From: Bryan Thompson
This series of patches addresses two CamelCase issues and a spinlock
commenting issue reported by checkpatch on the visorchannel tree.
Bryan Thompson (3):
staging: unisys: visorchannel: Rename CamelCase variable channelBytes
staging: unisys: visorchannel: Rename
++--
2 files changed, 18 insertions(+), 18 deletions(-)
diff --git a/drivers/staging/unisys/visorchannel/visorchannel.h
b/drivers/staging/unisys/visorchannel/visorchannel.h
index 5061edf..5dbfddb 100644
--- a/drivers/staging/unisys/visorchannel/visorchannel.h
+++ b/drivers/staging
(-)
diff --git a/drivers/staging/unisys/visorchannel/visorchannel_funcs.c
b/drivers/staging/unisys/visorchannel/visorchannel_funcs.c
index 1568b95..1ce25c2 100644
--- a/drivers/staging/unisys/visorchannel/visorchannel_funcs.c
+++ b/drivers/staging/unisys/visorchannel/visorchannel_funcs.c
@@ -33,9 +33,10
(-)
diff --git a/drivers/staging/unisys/visorchannel/visorchannel.h
b/drivers/staging/unisys/visorchannel/visorchannel.h
index 5dbfddb..3f2184c 100644
--- a/drivers/staging/unisys/visorchannel/visorchannel.h
+++ b/drivers/staging/unisys/visorchannel/visorchannel.h
@@ -68,7 +68,7 @@ u64
Sorry, please ignore this patch, missing reviewed-by line, I will send a new
version.
> -Original Message-
> From: weiyongjun (A)
> Sent: Wednesday, January 16, 2019 6:39 PM
> To: gre...@linuxfoundation.org; a...@android.com; tk...@android.com;
> m...@android.com; j...@jo
vers/staging/android/ion/ion.c | 46 ++-
1 file changed, 21 insertions(+), 25 deletions(-)
diff --git a/drivers/staging/android/ion/ion.c
b/drivers/staging/android/ion/ion.c
index 9907332..f7e2812 100644
--- a/drivers/staging/android/ion/ion.c
+++ b/drivers/staging/a
On 2019/2/1 16:15, Dan Carpenter wrote:
On Fri, Feb 01, 2019 at 02:59:46PM +0800, Qing Xia wrote:
In the first loop, gfp_flags will be modified to high_order_gfp_flags,
and there will be no chance to change back to low_order_gfp_flags.
Fixes: e7f63771 ("ION: Sys_heap: Add cached pool to spea
p1-isp.c:(.text+0x1238):
undefined reference to `phy_mipi_dphy_get_default_config'
make: *** [vmlinux] Error 1
Signed-off-by: Zhang Xiaoxu
---
drivers/staging/media/rkisp1/Kconfig | 1 +
1 file changed, 1 insertion(+)
diff --git a/drivers/staging/media/rkisp1/Kconfig
b/drivers/
On Tue, Aug 23, 2016 at 02:00:06PM -0700, Laura Abbott wrote:
> It's pretty harsh because the users of Ion need a less than subtle hint
> that something is broken. From experience, warning and leaking memory
> just leads to a system that limps along and warnings that get ignored.
&g
fixed the errors and warnings generated by
checkpatch.pl script.
Signed-off-by: Gokulnath A
---
drivers/staging/ktap/interpreter/loader.c | 27 +--
1 file changed, 13 insertions(+), 14 deletions(-)
diff --git a/drivers/staging/ktap/interpreter/loader.c
b/drivers/staging
fixed the errors and warnings found by
checkpatch.pl script.
Signed-off-by: Gokulnath A
---
drivers/staging/ktap/interpreter/ktap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/staging/ktap/interpreter/ktap.c
b/drivers/staging/ktap/interpreter/ktap.c
index
fixed the errors and warnings found by
checkpatch.pl script.
