Commit Graph

20 Commits

Author SHA1 Message Date
Kees Cook
20928bd3f0 sparc: fix ldom_reboot buffer overflow harder
The length argument to strlcpy was still wrong. It could overflow the end of
full_boot_str by 5 bytes. Instead of strcat and strlcpy, just use snprint.

Reported-by: Brad Spengler <spender@grsecurity.net>
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-10-02 20:01:56 -04:00
David S. Miller
2bd161a605 sparc64: Fix buggy strlcpy() conversion in ldom_reboot().
Commit 117a0c5fc9 ("sparc: kernel: using
strlcpy() instead of strcpy()") added a bug to ldom_reboot in
arch/sparc/kernel/ds.c

-		strcpy(full_boot_str + strlen("boot "), boot_command);
+				     strlcpy(full_boot_str + strlen("boot "), boot_command,
+				     			     sizeof(full_boot_str + strlen("boot ")));

That last sizeof() expression evaluates to sizeof(size_t) which is
not what was intended.

Also even the corrected:

     sizeof(full_boot_str) + strlen("boot ")

is not right as the destination buffer length is just plain
"sizeof(full_boot_str)" and that's what the final argument
should be.

Signed-off-by: David S. Miller <davem@davemloft.net>
2013-09-27 13:46:04 -07:00
Paul Gortmaker
2066aadd53 sparc: delete __cpuinit/__CPUINIT usage from all users
The __cpuinit type of throwaway sections might have made sense
some time ago when RAM was more constrained, but now the savings
do not offset the cost and complications.  For example, the fix in
commit 5e427ec2d0 ("x86: Fix bit corruption at CPU resume time")
is a good example of the nasty type of bugs that can be created
with improper use of the various __init prefixes.

After a discussion on LKML[1] it was decided that cpuinit should go
the way of devinit and be phased out.  Once all the users are gone,
we can then finally remove the macros themselves from linux/init.h.

Note that some harmless section mismatch warnings may result, since
notify_cpu_starting() and cpu_up() are arch independent (kernel/cpu.c)
are flagged as __cpuinit  -- so if we remove the __cpuinit from
arch specific callers, we will also get section mismatch warnings.
As an intermediate step, we intend to turn the linux/init.h cpuinit
content into no-ops as early as possible, since that will get rid
of these warnings.  In any case, they are temporary and harmless.

This removes all the arch/sparc uses of the __cpuinit macros from
C files and removes __CPUINIT from assembly files.  Note that even
though arch/sparc/kernel/trampoline_64.S has instances of ".previous"
in it, they are all paired off against explicit ".section" directives,
and not implicitly paired with __CPUINIT (unlike mips and arm were).

[1] https://lkml.org/lkml/2013/5/20/589

Cc: "David S. Miller" <davem@davemloft.net>
Cc: sparclinux@vger.kernel.org
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
2013-07-14 19:36:52 -04:00
Chen Gang
f118e9abdd arch: sparc: kernel: check the memory length before use strcpy().
For the related next strcpy(), the destination length is less than 512,
but the source maximize length may be 'OPROMMAXPARAM' (4096) which is
more than 512.

One work flow may:
  openprom_sunos_ioctl() ->  if (cmd == OPROMSETOPT)
    getstrings() ->  will alloc buffer with size 'OPROMMAXPARAM'.
    opromsetopt() ->  devide the buffer into 'var' and 'value'
      of_set_property() -> pass
        prom_setprop() -> pass
          ldom_set_var()

And do not mind the additional 4 alignment buffer increasing, since
'sizeof(pkt) - sizeof(pkt.header)' is 4 alignment at least.

Signed-off-by: Chen Gang <gang.chen@asianux.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-07-10 13:35:51 -07:00
Zhao Hongjiang
117a0c5fc9 sparc: kernel: using strlcpy() instead of strcpy()
'boot_command_line' and 'full_boot_str' has a fix length, 'cmdline_p' and
'boot_command' maybe larger than them. So use strlcpy() instead of strcpy()
to avoid memory overflow.

Signed-off-by: Zhao Hongjiang <zhaohongjiang@huawei.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-19 02:10:29 -07:00
Greg Kroah-Hartman
7c9503b838 SPARC: drivers: remove __dev* attributes.
CONFIG_HOTPLUG is going away as an option.  As a result, the __dev*
markings need to be removed.

This change removes the use of __devinit, __devexit_p, __devinitdata,
and __devexit from these drivers.

Based on patches originally written by Bill Pemberton, but redone by me
in order to handle some of the coding style issues better, by hand.

Cc: Bill Pemberton <wfp5p@virginia.edu>
Cc: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2013-01-03 15:57:04 -08:00
David S. Miller
3423166fdb Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/sparc 2012-04-13 13:32:07 -07:00
David S. Miller
9e0daff30f sparc64: Fix bootup crash on sun4v.
The DS driver registers as a subsys_initcall() but this can be too
early, in particular this risks registering before we've had a chance
to allocate and setup module_kset in kernel/params.c which is
performed also as a subsyts_initcall().

