[PATCH] Memset the kernel copy of rtas args before using

linuxppc-dev.lists.ozlabs.org archive mirror
 help / color / mirror / Atom feed

From: Milton Miller <miltonm@bga.com>
To: Nathan Fontenot <nfont@austin.ibm.com>
Cc: ppcdev <linuxppc-dev@ozlabs.org>, Paul Mackerras <paulus@samba.org>
Subject: [PATCH] Memset the kernel copy of rtas args before using
Date: Fri, 25 Jul 2008 23:17:10 -0500	[thread overview]
Message-ID: <55352adb7411e87b6c4dd948fc623936@bga.com> (raw)
In-Reply-To: <488A44DB.7090400@austin.ibm.com>

On Sat Jul 26 at 07:25:47 EST in 2008, Nathan Fontenot wrote:
> The kernel copy of the rtas args struct that is read in from
> user space is a stack variable.  This structure should be
> zero'ed out before we do any reads/writes to/from the user
> when handling a rtas call request.  This patch adds a memset
> to do this.

Why bother to zero the data before copying from the user?  We
check that they supply data for the whole input range needed.

> I am seeing an issue in testing partition mobility, where the
> parts of the rtas args struct that return status top the user
> contain stale data.

Please change the patch to just clear the output arg range.
(I"m fine not trusting firmware to set all output args based
on what the user suggested the return arg count would be).

And we can do it after we decide not to return an error:

  792         if (args.token == RTAS_UNKNOWN_SERVICE)
  793                 return -EINVAL;
  794
  795         /* Need to handle ibm,suspend_me call specially */


milton

next prev parent reply	other threads:[~2008-07-26  4:23 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-07-25 21:25 [PATCH] Memset the kernel copy of rtas args before using Nathan Fontenot
2008-07-26  4:17 ` Milton Miller [this message]
2008-07-26 10:52 ` Sergei Shtylyov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55352adb7411e87b6c4dd948fc623936@bga.com \
    --to=miltonm@bga.com \
    --cc=linuxppc-dev@ozlabs.org \
    --cc=nfont@austin.ibm.com \
    --cc=paulus@samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).