Signed-off-by: Gokulnath A
---
drivers/staging/ktap/interpreter/ktap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/staging/ktap/interpreter/ktap.c
b/drivers/staging/ktap/interpreter/ktap.c
index
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceIdleMode.c | 19 ---
1 file changed, 8 insertions(+), 11 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceIdleMode.c
b/drivers/staging/bcm/InterfaceIdleMode.c
index
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceDld.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/staging/bcm/InterfaceDld.c
b/drivers/staging/bcm/InterfaceDld.c
index 463bdee..a8d0063 100644
--- a/drivers
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceTx.c | 123 --
1 file changed, 51 insertions(+), 72 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceTx.c
b/drivers/staging/bcm/InterfaceTx.c
index
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceRx.c | 154 +++---
1 file changed, 62 insertions(+), 92 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceRx.c
b/drivers/staging/bcm/InterfaceRx.c
index
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceIsr.c | 107 -
1 file changed, 45 insertions(+), 62 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceIsr.c
b/drivers/staging/bcm/InterfaceIsr.c
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/Qos.c | 255 +-
1 file changed, 95 insertions(+), 160 deletions(-)
diff --git a/drivers/staging/bcm/Qos.c b/drivers/staging/bcm/Qos.c
index 1609a2b
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/hostmibs.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/bcm/hostmibs.c b/drivers/staging/bcm/hostmibs.c
index f55300d..38acfe3 100644
--- a/drivers
fixed all the errors found by checkpatch.pl
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceInit.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceInit.c
b/drivers/staging/bcm/InterfaceInit.c
index 3acdb58
On Sat, Dec 14, 2013 at 4:41 AM, Dan Carpenter wrote:
> On Sat, Dec 14, 2013 at 01:05:29AM +0530, Gokulnath A wrote:
>> fixed all the errors found by checkpatch.pl
>>
>
> This is not very useful. The subjects of this patch series could be
> improved as well.
i will take
As per the TODO,
1. Removed the developer debug BCM_DEBUG_PRINT() messages.
2. Fixed all the errors found by checkpatch.pl script.
3. Fixed all the line over 80 characters warning
found by checkpatch.pl script.
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceDld.c | 122
Removed the developer debug prints BCM_DEBUG_PRINT()
as per the TODO list, also removed braces for the
if-statement to match coding style
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceDld.c | 70 --
1 file changed, 14 insertions(+), 56 deletions
As per comments from Greg KH and Dan Carpenter updated and
split the patch series.
Gokulnath A (2):
staging:bcm: Removed developer debug prints in InterfaceDld.c
staging: bcm: line over 80 characters in InterfaceDld.c
drivers/staging/bcm/InterfaceDld.c | 140
Fixed all the line over 80 characters warning found by
checkpatch.pl script.
Signed-off-by: Gokulnath A
---
drivers/staging/bcm/InterfaceDld.c | 70 ++
1 file changed, 49 insertions(+), 21 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceDld.c
b
example, first patch would be a fix for line over 80 characters,
followed by the other problems as mentioned above by you.
> The empty line issues were not discovered by checkpatch but in my opinion
> these
> changes make perfect sense in terms of readability.
>
> Signed-off-by
, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceIdleMode.c
b/drivers/staging/bcm/InterfaceIdleMode.c
index 97408d3..dd61196 100644
--- a/drivers/staging/bcm/InterfaceIdleMode.c
+++ b/drivers/staging/bcm/InterfaceIdleMode.c
@@ -56,7 +56,7 @@ int InterfaceIdleModeRespond
This patch series fix all the warning and errors found by
checkpatch.pl script, Additionally removed the developer
debug BCM_DEBUG_PRINT() prints as per TODO list.
