lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4eda8138-76d0-e854-0ddb-8484e8ea283b@linux.intel.com>
Date:   Tue, 8 Mar 2022 12:01:03 +0200
From:   Mathias Nyman <mathias.nyman@...ux.intel.com>
To:     Peter Zijlstra <peterz@...radead.org>, x86@...nel.org,
        gregkh@...uxfoundation.org
Cc:     linux-kernel@...r.kernel.org, rdunlap@...radead.org,
        linux-usb@...r.kernel.org
Subject: Re: [PATCH 3/3] usb: early: xhci-dbc: Fix xdbc number parsing

On 4.3.2022 17.19, Peter Zijlstra wrote:
> kstrtoul() assumes the string contains the number only and is \0
> terminated, this is not the case, as such things like:
> 
> 	earlyprintk=xdbc1,keep
> 
> go completely sideways. Use simple_strtoul() instead.
> 
> Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
> ---
>  drivers/usb/early/xhci-dbc.c |    8 ++++++--
>  1 file changed, 6 insertions(+), 2 deletions(-)
> 
> --- a/drivers/usb/early/xhci-dbc.c
> +++ b/drivers/usb/early/xhci-dbc.c
> @@ -603,6 +603,7 @@ int __init early_xdbc_parse_parameter(ch
>  {
>  	unsigned long dbgp_num = 0;
>  	u32 bus, dev, func, offset;
> +	char *e;
>  	int ret;
>  
>  	if (!early_pci_allowed())
> @@ -613,8 +614,11 @@ int __init early_xdbc_parse_parameter(ch
>  	if (xdbc.xdbc_reg)
>  		return 0;
>  
> -	if (*s && kstrtoul(s, 0, &dbgp_num))
> -		dbgp_num = 0;
> +	if (*s) {

Do you think we need a code comment here stating something like
"use deprecated simple_strtoul() as kstrtoul can't handle characters after the number"

> +	       dbgp_num = simple_strtoul(s, &e, 10);
> +	       if (s == e)
> +		       dbgp_num = 0;
> +	}
>  

If not then PATCH 2/3 and 3/3 looks good to me
I don't know much about PATCH 1/3, the tsc change, but it didn't cause any issues for me either.

Acked-by: Mathias Nyman <mathias.nyman@...ux.intel.com>

Thanks
-Mathias

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