From patchwork Tue Jun 19 02:15:53 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Vorontsov X-Patchwork-Id: 9418 Return-Path: X-Original-To: patchwork@peony.canonical.com Delivered-To: patchwork@peony.canonical.com Received: from fiordland.canonical.com (fiordland.canonical.com [91.189.94.145]) by peony.canonical.com (Postfix) with ESMTP id 4EED723F19 for ; Tue, 19 Jun 2012 02:18:17 +0000 (UTC) Received: from mail-gg0-f180.google.com (mail-gg0-f180.google.com [209.85.161.180]) by fiordland.canonical.com (Postfix) with ESMTP id 1ED60A18AA3 for ; Tue, 19 Jun 2012 02:18:17 +0000 (UTC) Received: by mail-gg0-f180.google.com with SMTP id f1so4648181ggn.11 for ; Mon, 18 Jun 2012 19:18:16 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-forwarded-to:x-forwarded-for:delivered-to:received-spf:from:to:cc :subject:date:message-id:x-mailer:in-reply-to:references :x-gm-message-state; bh=5MxNo1TxVgofkuKI2NCF6iJ6QEWEzIlHWudIZJzl2aU=; b=k7m3dBsc0qjlrugcSr5Qwm77NtLHF++UwzukrPHeslgkRYKAGBk7BVDVJ7Llv5cxnM wuDLVcfEKTB/c2g91fHCenntvrWXC5W33vuEn469ps7vVmNVs0KxJvq3i/WSfzNDviwV UvpNn/IrDGFOQfbKW2MHNYILisDwDZAMxckVWudaisjpysR5hvfSC8zV/NyDZo0ldwYJ cDZDRjZCvSuT15cTD/1ebxj9qCpYnUehlsmxh/B71mPm4NEAV9TOC0p76ieHSudoEkEC cDqgNDNlt1jL15xC3Hx5hFyw5DoBKEGT1k1W5Krp1JdpXuA6gYc7i2vCOHsxHI0jvBEZ Dy7Q== Received: by 10.50.163.99 with SMTP id yh3mr2296296igb.53.1340072296811; Mon, 18 Jun 2012 19:18:16 -0700 (PDT) X-Forwarded-To: linaro-patchwork@canonical.com X-Forwarded-For: patch@linaro.org linaro-patchwork@canonical.com Delivered-To: patches@linaro.org Received: by 10.231.24.148 with SMTP id v20csp101052ibb; Mon, 18 Jun 2012 19:18:16 -0700 (PDT) Received: by 10.68.224.70 with SMTP id ra6mr58329517pbc.11.1340072296088; Mon, 18 Jun 2012 19:18:16 -0700 (PDT) Received: from mail-pb0-f50.google.com (mail-pb0-f50.google.com [209.85.160.50]) by mx.google.com with ESMTPS id qa1si9911089pbb.216.2012.06.18.19.18.15 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 18 Jun 2012 19:18:16 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.160.50 is neither permitted nor denied by best guess record for domain of anton.vorontsov@linaro.org) client-ip=209.85.160.50; Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.160.50 is neither permitted nor denied by best guess record for domain of anton.vorontsov@linaro.org) smtp.mail=anton.vorontsov@linaro.org Received: by mail-pb0-f50.google.com with SMTP id rr4so10377373pbb.37 for ; Mon, 18 Jun 2012 19:18:15 -0700 (PDT) Received: by 10.68.226.168 with SMTP id rt8mr17889690pbc.23.1340072295833; Mon, 18 Jun 2012 19:18:15 -0700 (PDT) Received: from localhost (c-71-204-165-222.hsd1.ca.comcast.net. [71.204.165.222]) by mx.google.com with ESMTPS id jp10sm23423940pbb.16.2012.06.18.19.18.11 (version=TLSv1/SSLv3 cipher=OTHER); Mon, 18 Jun 2012 19:18:15 -0700 (PDT) From: Anton Vorontsov To: Greg Kroah-Hartman , Kees Cook , Colin Cross , Tony Luck Cc: Arnd Bergmann , John Stultz , Shuah Khan , arve@android.com, Rebecca Schultz Zavin , Jesper Juhl , Randy Dunlap , Stephen Boyd , Thomas Meyer , Andrew Morton , Marco Stornelli , WANG Cong , linux-kernel@vger.kernel.org, devel@driverdev.osuosl.org, linaro-kernel@lists.linaro.org, patches@linaro.org, kernel-team@android.com Subject: [PATCH 4/7] pstore/ram_core: Better ECC size checking Date: Mon, 18 Jun 2012 19:15:53 -0700 Message-Id: <1340072156-6225-4-git-send-email-anton.vorontsov@linaro.org> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <20120619021050.GA19387@lizard> References: <20120619021050.GA19387@lizard> X-Gm-Message-State: ALoCoQnIRjgfdrOXd5vQacYVcrF6qdjk3NGSODiHg+7M6WgQBL1u0sqodfGYebguBMYFoxRruY09 - Instead of exploiting unsigned overflows (which doesn't work for all sizes), use straightforward checking for ECC total size not exceeding initial buffer size; - Printing overflowed buffer_size is not informative. Instead, print ecc_size and buffer_size; - No need for buffer_size argument in persistent_ram_init_ecc(), we can address prz->buffer_size directly. Signed-off-by: Anton Vorontsov Acked-by: Kees Cook --- fs/pstore/ram_core.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/fs/pstore/ram_core.c b/fs/pstore/ram_core.c index f62ebf2..a5a7b13 100644 --- a/fs/pstore/ram_core.c +++ b/fs/pstore/ram_core.c @@ -171,12 +171,12 @@ static void persistent_ram_ecc_old(struct persistent_ram_zone *prz) } } -static int persistent_ram_init_ecc(struct persistent_ram_zone *prz, - size_t buffer_size) +static int persistent_ram_init_ecc(struct persistent_ram_zone *prz) { int numerr; struct persistent_ram_buffer *buffer = prz->buffer; int ecc_blocks; + size_t ecc_total; if (!prz->ecc) return 0; @@ -187,14 +187,14 @@ static int persistent_ram_init_ecc(struct persistent_ram_zone *prz, prz->ecc_poly = 0x11d; ecc_blocks = DIV_ROUND_UP(prz->buffer_size, prz->ecc_block_size); - prz->buffer_size -= (ecc_blocks + 1) * prz->ecc_size; - - if (prz->buffer_size > buffer_size) { - pr_err("persistent_ram: invalid size %zu, non-ecc datasize %zu\n", - buffer_size, prz->buffer_size); + ecc_total = (ecc_blocks + 1) * prz->ecc_size; + if (ecc_total >= prz->buffer_size) { + pr_err("%s: invalid ecc_size %u (total %zu, buffer size %zu)\n", + __func__, prz->ecc_size, ecc_total, prz->buffer_size); return -EINVAL; } + prz->buffer_size -= ecc_total; prz->par_buffer = buffer->data + prz->buffer_size; prz->par_header = prz->par_buffer + ecc_blocks * prz->ecc_size; @@ -397,7 +397,7 @@ static int __devinit persistent_ram_post_init(struct persistent_ram_zone *prz, prz->ecc = ecc; - ret = persistent_ram_init_ecc(prz, prz->buffer_size); + ret = persistent_ram_init_ecc(prz); if (ret) return ret;