| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Nov 2022 22:23:36 +0100
From: Armin Wolf <W_Armin@....de>
To: hdegoede@...hat.com, markgross@...nel.org
Cc: platform-driver-x86@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 2/2] platform/x86: dell-ddv: Warn if ePPID has a suspicious length
On some systems (like the Dell Inspiron 3505), the acpi operation
region holding the ePPID string is two bytes too short, causing
acpi functions like ToString() to omit the last two bytes.
This does not happen on Windows, supposedly due to their implementation
of ToString() ignoring buffer boundaries.
Inform users if the ePPID length differs from the Dell specification
so they can complain to Dell to fix their BIOS.
Tested on a Dell Inspiron 3505.
Signed-off-by: Armin Wolf <W_Armin@....de>
---
drivers/platform/x86/dell/dell-wmi-ddv.c | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git a/drivers/platform/x86/dell/dell-wmi-ddv.c b/drivers/platform/x86/dell/dell-wmi-ddv.c
index 1a001296e8c6..2bb449845d14 100644
--- a/drivers/platform/x86/dell/dell-wmi-ddv.c
+++ b/drivers/platform/x86/dell/dell-wmi-ddv.c
@@ -10,12 +10,14 @@
#include <linux/acpi.h>
#include <linux/debugfs.h>
#include <linux/device.h>
+#include <linux/dev_printk.h>
#include <linux/kernel.h>
#include <linux/kstrtox.h>
#include <linux/math.h>
#include <linux/module.h>
#include <linux/limits.h>
#include <linux/power_supply.h>
+#include <linux/printk.h>
#include <linux/seq_file.h>
#include <linux/sysfs.h>
#include <linux/wmi.h>
@@ -27,6 +29,9 @@
#define DELL_DDV_SUPPORTED_INTERFACE 2
#define DELL_DDV_GUID "8A42EA14-4F2A-FD45-6422-0087F7A7E608"
+#define DELL_EPPID_LENGTH 20
+#define DELL_EPPID_EXT_LENGTH 23
+
enum dell_ddv_method {
DELL_DDV_BATTERY_DESIGN_CAPACITY = 0x01,
DELL_DDV_BATTERY_FULL_CHARGE_CAPACITY = 0x02,
@@ -196,6 +201,10 @@ static ssize_t eppid_show(struct device *dev, struct device_attribute *attr, cha
if (ret < 0)
return ret;
+ if (obj->string.length != DELL_EPPID_LENGTH && obj->string.length != DELL_EPPID_EXT_LENGTH)
+ dev_info_once(&data->wdev->dev, FW_INFO "Suspicious ePPID length (%d)\n",
+ obj->string.length);
+
ret = sysfs_emit(buf, "%s\n", obj->string.pointer);
kfree(obj);
--
2.30.2
Powered by blists - more mailing lists