| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Sep 2020 03:37:35 +0200
From: Andrew Lunn <andrew@...n.ch>
To: Oded Gabbay <oded.gabbay@...il.com>
Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org,
SW_Drivers@...ana.ai, gregkh@...uxfoundation.org,
davem@...emloft.net, kuba@...nel.org, f.fainelli@...il.com,
Omer Shpigelman <oshpigelman@...ana.ai>
Subject: Re: [PATCH v2 12/14] habanalabs/gaudi: Add ethtool support using
coresight
> +static int gaudi_nic_get_module_eeprom(struct net_device *netdev,
> + struct ethtool_eeprom *ee, u8 *data)
> +{
> + struct gaudi_nic_device **ptr = netdev_priv(netdev);
> + struct gaudi_nic_device *gaudi_nic = *ptr;
> + struct hl_device *hdev = gaudi_nic->hdev;
> +
> + if (!ee->len)
> + return -EINVAL;
> +
> + memset(data, 0, ee->len);
> + memcpy(data, hdev->asic_prop.cpucp_nic_info.qsfp_eeprom, ee->len);
> +
You memset and then memcpy the same number of bytes?
You also need to validate ee->offset, and ee->len. Otherwise this is a
vector for user space to read kernel memory after
hdev->asic_prop.cpucp_nic_info.qsfp_eeprom. See drivers/net/phy/sfp.c:
sfp_module_eeprom() as a good example of this validation.
Andrew
Powered by blists - more mailing lists