On Fri, Sep 16, 2016 at 02:44:37PM +0300, Dan Carpenter wrote:
> On Thu, Sep 15, 2016 at 04:19:03PM +0200, Christian Gromm wrote:
> > From: Andrey Shvetsov <andrey.shvet...@k2l.de>
> > 
> > The DIM2 HDM checks the parameters passed to the function
> > configure_channel() and adapts the buffer sizes of the configuration
> > according to the hardware limitation. This patch is needed to init
> > the HAL layer with the correct values.
> > 
> Correct values are good, but what are the user visible effects of this
> bug?  I assume it's memory corruption.  How is it triggered?  Are there
> security implications?
Independent of the patch in the case where the user space configures the
channel with the buffer size that is consistent to the rest of the
channel parameters, the function configure_channel just returns 0,
otherwise the HDM adapts the buffer size to the next apropriate smaller
value.  The corrected value is visible in the sysfs.

This patch does not fix/bring any security issues.

The MBOs in the case where the function configure_channel returns 0 will
be allocated with the appropriate size independent of the patch.

The enqueue path of the DIM2 HAL checks the size of the buffer to
prevent any corruptions independent of the patch. 

The user visible effect of the patch is the expected behavior of the HDM
where the HDM helps to find out the correct buffer size according to the
complex rules of the INIC interfaces.


devel mailing list

Reply via email to