From: "gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>
To: Ioana Ciornei <ioana.ciornei@nxp.com>
Cc: Laurentiu Tudor <laurentiu.tudor@nxp.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"netdev-owner@vger.kernel.org" <netdev-owner@vger.kernel.org>,
Ioana Ciocoi Radulescu <ruxandra.radulescu@nxp.com>,
Horia Geanta <horia.geanta@nxp.com>, Leo Li <leoyang.li@nxp.com>
Subject: Re: [PATCH v3 2/4] bus: fsl-mc: add fsl-mc userspace support
Date: Tue, 20 Nov 2018 17:48:50 +0100 [thread overview]
Message-ID: <20181120164850.GC27531@kroah.com> (raw)
In-Reply-To: <1542728371-6972-3-git-send-email-ioana.ciornei@nxp.com>
On Tue, Nov 20, 2018 at 03:39:45PM +0000, Ioana Ciornei wrote:
> +static int fsl_mc_uapi_send_command(unsigned long arg,
> + struct fsl_mc_io *mc_io)
> +{
> + struct fsl_mc_command mc_cmd;
> + int error;
> +
> + error = copy_from_user(&mc_cmd, (void __user *)arg, sizeof(mc_cmd));
> + if (error)
> + return -EFAULT;
> +
> + error = mc_send_command(mc_io, &mc_cmd);
> + if (error)
> + return error;
> +
> + error = copy_to_user((void __user *)arg, &mc_cmd, sizeof(mc_cmd));
> + if (error)
> + return -EFAULT;
> +
> + return 0;
> +}
I know you said that "the firmware will properly verify the command"
already, but given that I used to be a firmware developer a long time
ago, I can almost guarantee that this will cause problems in the future.
Want to make a friendly bet about this?
What is the odds that your firmware api/interface has been properly
fuzzed such that all possible combinations of bad commands will really
not do horrible things to the hardware/system?
Are you all willing to bet the system intregrity on this? If so, ok,
it's your systems :)
Personally, I think you need to add a "known whitelist" and do some sort
of sanity checking here.
thanks,
greg k-h
next prev parent reply other threads:[~2018-11-20 16:48 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-20 15:39 [PATCH v3 0/4] bus: fsl-mc: enhance Management Complex userspace support Ioana Ciornei
2018-11-20 15:39 ` [PATCH v3 1/4] bus: fsl-mc: move fsl_mc_command struct in a uapi header Ioana Ciornei
2018-11-20 15:39 ` [PATCH v3 3/4] bus: fsl-mc: add root dprc rescan attribute Ioana Ciornei
2018-11-20 15:39 ` [PATCH v3 2/4] bus: fsl-mc: add fsl-mc userspace support Ioana Ciornei
2018-11-20 16:44 ` gregkh
2018-11-20 16:51 ` Ioana Ciornei
2018-11-20 16:58 ` gregkh
2018-11-20 16:48 ` gregkh [this message]
2018-11-20 17:59 ` Ioana Ciornei
2018-11-21 8:14 ` gregkh
2018-11-29 16:55 ` Ioana Ciornei
2018-11-20 15:39 ` [PATCH v3 4/4] bus: fsl-mc: add bus rescan attribute Ioana Ciornei
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181120164850.GC27531@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=horia.geanta@nxp.com \
--cc=ioana.ciornei@nxp.com \
--cc=laurentiu.tudor@nxp.com \
--cc=leoyang.li@nxp.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev-owner@vger.kernel.org \
--cc=ruxandra.radulescu@nxp.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.