Gokulnath Avanashilingam (4):
staging:bcm: Remove Developer Debug prints in InterfaceIdleMode.c
staging: bcm: line over 80 charact
a/drivers/staging/bcm/InterfaceIdleMode.c
b/drivers/staging/bcm/InterfaceIdleMode.c
index 32c1e23..97408d3 100644
--- a/drivers/staging/bcm/InterfaceIdleMode.c
+++ b/drivers/staging/bcm/InterfaceIdleMode.c
@@ -1,32 +1,37 @@
#include "headers.h"
/*
(+), 12 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceIdleMode.c
b/drivers/staging/bcm/InterfaceIdleMode.c
index dd61196..fecf81f 100644
--- a/drivers/staging/bcm/InterfaceIdleMode.c
+++ b/drivers/staging/bcm/InterfaceIdleMode.c
@@ -58,15 +58,15 @@ int InterfaceIdleModeRespond(struct
++---
1 file changed, 10 insertions(+), 47 deletions(-)
diff --git a/drivers/staging/bcm/InterfaceIdleMode.c
b/drivers/staging/bcm/InterfaceIdleMode.c
index 5959fbd..32c1e23 100644
--- a/drivers/staging/bcm/InterfaceIdleMode.c
+++ b/drivers/staging/bcm/InterfaceIdleMode.c
@@ -48,26 +48,18 @@ int
On Fri, Dec 20, 2013 at 10:31 PM, Greg Kroah-Hartman
wrote:
> On Fri, Dec 20, 2013 at 08:36:48PM +0530, Gokulnath A wrote:
>> Hello Michael,
>>
>> On Fri, Dec 20, 2013 at 7:21 PM, Michael Hoefler
>> wrote:
>> > This patch addresses several prob
Hi Dan,
On Sat, Dec 21, 2013 at 2:00 PM, Dan Carpenter wrote:
> On Fri, Dec 20, 2013 at 08:54:30PM +0530, Gokulnath A wrote:
>> From: Gokulnath Avanashilingam
>
> No need. This should come from your email.
>
>>
>> Fixed all the line over 80 characters warning fo
Fixed all the trailing whitespace errors found by checkpatch.pl script
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 250
1 file changed, 125 insertions(+), 125 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers
Removed all the C99 comments found by checkpatch.pl script
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers/staging/rtl8821ae/pci.c
index 618a3cb..a1bf11b
Fixed all the errors related to spacing found by checkpatch.pl script
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 20 ++--
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers/staging/rtl8821ae/pci.c
index
Fixed all the errors related to space prohibition found by
checkpatch.pl script
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 26 +-
1 file changed, 13 insertions(+), 13 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers/staging
The following series of patches are used to Fix all the
errors found by checkpatch.pl script in the pci.c.
Few warnings are still present in the patches submitted.
That can be taken care in the next set of patches.
Gokulnath A (8):
staging:rtl8821ae:pci.c trailing whitespace cleanup
Fixed the error found by checkpatch.pl related to spacing requirement
in the && condition.
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers/staging/rtl8821
fixed all the spacing related issues found by checkpatch.pl script.
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 54 -
1 file changed, 27 insertions(+), 27 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers/staging
fixed all the code indentation errors found by checkpatch.pl script
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 22 +++---
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers/staging/rtl8821ae/pci.c
index
This patch fixes the following checkpatch.pl issues in
rtl8821ae/pci.c file
ERROR: (foo*) should be (foo *)
Signed-off-by: Gokulnath A
---
drivers/staging/rtl8821ae/pci.c | 8
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/staging/rtl8821ae/pci.c b/drivers
) 11.2.0
reproduce (this is a W=1 build):
wget
https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O
~/bin/make.cross
chmod +x ~/bin/make.cross
#
https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core.git/commit/?id
To Email Owner,
Attn: Fund Beneficiary,
This message is from the central working committee on foreign payment Unit of
the Financial Conduct Authority. there is an approved fund for you, kindly
confirm this your e-mail address is active for further information .