Register DS using device_initcall() insteal.

Signed-off-by: David S. Miller <davem@davemloft.net>
Cc: stable@vger.kernel.org
2012-04-13 11:56:22 -07:00
Benjamin Herrenschmidt
cb52d8970e powerpc+sparc/vio: Modernize driver registration
This makes vio_register_driver() get the module owner & name at compile
time like PCI drivers do, and adds a name pointer directly in struct
vio_driver to avoid having to explicitly initialize the embedded
struct device.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
Acked-by: David S. Miller <davem@davemloft.net>
2012-03-28 11:33:24 +11:00
Joe Perches
e9b57cca3d sparc: Use vsprintf extention %pf with builtin_return_address
Emit the function name not the address when possible.

builtin_return_address() gives an address.  When building
a kernel with CONFIG_KALLSYMS, emit the actual function
name not the address.

Signed-off-by: Joe Perches <joe@perches.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2012-02-28 16:08:02 -05:00
Thomas Meyer
f0a4cf3101 sparc: Use kmemdup rather than duplicating its implementation
The semantic patch that makes this change is available
in scripts/coccinelle/api/memdup.cocci.

Signed-off-by: Thomas Meyer <thomas@m3y3r.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-12-04 10:46:56 -08:00
David S. Miller
c92761fd9e sparc: Don't do hypervisor calls on non-sun4v in DS driver.
Reported-by: Pieter-Paul Giesberts <pieterpg@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-11 17:58:59 -07:00
David S. Miller
ea5e7447ea sparc: Set reboot-cmd using reboot data hypervisor call if available.
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-08-02 21:28:52 -07:00
KOSAKI Motohiro
fb1fece5da sparc: convert old cpumask API into new one
Adapt new API. Almost change is trivial, most important change are to
remove following like =operator.

 cpumask_t cpu_mask = *mm_cpumask(mm);
 cpus_allowed = current->cpus_allowed;

Because cpumask_var_t is =operator unsafe. These usage might prevent
kernel core improvement.

No functional change.

Signed-off-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-05-16 13:38:07 -07:00
David S. Miller
3628aa0657 sparc64: Fix section mis-match errors.
Fix all of the problems spotted by CONFIG_DEBUG_SECTION_MISMATCH under
arch/sparc during a 64-bit defconfig build.

They fall into two categorites:

1) of_device_id is marked as __initdata, and we can never do this
   since these objects sit in the device core data structures way
   past boot.  So even if a driver will never be reloaded, we have
   to keep the device ID table around.

   Mark such cases const instead.

2) The bootmem alloc/free handling code in mdesc.c was not fully
   marked __init as it should be, thus generating a reference
   to free_bootmem_late() (which is __init) from non-__init code.

Signed-off-by: David S. Miller <davem@davemloft.net>
2011-03-30 17:37:56 -07:00
David S. Miller
b696fdc259 sparc64: Defer cpu_data() setup until end of per-cpu data initialization.
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-06-16 04:56:22 -07:00
David S. Miller
a2094502dc sparc64: Make mdesc_fill_in_cpu_data take a cpumask_t pointer.
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-06-16 04:56:21 -07:00
Rusty Russell
e305cb8f09 cpumask: prepare for iterators to only go to nr_cpu_ids/nr_cpumask_bits.: sparc64
Impact: cleanup, futureproof

In fact, all cpumask ops will only be valid (in general) for bit
numbers < nr_cpu_ids.  So use that instead of NR_CPUS in various
places.

This is always safe: no cpu number can be >= nr_cpu_ids, and
nr_cpu_ids is initialized to NR_CPUS at boot.

Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
Signed-off-by: Mike Travis <travis@sgi.com>
Acked-by: Ingo Molnar <mingo@elte.hu>
2009-03-16 14:40:23 +10:30
Sam Ravnborg
9018113649 sparc64: Use unsigned long long for u64.
Andrew Morton wrote:

    People keep on doing

            printk("%llu", some_u64);

    testing it only on x86_64 and this generates a warning storm on
    powerpc, sparc64, etc.  Because they use `long', not `long long'.

    Quite a few 64-bit architectures are using `long' for their
    s64/u64 types.  We should convert them all to `long long'.

Update types.h so we use unsigned long long for u64 and
fix all warnings in sparc64 code.
Tested with an allnoconfig, defconfig and allmodconfig builds.

This patch introduces additional warnings in several drivers.
These will be dealt with in separate patches.

Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-01-06 13:19:28 -08:00
Sam Ravnborg
a88b5ba8bd sparc,sparc64: unify kernel/
o Move all files from sparc64/kernel/ to sparc/kernel
  - rename as appropriate
o Update sparc/Makefile to the changes
o Update sparc/kernel/Makefile to include the sparc64 files

NOTE: This commit changes link order on sparc64!

Link order had to change for either of sparc32 and sparc64.
And assuming sparc64 see more testing than sparc32 change link
order on sparc64 where issues will be caught faster.

Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-12-04 09:17:21 -08:00