Re: [PATCH v4 01/11] stm class: Introduce an abstraction for System Trace Module devices

From: Sasha Levin
Date: Sat Dec 05 2015 - 22:40:27 EST

Next message: Finn Thain: "Re: [PATCH 76/71] ncr5380: Enable PDMA for DTC chips"
Previous message: Finn Thain: "Re: [PATCH 73/71] ncr5380: Use runtime register mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 09/22/2015 08:47 AM, Alexander Shishkin wrote:
> +static ssize_t stm_char_write(struct file *file, const char __user *buf,
> + size_t count, loff_t *ppos)
> +{
> + struct stm_file *stmf = file->private_data;
> + struct stm_device *stm = stmf->stm;
> + char *kbuf;
> + int err;
> +
> + /*
> + * if no m/c have been assigned to this writer up to this
> + * point, use "default" policy entry
> + */
> + if (!stmf->output.nr_chans) {
> + err = stm_file_assign(stmf, "default", 1);
> + /*
> + * EBUSY means that somebody else just assigned this
> + * output, which is just fine for write()
> + */
> + if (err && err != -EBUSY)
> + return err;
> + }
> +
> + kbuf = kmalloc(count + 1, GFP_KERNEL);

This bit allows for user-controllable kmalloc() allocation lengths, including
a possible overflow.

Thanks,
Sasha
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Finn Thain: "Re: [PATCH 76/71] ncr5380: Enable PDMA for DTC chips"
Previous message: Finn Thain: "Re: [PATCH 73/71] ncr5380: Use runtime register mapping"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]