We hope you find this improvem
/staging/octeon/ethernet-mdio.c | 6 --
drivers/staging/octeon/ethernet.c | 10 ++
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/octeon/ethernet-mdio.c
b/drivers/staging/octeon/ethernet-mdio.c
index cfb673a..0bf54584 100644
--- a/drivers/staging/octeon/
/staging/octeon/ethernet-mdio.c | 6 --
drivers/staging/octeon/ethernet.c | 10 ++
2 files changed, 10 insertions(+), 6 deletions(-)
diff --git a/drivers/staging/octeon/ethernet-mdio.c
b/drivers/staging/octeon/ethernet-mdio.c
index cfb673a..0bf54584 100644
--- a/drivers/staging/octeon/
From: Alexander Sverdlin
Currently in case of alignment or FCS error if the packet cannot be
corrected it's still not dropped. Report the error properly and drop the
packet while making the code around a little bit more readable.
Signed-off-by: Alexander Sverdlin
Fixes: 80ff0fd3ab (&qu
/staging/octeon/ethernet-mdio.c | 6 --
drivers/staging/octeon/ethernet.c | 9 +
2 files changed, 9 insertions(+), 6 deletions(-)
Changes in v2:
- removed the usage of non-upstream local variable "r"
diff --git a/drivers/staging/octeon/ethernet-mdio.c
b/drivers/staging/oct
From: Alexander Sverdlin
Currently in case of alignment or FCS error if the packet cannot be
corrected it's still not dropped. Report the error properly and drop the
packet while making the code around a little bit more readable.
Signed-off-by: Alexander Sverdlin
Fixes: 80ff0fd3ab (&qu
From: Alexander Sverdlin
Currently in case of alignment or FCS error if the packet cannot be
corrected it's still not dropped. Report the error properly and drop the
packet while making the code around a little bit more readable.
Fixes: 80ff0fd3ab ("Staging: Add octeon-ethernet dr
473d12f7638c93acbd9296a8cd455b203d5eb528
# save the attached .config to linux build tree
make ARCH=i386
If you fix the issue, kindly add following tag
Reported-by: kbuild test robot
All errors (new ones prefixed by >>):
So, as far as I understood it wasn't compiled on 32-bit before, so, it&
Is this email still active? I have something important to discuss with you.
Please contact me on my personal e-mail on:
/ a.douglas.mcgregory(@)gmail.com /
Please remove the brackets (@) on your reply.
A. Douglas McGregor
___
devel mailing list
de
t;Joe Perches" wrote:
>On Thu, 2014-11-20 at 15:43 -0800, hpdd-discuss-ow...@lists.01.org
>wrote:
>> You must be a subscriber to post to this list. Please make sure you
>> are sending from a subscribed email address.
>
>The linux-kernel MAINTAINERS file has this as a mode
> -Original Message-
> From: Arnd Bergmann [mailto:a...@arndb.de]
> Sent: Friday, September 15, 2017 3:23 PM
> To: Kershner, David A ; Greg Kroah-Hartman
>
> Cc: Arnd Bergmann ; Sell, Timothy C
> ; Wadgaonkar, Sameer Laxmikant
> ; Binder, David Anthony
> ; Th
> -Original Message-
> From: Tom Saeger [mailto:tom.sae...@oracle.com]
> Sent: Tuesday, October 31, 2017 11:30 AM
> To: Kershner, David A ; Greg Kroah-Hartman
> ; *S-Par-Maintainer
> ; de...@driverdev.osuosl.org; linux-
> ker...@vger.kernel.org
> Cc: Tom Saeger
> -Original Message-
> From: SF Markus Elfring [mailto:elfr...@users.sourceforge.net]
> Sent: Friday, November 3, 2017 3:50 PM
> To: de...@driverdev.osuosl.org; *S-Par-Maintainer
> ; Thompson, Bryan E.
> ; Binder, David Anthony
> ; Kershner, David A
> ; Greg
o have SPDX identifiers in all files to make it easier to
> audit the kernel tree for correct licenses.
