pstore/ram_core: Better ECC size checking
- Instead of exploiting unsigned overflows (which doesn't work for all sizes), use straightforward checking for ECC total size not exceeding initial buffer size; - Printing overflowed buffer_size is not informative. Instead, print ecc_size and buffer_size; - No need for buffer_size argument in persistent_ram_init_ecc(), we can address prz->buffer_size directly. Signed-off-by: Anton Vorontsov <anton.vorontsov@linaro.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This commit is contained in:
parent
beeb94321a
commit
1e6a9e5625
@ -171,12 +171,12 @@ static void persistent_ram_ecc_old(struct persistent_ram_zone *prz)
|
||||
}
|
||||
}
|
||||
|
||||
static int persistent_ram_init_ecc(struct persistent_ram_zone *prz,
|
||||
size_t buffer_size)
|
||||
static int persistent_ram_init_ecc(struct persistent_ram_zone *prz)
|
||||
{
|
||||
int numerr;
|
||||
struct persistent_ram_buffer *buffer = prz->buffer;
|
||||
int ecc_blocks;
|
||||
size_t ecc_total;
|
||||
|
||||
if (!prz->ecc)
|
||||
return 0;
|
||||
@ -187,14 +187,14 @@ static int persistent_ram_init_ecc(struct persistent_ram_zone *prz,
|
||||
prz->ecc_poly = 0x11d;
|
||||
|
||||
ecc_blocks = DIV_ROUND_UP(prz->buffer_size, prz->ecc_block_size);
|
||||
prz->buffer_size -= (ecc_blocks + 1) * prz->ecc_size;
|
||||
|
||||
if (prz->buffer_size > buffer_size) {
|
||||
pr_err("persistent_ram: invalid size %zu, non-ecc datasize %zu\n",
|
||||
buffer_size, prz->buffer_size);
|
||||
ecc_total = (ecc_blocks + 1) * prz->ecc_size;
|
||||
if (ecc_total >= prz->buffer_size) {
|
||||
pr_err("%s: invalid ecc_size %u (total %zu, buffer size %zu)\n",
|
||||
__func__, prz->ecc_size, ecc_total, prz->buffer_size);
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
prz->buffer_size -= ecc_total;
|
||||
prz->par_buffer = buffer->data + prz->buffer_size;
|
||||
prz->par_header = prz->par_buffer + ecc_blocks * prz->ecc_size;
|
||||
|
||||
@ -397,7 +397,7 @@ static int __devinit persistent_ram_post_init(struct persistent_ram_zone *prz,
|
||||
|
||||
prz->ecc = ecc;
|
||||
|
||||
ret = persistent_ram_init_ecc(prz, prz->buffer_size);
|
||||
ret = persistent_ram_init_ecc(prz);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user