From: Frank Rowand <frowand.list@gmail.com>
To: Geert Uytterhoeven <geert+renesas@glider.be>,
Pantelis Antoniou <pantelis.antoniou@konsulko.com>,
Rob Herring <robh+dt@kernel.org>
Cc: devicetree@vger.kernel.org, linux-renesas-soc@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH 0/2] of: overlay: Crash fix and improvement
Date: Fri, 8 Dec 2017 22:01:42 -0800 [thread overview]
Message-ID: <f78620d2-7a6d-b90e-d773-9e3cc3d0cb6a@gmail.com> (raw)
In-Reply-To: <1512738783-17452-1-git-send-email-geert+renesas@glider.be>
On 12/08/17 05:13, Geert Uytterhoeven wrote:
> Hi Pantelis, Rob, Frank,
>
> This patch series fixes memory corruption when applying overlays.
>
> I first noticed this when using OF configfs. After lots of failed
> debugging attempts, I bisected it to "of: overlay: add per overlay sysfs
> attributes", which is not upstream. But that was a red herring: that
> commit enlarged struct fragment to exactly 64-bytes, which just made it
> more likely to cause random corruption when writing beyond the end of an
> array of fragment structures. With the smaller structure size before,
> such writes usually ended up in the unused holes between allocated
> blocks, causing no harm.
>
> The first patch is the real fix, and applies to both v4.15-rc2 and Rob's
> for-next branch.
> The second patch is a small improvement, and applies to Rob's for-next
> branch only.
Overlay FDT files should not have invalid contents. But they inevitably
will, so the code has to handle those cases. Thanks for finding this
problem and making the code better!
For the full series:
Reviewed-by: Frank Rowand <frank.rowand@sony.com>
> I've updated my topic/overlays and topic/renesas-overlays branches at
> git://git.kernel.org/pub/scm/linux/kernel/git/geert/renesas-drivers.git
> accordingly.
>
> Thanks!
>
> Geert Uytterhoeven (2):
> of: overlay: Fix out-of-bounds write in init_overlay_changeset()
> of: overlay: Make node skipping in init_overlay_changeset() clearer
>
> drivers/of/overlay.c | 22 ++++++++++++----------
> 1 file changed, 12 insertions(+), 10 deletions(-)
>
next prev parent reply other threads:[~2017-12-09 6:01 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-08 13:13 [PATCH 0/2] of: overlay: Crash fix and improvement Geert Uytterhoeven
2017-12-08 13:13 ` [PATCH 1/2] of: overlay: Fix out-of-bounds write in init_overlay_changeset() Geert Uytterhoeven
2017-12-08 13:13 ` [PATCH 2/2] of: overlay: Make node skipping in init_overlay_changeset() clearer Geert Uytterhoeven
2017-12-08 15:11 ` [PATCH 0/2] of: overlay: Crash fix and improvement Rob Herring
2017-12-08 15:24 ` Geert Uytterhoeven
2017-12-09 6:01 ` Frank Rowand [this message]
2017-12-09 9:04 ` Geert Uytterhoeven
2017-12-11 22:33 ` Frank Rowand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f78620d2-7a6d-b90e-d773-9e3cc3d0cb6a@gmail.com \
--to=frowand.list@gmail.com \
--cc=devicetree@vger.kernel.org \
--cc=geert+renesas@glider.be \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-renesas-soc@vger.kernel.org \
--cc=pantelis.antoniou@konsulko.com \
--cc=robh+dt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).