>
> Update the drivers/staging/most files files with the correct SPDX
> license identifier based on the license text in the file itself. The
> SPDX identifier is a legally bind
> -Original Message-
> From: Christoph Hellwig [mailto:h...@infradead.org]
> Sent: Friday, November 17, 2017 2:18 PM
> To: Kershner, David A
> Cc: gre...@linuxfoundation.org; jes.soren...@gmail.com; linux-
> ker...@vger.kernel.org; driverdev-devel@linuxdriverp
> -Original Message-
> From: Greg KH [mailto:gre...@linuxfoundation.org]
> Sent: Saturday, November 18, 2017 5:26 AM
> To: Kershner, David A
> Cc: jes.soren...@gmail.com; linux-ker...@vger.kernel.org; driverdev-
> de...@linuxdriverproject.org; *S-Par-Maintain
> -Original Message-
> From: Joe Perches [mailto:j...@perches.com]
> Sent: Friday, December 8, 2017 11:53 AM
> To: Greg KH ; Kershner, David A
>
> Cc: jes.soren...@gmail.com; linux-ker...@vger.kernel.org; driverdev-
> de...@linuxdriverproject.org; *S-Par-Maint
> -Original Message-
> From: Dan Carpenter [mailto:dan.carpen...@oracle.com]
> Sent: Friday, December 8, 2017 1:32 PM
> To: Greg KH
> Cc: Kershner, David A ;
> wadgaonkar...@gmail.com; driverdev-devel@linuxdriverproject.org;
> jes.soren...@gmail.com; *S-Par-Mai
> -Original Message-
> From: Jiri Slaby [mailto:jsl...@suse.cz]
> Sent: Wednesday, February 15, 2017 11:04 AM
> To: Kershner, David A
> Cc: linux-ker...@vger.kernel.org; Stefan Svinciak ; Jiri
> Slaby ; Greg Kroah-Hartman
> ; *S-Par-Maintainer
> ; de...@driver
> -Original Message-
> From: Julia Lawall [mailto:julia.law...@lip6.fr]
> Sent: Friday, March 3, 2017 11:07 AM
> To: simran singhal
> Cc: gre...@linuxfoundation.org; Kershner, David A
> ; *S-Par-Maintainer
> ; de...@driverdev.osuosl.org; linux-
> ker...@vg
> -Original Message-
> From: Andrea Ghittino [mailto:aghitt...@gmail.com]
> Sent: Saturday, March 4, 2017 12:21 PM
> To: de...@driverdev.osuosl.org; Kershner, David A
> ; gre...@linuxfoundation.org; *S-Par-
> Maintainer ; linux-ker...@vger.kernel.org
> Subject: [P
Hi Elena,
On Mon, 2017-03-06 at 16:21 +0200, Elena Reshetova wrote:
> refcount_t type and corresponding API should be
> used instead of atomic_t when the variable is used as
> a reference counter. This allows to avoid accidental
> refcounter overflows that might lead to us
Hi Elena,
On Mon, 2017-03-06 at 16:21 +0200, Elena Reshetova wrote:
> refcount_t type and corresponding API should be
> used instead of atomic_t when the variable is used as
> a reference counter. This allows to avoid accidental
> refcounter overflows that might lead to us
>From: Julia Lawall
>
>Replace OBD_ALLOC, OBD_ALLOC_WAIT, OBD_ALLOC_PTR, and OBD_ALLOC_PTR_WAIT by
>kalloc/kcalloc, and OBD_FREE and OBD_FREE_PTR by kfree.
Nak: James Simmons
A simple replace will not work. The OBD_ALLOC and OBD_FREE functions allocate
memory
anywhere from one pa
>> >From: Julia Lawall
>> >
>> >Replace OBD_ALLOC, OBD_ALLOC_WAIT, OBD_ALLOC_PTR, and OBD_ALLOC_PTR_WAIT by
>> >kalloc/kcalloc, and OBD_FREE and OBD_FREE_PTR by kfree.
>>
>> Nak: James Simmons
>>
>> A simple replace will not wo
>We are hopefully going to get rid of OBD_ALLOC_LARGE() as well, though.
