lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Sep 2020 03:37:35 +0200 From: Andrew Lunn <andrew@...n.ch> To: Oded Gabbay <oded.gabbay@...il.com> Cc: linux-kernel@...r.kernel.org, netdev@...r.kernel.org, SW_Drivers@...ana.ai, gregkh@...uxfoundation.org, davem@...emloft.net, kuba@...nel.org, f.fainelli@...il.com, Omer Shpigelman <oshpigelman@...ana.ai> Subject: Re: [PATCH v2 12/14] habanalabs/gaudi: Add ethtool support using coresight > +static int gaudi_nic_get_module_eeprom(struct net_device *netdev, > + struct ethtool_eeprom *ee, u8 *data) > +{ > + struct gaudi_nic_device **ptr = netdev_priv(netdev); > + struct gaudi_nic_device *gaudi_nic = *ptr; > + struct hl_device *hdev = gaudi_nic->hdev; > + > + if (!ee->len) > + return -EINVAL; > + > + memset(data, 0, ee->len); > + memcpy(data, hdev->asic_prop.cpucp_nic_info.qsfp_eeprom, ee->len); > + You memset and then memcpy the same number of bytes? You also need to validate ee->offset, and ee->len. Otherwise this is a vector for user space to read kernel memory after hdev->asic_prop.cpucp_nic_info.qsfp_eeprom. See drivers/net/phy/sfp.c: sfp_module_eeprom() as a good example of this validation. Andrew
Powered by blists - more mailing lists