[PATCH 1/2] staging: vc04_services: Fix unportable cast in vchiq_copy_from_user

Michael Zoran mzoran at crowfest.net
Mon Oct 24 12:12:12 UTC 2016


On Mon, 2016-10-24 at 14:58 +0300, Dan Carpenter wrote:
> On Mon, Oct 24, 2016 at 04:39:49AM -0700, Michael Zoran wrote:
> > On Mon, 2016-10-24 at 14:36 +0300, Dan Carpenter wrote:
> > > On Mon, Oct 24, 2016 at 04:09:37AM -0700, Michael Zoran wrote:
> > > > I didn't think it looked totally correct, but I'm not sure it's
> > > > any
> > > > more broken then what is already in the tree.
> > > 
> > > It's not more broken.  But better to leave the compile warning
> > > there
> > > to
> > > mark that it is an obvious security problem.
> > > 
> > > > 
> > > > If you can kindly point me to some other source code or
> > > > documentation
> > > > to look at that is correct, I'm more then willing to fix the
> > > > patch.
> > > > 
> > > 
> > > I was hoping the maintainers could chip in, because I didn't want
> > > to
> > > look at the code.  We really need to track which are use pointers
> > > and
> > > which are kernel pointers.  We can't mix them like this.
> > > 
> > > regards,
> > > dan carpenter
> > > 
> > 
> > The problem is that I'm mostly interested in arm64 ATM, and I don't
> > think the existing code works at all with 64 bit pointers.
> > 
> > Broken as it may be...
> 
> It's a security issue.  We'll get this fixed in a day or two.
> 
> regards,
> dan carpenter

If security is a major goal with this driver, I think the whole driver
needs to be thrown out the door and rewritten from scratch!

This driver is for the Raspberry PI and a very, very big assumption
that is in the whole architecture is that local processes are trusted. 
I can give you probably a phone book of issues like this with this
driver, but I'm thinking that's outside the scope of this patch set and
outside the scope of what I'm trying to do.


More information about the devel mailing list