>
>It's simple enough to write a function:
>
>void *obd_zalloc(size_t size)
>{
> if (size > 4 * PAGE_CACHE_SIZE)
> return vzalloc(size);
> else
>
>> Yes the LARGE functions do the switching. I was expecting also patches to
>> remove the
>> OBD_ALLOC_LARGE functions as well which is not the case here. I do have one
>> question still. The
>> macro __OBD_MALLOC_VERBOSE allowed the ability to simulate memory a
>> Yes the LARGE functions do the switching. I was expecting also patches to
>> remove the
>> OBD_ALLOC_LARGE functions as well which is not the case here. I do have one
>> question still. The
>> macro __OBD_MALLOC_VERBOSE allowed the ability to simulate memory a
>> >We are hopefully going to get rid of OBD_ALLOC_LARGE() as well, though.
>> >
>> >It's simple enough to write a function:
>> >
>> >void *obd_zalloc(size_t size)
>> >{
>> >if (size > 4 * PAGE_CACHE_SIZE)
>> >
gether, and nothing has happened, I think I've been waiting
>> > long enough, don't you?
As you see from a earlier email from Oleg work is being done to change things.
>> I agree we've been much slower in doing a bunch of requested cleanups than
>> i
The subtraction here was using a signed integer and did not have any
bounds checking at all. This commit adds proper bounds checking, made
easy by use of an unsigned integer. This way, a single packet won't be
able to remotely trigger a massive loop, locking up the system for a
considerable a
A network supplied parameter was not checked before division, leading to
a divide-by-zero. Since this happens in the softirq path, it leads to a
crash. A PoC follows below, which requires the ozprotocol.h file from
this module.
=-=-=-=-=-=
#include
#include
#include
#include
#include
The ozwpan driver accepts network packets, parses them, and converts
them into various USB functionality. There are numerous security
vulnerabilities in the handling of these packets. Two of them result in
a memcpy(kernel_buffer, network_packet, -length), one of them is a
divide-by-zero, and one
Using signed integers, the subtraction between required_size and offset
could wind up being negative, resulting in a memcpy into a heap buffer
with a negative length, resulting in huge amounts of network-supplied
data being copied into the heap, which could potentially lead to remote
code
Since elt->length is a u8, we can make this variable a u8. Then we can
do proper bounds checking more easily. Without this, a potentially
negative value is passed to the memcpy inside oz_hcd_get_desc_cnf,
resulting in a remotely exploitable heap overflow with network
supplied data.
This co
>
> You don't really want to do arithmetic on local variables that are
> smaller than a machine word (eg u8 and u16), doing so can require
> the compiler generate a lot more code.
This is code is just part of the patch context. Care to submit a
follow up patch fixing this so the main
>This patch does a lot of stuff all at once and it is hard to review. It
>could easily be broken into patches which are easy to review.
I have more very large patches. With breaking them up that means you are
going to see hundreds of patches coming from me.
>Ok in this next sectio
lp_rtrcredits;
>> +/* low water mark */
>> +int lp_minrtrcredits;
>> +/* alive/dead? */
>> +unsigned intlp_alive:1;
>> +/* notification outstanding? */
>> +unsigned intlp_notify:1;
>> +/
Since elt->length is a u8, we can make this variable a u8. Then we can
do proper bounds checking more easily. Without this, a potentially
negative value is passed to the memcpy inside oz_hcd_get_desc_cnf,
resulting in a remotely exploitable heap overflow with network
supplied data.
This co
A network supplied parameter was not checked before division, leading to
a divide-by-zero. Since this happens in the softirq path, it leads to a
crash. A PoC follows below, which requires the ozprotocol.h file from
this module.
=-=-=-=-=-=
#include
#include
#include
#include
#include
Using signed integers, the subtraction between required_size and offset
could wind up being negative, resulting in a memcpy into a heap buffer
with a negative length, resulting in huge amounts of network-supplied
data being copied into the heap, which could potentially lead to remote
code
The subtraction here was using a signed integer and did not have any
bounds checking at all. This commit adds proper bounds checking, made
easy by use of an unsigned integer. This way, a single packet won't be
able to remotely trigger a massive loop, locking up the system for a
considerable a
This is v2 for this patch series, fixing a compiler warning.
