git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Julian Wiedmann <jwi@linux.ibm.com>
	Fri, 2 Nov 2018 18:04:08 +0000 (19:04 +0100)
committer	Thadeu Lima de Souza Cascardo <cascardo@canonical.com>
	Fri, 9 Nov 2018 19:01:06 +0000 (17:01 -0200)
commit	b9e7b8a08ee4ea8bd1ddf6d845377ef108eb01b6
tree	a68b4d8c3d2afe2739dcdef142e2244bede5c2b6	tree
parent	6aaf615ebf16163a104feb74ef30e7f6066f929b	commit \| diff

s390/qeth: sanitize strings in debug messages

BugLink: https://bugs.launchpad.net/bugs/1797367
As Documentation/s390/s390dbf.txt states quite clearly, using any
pointer in sprinf-formatted s390dbf debug entries is dangerous.
The pointers are dereferenced whenever the trace file is read from.
So if the referenced data has a shorter life-time than the trace file,
any read operation can result in a use-after-free.

So rip out all hazardous use of indirect data, and replace any usage of
dev_name() and such by the Bus ID number.

Signed-off-by: Julian Wiedmann <jwi@linux.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
(backported from commit e19e5be8b4cafa8b3f8b0cd1b1dfe20fa0145b83)
[Adjusted for different text in last hunk of qeth_l2_main.c]
Signed-off-by: Frank Heimes <frank.heimes@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Acked-by: Kleber Sacilotto de Souza <kleber.souza@canonical.com>
Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

drivers/s390/net/qeth_core.h		diff \| blob \| blame \| history
drivers/s390/net/qeth_core_main.c		diff \| blob \| blame \| history
drivers/s390/net/qeth_l2_main.c		diff \| blob \| blame \| history
drivers/s390/net/qeth_l3_main.c		diff \| blob \| blame \| history