lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1ecb3744-7baf-4bdd-a01c-8c87fa0a42b3@linaro.org>
Date: Tue, 6 Feb 2024 22:36:27 +0000
From: Srinivas Kandagatla <srinivas.kandagatla@...aro.org>
To: Joy Chakraborty <joychakr@...gle.com>,
 Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
 Rob Herring <robh@...nel.org>, Nicolas Saenz Julienne <nsaenz@...nel.org>
Cc: linux-kernel@...r.kernel.org, manugautam@...gle.com,
 stable@...r.kernel.org
Subject: Re: [PATCH v2] nvmem: rmem: Fix return value of rmem_read()



On 06/02/2024 04:24, Joy Chakraborty wrote:
> reg_read() callback registered with nvmem core expects an integer error
> as a return value but rmem_read() returns the number of bytes read, as a
> result error checks in nvmem core fail even when they shouldn't.
> 
> Return 0 on success where number of bytes read match the number of bytes
> requested and a negative error -EINVAL on all other cases.
> 
> Fixes: 5a3fa75a4d9c ("nvmem: Add driver to expose reserved memory as nvmem")
> Cc: stable@...r.kernel.org
> Signed-off-by: Joy Chakraborty <joychakr@...gle.com>
> ---
>   drivers/nvmem/rmem.c | 7 ++++++-
>   1 file changed, 6 insertions(+), 1 deletion(-)
> 
> diff --git a/drivers/nvmem/rmem.c b/drivers/nvmem/rmem.c
> index 752d0bf4445e..a74dfa279ff4 100644
> --- a/drivers/nvmem/rmem.c
> +++ b/drivers/nvmem/rmem.c
> @@ -46,7 +46,12 @@ static int rmem_read(void *context, unsigned int offset,
>   
>   	memunmap(addr);
>   
> -	return count;
> +	if (count != bytes) {

How can this fail unless the values set in priv->mem->size is incorrect

Only case I see this failing with short reads is when offset cross the 
boundary of priv->mem->size.


can you provide more details on the failure usecase, may be with actual 
values of offsets, bytes and priv->mem->size?


> +		dev_err(priv->dev, "Failed read memory (%d)\n", count);
> +		return -EINVAL;
> +	}
> +

> +	return 0;

thanks,
srini

>   }
>   
>   static int rmem_probe(struct platform_device *pdev)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