From: Ameya Palande <ameya.palande@nokia.com>
To: "ext Ramos Falcon, Ernesto" <ernesto@ti.com>
Cc: "linux-omap@vger.kernel.org" <linux-omap@vger.kernel.org>,
"Contreras Felipe (Nokia-D/Helsinki)"
<felipe.contreras@nokia.com>,
"Doyu Hiroshi (Nokia-D/Helsinki)" <hiroshi.doyu@nokia.com>
Subject: Re: [PATCH] DSPBRIDGE: Validate node handle from user
Date: Tue, 09 Feb 2010 19:32:14 +0200 [thread overview]
Message-ID: <1265736734.2832.11.camel@sanganak> (raw)
In-Reply-To: <B852767254C5C94EBB1040EE0EFA06008C89E95B@dlee01.ent.ti.com>
Hi Ernesto,
On Tue, 2010-02-09 at 18:08 +0100, ext Ramos Falcon, Ernesto wrote:
> From 8310b586b025b0703c3951560849c4ea0250b6e1 Mon Sep 17 00:00:00 2001
> From: Ernesto Ramos <ernesto@ti.com>
> Date: Fri, 29 Jan 2010 16:21:59 -0600
> Subject: [PATCH] DSPBRIDGE: Validate node handle from user.
>
> Add checks to validate the node handles received from user.
>
> Signed-off-by: Ernesto Ramos <ernesto@ti.com>
> ---
> drivers/dsp/bridge/pmgr/wcd.c | 91 ++++++++++++++++++++-
> drivers/dsp/bridge/rmgr/node.c | 174 +++++++++++++--------------------------
> 2 files changed, 146 insertions(+), 119 deletions(-)
>
> diff --git a/drivers/dsp/bridge/pmgr/wcd.c b/drivers/dsp/bridge/pmgr/wcd.c
> index 74654dc..2e6eeb0 100644
> --- a/drivers/dsp/bridge/pmgr/wcd.c
> +++ b/drivers/dsp/bridge/pmgr/wcd.c
> @@ -1066,6 +1066,24 @@ u32 PROCWRAP_Stop(union Trapped_Args *args, void *pr_ctxt)
> return retVal;
> }
>
> +bool validate_node_handle(struct NODE_OBJECT *hNode, void *pr_ctxt)
> +{
> + bool retVal = false;
> + struct PROCESS_CONTEXT *pCtxt = pr_ctxt;
> + struct NODE_RES_OBJECT *pNode = pCtxt->pNodeList;
> +
> + if (hNode == (struct NODE_OBJECT *) DSP_HGPPNODE)
> + retVal = true;
> +
> + while (pNode && !retVal) {
> + if (hNode == pNode->hNode)
If you have several nodes allocated by user space, then what you are
validating here is for any node! Is that ok?
This validation and design itself doesn't look good to me. If we don't
want to trust user space, then instead of checking the node handle in
every function it is better to store all user space specific date inside
pr_context and use it from there.
Cheers,
Ameya.
next prev parent reply other threads:[~2010-02-09 17:33 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-09 17:08 [PATCH] DSPBRIDGE: Validate node handle from user Ramos Falcon, Ernesto
2010-02-09 17:32 ` Ameya Palande [this message]
2010-02-09 17:52 ` Ramos Falcon, Ernesto
2010-02-11 13:51 ` Ameya Palande
2010-02-11 18:44 ` Ramos Falcon, Ernesto
2010-02-11 23:31 ` Ameya Palande
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1265736734.2832.11.camel@sanganak \
--to=ameya.palande@nokia.com \
--cc=ernesto@ti.com \
--cc=felipe.contreras@nokia.com \
--cc=hiroshi.doyu@nokia.com \
--cc=linux-omap@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox