From: Thiago Jung Bauermann <bauerman@linux.vnet.ibm.com>
To: bsingharora@gmail.com
Cc: kexec@lists.infradead.org,
Stewart Smith <stewart@linux.vnet.ibm.com>,
Mark Rutland <mark.rutland@arm.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Arnd Bergmann <arnd@arndb.de>, Baoquan He <bhe@redhat.com>,
linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org,
Vivek Goyal <vgoyal@redhat.com>,
AKASHI Takahiro <takahiro.akashi@linaro.org>,
David Laight <David.Laight@aculab.com>,
Eric Biederman <ebiederm@xmission.com>,
Michael Ellerman <mpe@ellerman.id.au>,
Russell King - ARM Linux <linux@armlinux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Dave Young <dyoung@redhat.com>,
linux-arm-kernel@lists.infradead.org
Subject: Re: [PATCH v2 2/2] kexec: extend kexec_file_load system call
Date: Fri, 12 Aug 2016 18:44:16 -0300 [thread overview]
Message-ID: <1606244.4vNzhVNUBR@hactar> (raw)
In-Reply-To: <20160812081739.GB22218@350D>
Hello Balbir,
Thank you for the review!
Am Freitag, 12 August 2016, 18:17:39 schrieb Balbir Singh:
> On Thu, Aug 11, 2016 at 08:03:58PM -0300, Thiago Jung Bauermann wrote:
> > diff --git a/include/linux/fs.h b/include/linux/fs.h
> > index 3523bf62f328..847d9c31f428 100644
> > --- a/include/linux/fs.h
> > +++ b/include/linux/fs.h
> > @@ -2656,6 +2656,7 @@ extern int do_pipe_flags(int *, int);
> >
> > id(MODULE, kernel-module) \
> > id(KEXEC_IMAGE, kexec-image) \
> > id(KEXEC_INITRAMFS, kexec-initramfs) \
> >
> > + id(KEXEC_PARTIAL_DTB, kexec-partial-dtb) \
>
> The backspace is over-indented?
Indeed, I'll fix that. But to keep it aligned with the other backslashes,
there would be no spaces between it and the final closing parenthesis.
Either that, or reindent the other backslashes one more level. I think I
prefer the former.
> > @@ -160,6 +180,55 @@ kimage_file_prepare_segments(struct kimage *image,
> > int kernel_fd, int initrd_fd,>
> > image->initrd_buf_len = size;
> >
> > }
> >
> > + if (flags & KEXEC_FILE_EXTRA_FDS) {
> > + int nr_fds, i;
> > + size_t fdset_size;
> > + char fdset_buf[MAX_FDSET_SIZE];
>
> Do we really want this on the stack? I presume the size is not large
It has 132 bytes. Would it be better to use kmalloc instead?
> > + struct kexec_fdset *fdset = (struct kexec_fdset *)
fdset_buf;
> > +
> > + ret = copy_from_user(&nr_fds, ufdset, sizeof(int));
> > + if (ret) {
> > + ret = -EFAULT;
> > + goto out;
> > + }
> > +
> > + if (nr_fds > KEXEC_SEGMENT_MAX) {
>
> We need an nr_fds < 0 check as well
Indeed, I forgot to do that. I will add the check.
> > + ret = -E2BIG;
> > + goto out;
> > + }
> > +
> > + fdset_size = sizeof(struct kexec_fdset)
> > + + nr_fds * sizeof(struct kexec_file_fd);
> > +
> > + ret = copy_from_user(fdset, ufdset, fdset_size);
>
> Can the user change nr_fds between the two copy_from_users, ideally not,
> but we should validate it.
Good catch. I'll check if nr_fds == fdset->nr_fds and return with an error
if they're different.
--
[]'s
Thiago Jung Bauermann
IBM Linux Technology Center
next prev parent reply other threads:[~2016-08-12 21:44 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-11 23:03 [PATCH v2 0/2] extend kexec_file_load system call Thiago Jung Bauermann
2016-08-11 23:03 ` [PATCH v2 1/2] kexec: add dtb info to struct kimage Thiago Jung Bauermann
2016-08-18 8:23 ` Dave Young
2016-08-11 23:03 ` [PATCH v2 2/2] kexec: extend kexec_file_load system call Thiago Jung Bauermann
2016-08-12 8:17 ` Balbir Singh
2016-08-12 21:44 ` Thiago Jung Bauermann [this message]
2016-08-16 0:13 ` Thiago Jung Bauermann
2016-08-18 8:19 ` Dave Young
2016-08-30 23:34 ` Thiago Jung Bauermann
2016-08-18 10:21 ` [PATCH v2 0/2] " Mark Rutland
2016-08-30 23:25 ` Thiago Jung Bauermann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1606244.4vNzhVNUBR@hactar \
--to=bauerman@linux.vnet.ibm.com \
--cc=David.Laight@aculab.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=benh@kernel.crashing.org \
--cc=bhe@redhat.com \
--cc=bsingharora@gmail.com \
--cc=dyoung@redhat.com \
--cc=ebiederm@xmission.com \
--cc=kexec@lists.infradead.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=mark.rutland@arm.com \
--cc=mpe@ellerman.id.au \
--cc=stewart@linux.vnet.ibm.com \
--cc=takahiro.akashi@linaro.org \
--cc=vgoyal@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).