://www.spinics.net/lists/linux-gpio/msg62163.html
> > 
> > v1:
> >   - Initial patch
> >   - Patch series at https://www.spinics.net/lists/linux-gpio/msg62084.html
> > 
> >  drivers/gpio/gpiolib-cdev.c | 1 +
> >  1 file changed, 1 insertion(+)
> > 
> > diff --git a/drivers/gpio/gpiolib-cdev.c b/drivers/gpio/gpiolib-cdev.c
> > index ee5903aac497..af68532835fe 100644
> > --- a/drivers/gpio/gpiolib-cdev.c
> > +++ b/drivers/gpio/gpiolib-cdev.c
> > @@ -1865,6 +1865,7 @@ static void gpio_v2_line_info_changed_to_v1(
> >  		struct gpio_v2_line_info_changed *lic_v2,
> >  		struct gpioline_info_changed *lic_v1)
> >  {
> > +	memset(lic_v1, 0, sizeof(*lic_v1));
> >  	gpio_v2_line_info_to_v1(&lic_v2->info, &lic_v1->info);
> >  	lic_v1->timestamp = lic_v2->timestamp_ns;
> >  	lic_v1->event_type = lic_v2->event_type;
> > -- 
> > 2.25.1
> > 
> 
> <sigh> The joe.reviewer@...mail.com in the git send-email example that I
> provided off list was just that - an example that you were supposed to
> replace with the actual reviewers :|.
> 
> I wouldn't generally bother with the links to the previous patch
> versions, though it might be helpful given the rename and version
> issues of the previous patches in this case.  If you are going to
> provide links, use reference style with all the links at the bottom of
> the mail.
> 
> Other than that, the only problem I have is that the Fixes tag line
> shouldn't wrap - it is an exception to the rule.
> Bart, are you ok with fixing that on the way in - assuming there are no
> other objections?
> 
Nearly forgot...

Reviewed-by: Kent Gibson <warthog618@...il.com>

> Cheers,
> Kent.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