The ozwpan driver accepts network packets, parses them, and converts
them into various USB functionality. There are numerous security
vulnerabilities in the handling of these packets. Two of them result in
a memcpy(kernel_buffer
On Tue, May 26, 2015 at 3:32 PM, Dan Carpenter wrote:
> On Tue, May 26, 2015 at 02:17:46PM +0200, Jason A. Donenfeld wrote:
>> + data_len = elt->length -
>> sizeof(struct oz_get_desc_rsp) + 1;
>
> This was in
On Tue, May 26, 2015 at 4:06 PM, Dan Carpenter wrote:
> You sure do like wrapping to a high value and testing the result for
> wrapping instead of validating before doing the subtraction...
I do indeed. It seems like asking "did it overflow?" is more
straight-forward and eas
On Tue, May 26, 2015 at 3:56 PM, Dan Carpenter wrote:
>> elt->length is a u8, so the upper bound is 255.
>
> Yes. I know that, but is 255 correct?
Eventually body->data is passed to oz_hcd_get_desc_cnf along with
data_len. In there, body->data (now called desc) is memcpy&
"first %d\n", nalloc);
>> }
>
>Don't split string literals, it makes them hard to grep for.
Will fix. The CWARN will go over 80 characters but from the recent emails that
is more acceptable.
If this is the only problem then this patch set it ready. I have
>> >
>> >Don't split string literals, it makes them hard to grep for.
>>
>> Will fix. The CWARN will go over 80 characters but from the recent emails
>> that is more acceptable.
>> If this is the only problem then this patch set it ready.
>
>N
On Thu, May 28, 2015 at 1:04 PM, Dan Carpenter wrote:
> It's really not simpler to understand though.
Greg - do you want me to resubmit a v3 for this, or does it not really
matter and we can address this in another series? Personally, I'm
erring on the side of wanting to get *some
Since elt->length is a u8, we can make this variable a u8. Then we can
do proper bounds checking more easily. Without this, a potentially
negative value is passed to the memcpy inside oz_hcd_get_desc_cnf,
resulting in a remotely exploitable heap overflow with network
supplied data.
This co
This is v3 for this patch series, enhancing readability.
The ozwpan driver accepts network packets, parses them, and converts
them into various USB functionality. There are numerous security
vulnerabilities in the handling of these packets. Two of them result in
a memcpy(kernel_buffer
A network supplied parameter was not checked before division, leading to
a divide-by-zero. Since this happens in the softirq path, it leads to a
crash. A PoC follows below, which requires the ozprotocol.h file from
this module.
=-=-=-=-=-=
#include
#include
#include
#include
#include
Using signed integers, the subtraction between required_size and offset
could wind up being negative, resulting in a memcpy into a heap buffer
with a negative length, resulting in huge amounts of network-supplied
data being copied into the heap, which could potentially lead to remote
code
The subtraction here was using a signed integer and did not have any
bounds checking at all. This commit adds proper bounds checking, made
easy by use of an unsigned integer. This way, a single packet won't be
able to remotely trigger a massive loop, locking up the system for a
considerable a
---
drivers/staging/comedi/drivers/adv_pci1724.c | 6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/drivers/staging/comedi/drivers/adv_pci1724.c
b/drivers/staging/comedi/drivers/adv_pci1724.c
index f7a7dab..9677111 100644
--- a/drivers/staging/comedi/drivers/adv_pci1724.c
Replace unnecessary conditional checks for variable 'ret' and replace
by single return statement.
Signed-off-by: Abhishek Sharma
diff --git a/drivers/staging/comedi/drivers/adv_pci1724.c
b/drivers/staging/comedi/drivers/adv_pci1724.c
index f7a7dab..9677111 100644
--- a/drivers/stag
On Fri, May 29, 2015 at 2:41 PM, Dan Carpenter wrote:
> Acked-by: Dan Carpenter
Acked for the rest of the set too?
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
1 - 100 of 428 matches
Mail list logo
