| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 2 Sep 2022 11:02:35 +0100
From: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To: Johan Hovold <johan+linaro@...nel.org>,
Amol Maheshwari <amahesh@....qualcomm.com>
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Arnd Bergmann <arnd@...db.de>,
Bjorn Andersson <andersson@...nel.org>,
Manivannan Sadhasivam <manivannan.sadhasivam@...aro.org>,
linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/3] misc: fastrpc: fix memory corruption
Hi Johan,
On 29/08/2022 09:05, Johan Hovold wrote:
> The fastrpc driver uses a fixed-sized array to store its sessions but
> missing and broken sanity checks could lead to memory beyond the array
> being corrupted.
>
> This specifically happens on SC8280XP platforms that use 14 sessions for
> the compute DSP.
>
Thanks for doing this.
I see that we hit this issue once again, and the way we are fixing it is
not really scalable. We should really get rid of FASTRPC_MAX_SESSIONS.
We should allocate the sessions dynamically based in the child node
count and qcom,nsessions.
thanks,
Srini
> These are all needed for 6.0.
>
> Johan
>
>
> Johan Hovold (3):
> misc: fastrpc: fix memory corruption on probe
> misc: fastrpc: fix memory corruption on open
> misc: fastrpc: increase maximum session count
>
> drivers/misc/fastrpc.c | 14 +++++++++-----
> 1 file changed, 9 insertions(+), 5 deletions(-)
>
Powered by blists - more mailing lists