diff options
author | Yuval Mintz <yuvalmin@broadcom.com> | 2013-10-20 16:51:27 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2013-10-22 00:31:35 +0200 |
commit | 1a6974b2c78755ae55d7be738866eb8d57c3ed45 (patch) | |
tree | 5835074f923433306647acbca03f0a7087d288e4 /security | |
parent | bnx2x: Fix Maximum CoS estimation for VFs (diff) | |
download | linux-1a6974b2c78755ae55d7be738866eb8d57c3ed45.tar.xz linux-1a6974b2c78755ae55d7be738866eb8d57c3ed45.zip |
bnx2x: Prevent an illegal pointer dereference during panic
During a panic, the driver tries to print the Management FW buffer of recent
commands. To do so, the driver reads the address of that buffer from a known
address. If the buffer is unavailable (e.g., PCI reads don't work, MCP is
failing, etc.), the driver will try to access the address it has read, possibly
causing a kernel panic.
This check 'sanitizes' the access, validating the read value is indeed a valid
address inside the management FW's buffers.
The patch also removes a read outside the scope of the buffer, which resulted
in some unrelated chraracters appearing in the log.
Signed-off-by: Yuval Mintz <yuvalmin@broadcom.com>
Signed-off-by: Dmitry Kravkov <dmitry@broadcom.com>
Signed-off-by: Eilon Greenstein <eilong@broadcom.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'security')
0 files changed, 0 insertions, 0 deletions