[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kernel-janitors
Subject:    AW: [PATCH] staging: gasket: Fix sizeof() in gasket_handle_ioctl()
From:       Walter Harms <wharms () bfs ! de>
Date:       2021-03-09 16:57:59
Message-ID: 8fda6445b7944426a45a944b777c52fe () bfs ! de
[Download RAW message or body]

why not mark it as "Deprecated" and remove it with the next version ? Maybe=
 soneone will wakeup ?

re,
 wh
________________________________________
Von: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Gesendet: Dienstag, 9. M=E4rz 2021 14:26:55
An: Dan Carpenter
Cc: Rob Springer; devel@driverdev.osuosl.org; kernel-janitors@vger.kernel.o=
rg; John Joseph; Simon Que; Richard Yeh; Todd Poynor
Betreff: Re: [PATCH] staging: gasket: Fix sizeof() in gasket_handle_ioctl()

On Fri, Jan 22, 2021 at 06:01:13PM +0300, Dan Carpenter wrote:
> The "gasket_dev->num_page_tables" variable is an int but this is copying
> sizeof(u64).  On 32 bit systems this would end up disclosing a kernel
> pointer to user space, but on 64 bit it copies zeroes from a struct
> hole.
>
> Fixes: 9a69f5087ccc ("drivers/staging: Gasket driver framework + Apex dri=
ver")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> ---
> This is an API change.  Please review this carefully!  Another potential
> fix would be to make ->num_page_tables a long instead of an int.
>
>  drivers/staging/gasket/gasket_ioctl.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Looks like this driver is dead, with no response from anyone from
Google.

Should I just delete it?  The goal of using normal apis and getting this
out of staging seems to have totally died, so it shouldn't even still be
living in the kernel tree.  Even if having it here actually finds
security issues that the authors missed like this :(

So, any objection to me deleting it?

thanks,

greg k-h
[prev in list] [next in list] [prev in thread] [next in thread]