aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-05-22 11:19:20 +0200
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>2017-05-22 11:19:20 +0200
commit32c95828dc1374643ffcb1addf516907f41b5e10 (patch)
treec28ca51754363bf219a74b3d362f83eece593503
parent3b7788d1aea6b90fe52aec889e79aad8b10c0b12 (diff)
downloadpatches-32c95828dc1374643ffcb1addf516907f41b5e10.tar.gz
usb patch
Diffstat
-rw-r--r--series1
-rw-r--r--usb-core-replace-p-with-pk.patch122
2 files changed, 123 insertions, 0 deletions
diff --git a/series b/series
index bfb1855d3ca3ad..5438249be09b74 100644
--- a/series
+++ b/series
@@ -1,4 +1,5 @@
#goldfish_pipe-an-implementation-of-more-parallel-pipe.patch
+usb-core-replace-p-with-pk.patch
lib-vsprintf-additional-kernel-pointer-filtering-options.patch
lib-vsprintf-whitelist-stack-traces.patch
lib-vsprintf-physical-address-kernel-pointer-filtering-options.patch
diff --git a/usb-core-replace-p-with-pk.patch b/usb-core-replace-p-with-pk.patch
new file mode 100644
index 00000000000000..489eae2e4c559b
--- /dev/null
+++ b/usb-core-replace-p-with-pk.patch
@@ -0,0 +1,122 @@
+From foo@baz Tue May 16 12:08:33 CEST 2017
+Date: Tue, 16 May 2017 12:08:33 +0200
+To: Greg KH <gregkh@linuxfoundation.org>
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Subject: [PATCH] USB: core: replace %p with %pK
+
+From: Vamsi Krishna Samavedam <vskrishn@codeaurora.org>
+
+Format specifier %p can leak kernel addresses while not valuing the
+kptr_restrict system settings. When kptr_restrict is set to (1), kernel
+pointers printed using the %pK format specifier will be replaced with
+Zeros. Debugging Note : &pK prints only Zeros as address. If you need
+actual address information, write 0 to kptr_restrict.
+
+echo 0 > /proc/sys/kernel/kptr_restrict
+
+[Found by poking around in a random vendor kernel tree, it would be nice
+if someone would actually send these types of patches upstream - gkh]
+
+Signed-off-by: Vamsi Krishna Samavedam <vskrishn@codeaurora.org>
+Cc: stable <stable@vger.kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+
+---
+ drivers/usb/core/devio.c | 14 +++++++-------
+ drivers/usb/core/hcd.c | 4 ++--
+ drivers/usb/core/urb.c | 2 +-
+ 3 files changed, 10 insertions(+), 10 deletions(-)
+
+--- a/drivers/usb/core/devio.c
++++ b/drivers/usb/core/devio.c
+@@ -475,11 +475,11 @@ static void snoop_urb(struct usb_device
+
+ if (userurb) { /* Async */
+ if (when == SUBMIT)
+- dev_info(&udev->dev, "userurb %p, ep%d %s-%s, "
++ dev_info(&udev->dev, "userurb %pK, ep%d %s-%s, "
+ "length %u\n",
+ userurb, ep, t, d, length);
+ else
+- dev_info(&udev->dev, "userurb %p, ep%d %s-%s, "
++ dev_info(&udev->dev, "userurb %pK, ep%d %s-%s, "
+ "actual_length %u status %d\n",
+ userurb, ep, t, d, length,
+ timeout_or_status);
+@@ -1895,7 +1895,7 @@ static int proc_reapurb(struct usb_dev_s
+ if (as) {
+ int retval;
+
+- snoop(&ps->dev->dev, "reap %p\n", as->userurb);
++ snoop(&ps->dev->dev, "reap %pK\n", as->userurb);
+ retval = processcompl(as, (void __user * __user *)arg);
+ free_async(as);
+ return retval;
+@@ -1912,7 +1912,7 @@ static int proc_reapurbnonblock(struct u
+
+ as = async_getcompleted(ps);
+ if (as) {
+- snoop(&ps->dev->dev, "reap %p\n", as->userurb);
++ snoop(&ps->dev->dev, "reap %pK\n", as->userurb);
+ retval = processcompl(as, (void __user * __user *)arg);
+ free_async(as);
+ } else {
+@@ -2043,7 +2043,7 @@ static int proc_reapurb_compat(struct us
+ if (as) {
+ int retval;
+
+- snoop(&ps->dev->dev, "reap %p\n", as->userurb);
++ snoop(&ps->dev->dev, "reap %pK\n", as->userurb);
+ retval = processcompl_compat(as, (void __user * __user *)arg);
+ free_async(as);
+ return retval;
+@@ -2060,7 +2060,7 @@ static int proc_reapurbnonblock_compat(s
+
+ as = async_getcompleted(ps);
+ if (as) {
+- snoop(&ps->dev->dev, "reap %p\n", as->userurb);
++ snoop(&ps->dev->dev, "reap %pK\n", as->userurb);
+ retval = processcompl_compat(as, (void __user * __user *)arg);
+ free_async(as);
+ } else {
+@@ -2489,7 +2489,7 @@ static long usbdev_do_ioctl(struct file
+ #endif
+
+ case USBDEVFS_DISCARDURB:
+- snoop(&dev->dev, "%s: DISCARDURB %p\n", __func__, p);
++ snoop(&dev->dev, "%s: DISCARDURB %pK\n", __func__, p);
+ ret = proc_unlinkurb(ps, p);
+ break;
+
+--- a/drivers/usb/core/hcd.c
++++ b/drivers/usb/core/hcd.c
+@@ -1723,7 +1723,7 @@ int usb_hcd_unlink_urb (struct urb *urb,
+ if (retval == 0)
+ retval = -EINPROGRESS;
+ else if (retval != -EIDRM && retval != -EBUSY)
+- dev_dbg(&udev->dev, "hcd_unlink_urb %p fail %d\n",
++ dev_dbg(&udev->dev, "hcd_unlink_urb %pK fail %d\n",
+ urb, retval);
+ usb_put_dev(udev);
+ }
+@@ -1890,7 +1890,7 @@ rescan:
+ /* kick hcd */
+ unlink1(hcd, urb, -ESHUTDOWN);
+ dev_dbg (hcd->self.controller,
+- "shutdown urb %p ep%d%s%s\n",
++ "shutdown urb %pK ep%d%s%s\n",
+ urb, usb_endpoint_num(&ep->desc),
+ is_in ? "in" : "out",
+ ({ char *s;
+--- a/drivers/usb/core/urb.c
++++ b/drivers/usb/core/urb.c
+@@ -338,7 +338,7 @@ int usb_submit_urb(struct urb *urb, gfp_
+ if (!urb || !urb->complete)
+ return -EINVAL;
+ if (urb->hcpriv) {
+- WARN_ONCE(1, "URB %p submitted while active\n", urb);
++ WARN_ONCE(1, "URB %pK submitted while active\n", urb);
+ return -EBUSY;
+ }
+
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-15 10:10:56 +0000