On Tue, Mar 7, 2017 at 8:22 AM, Namhyung Kim <namhyung@xxxxxxxxx> wrote: > On Tue, Mar 7, 2017 at 6:55 AM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: >> The read/mkfile pair pass the same arguments and should be cleared >> between calls. Move to a structure and wipe it after every loop. >> >> Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx> >> --- >> fs/pstore/platform.c | 55 +++++++++++++++++++++++++++----------------------- >> include/linux/pstore.h | 28 ++++++++++++++++++++++++- >> 2 files changed, 57 insertions(+), 26 deletions(-) >> >> diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c >> index 320a673ecb5b..3fa1575a6e36 100644 >> --- a/fs/pstore/platform.c >> +++ b/fs/pstore/platform.c >> @@ -766,16 +766,9 @@ EXPORT_SYMBOL_GPL(pstore_unregister); >> void pstore_get_records(int quiet) >> { >> struct pstore_info *psi = psinfo; >> - char *buf = NULL; >> - ssize_t size; >> - u64 id; >> - int count; >> - enum pstore_type_id type; >> - struct timespec time; >> + struct pstore_record record = { .psi = psi, }; >> int failed = 0, rc; >> - bool compressed; >> int unzipped_len = -1; >> - ssize_t ecc_notice_size = 0; >> >> if (!psi) >> return; >> @@ -784,39 +777,51 @@ void pstore_get_records(int quiet) >> if (psi->open && psi->open(psi)) >> goto out; >> >> - while ((size = psi->read(&id, &type, &count, &time, &buf, &compressed, >> - &ecc_notice_size, psi)) > 0) { >> - if (compressed && (type == PSTORE_TYPE_DMESG)) { >> + while ((record.size = psi->read(&record.id, &record.type, >> + &record.count, &record.time, >> + &record.buf, &record.compressed, >> + &record.ecc_notice_size, >> + record.psi)) > 0) { >> + if (record.compressed && >> + record.type == PSTORE_TYPE_DMESG) { >> if (big_oops_buf) >> - unzipped_len = pstore_decompress(buf, >> - big_oops_buf, size, >> + unzipped_len = pstore_decompress( >> + record.buf, >> + big_oops_buf, >> + record.size, >> big_oops_buf_sz); >> >> if (unzipped_len > 0) { >> - if (ecc_notice_size) >> + if (record.ecc_notice_size) >> memcpy(big_oops_buf + unzipped_len, >> - buf + size, ecc_notice_size); >> - kfree(buf); >> - buf = big_oops_buf; >> - size = unzipped_len; >> - compressed = false; >> + record.buf + recorrecord.size, > > A typo on record.size. Thanks! Yeah, 0-day noticed this too. I've refreshed the patches in my tree with the correction now. -Kees -- Kees Cook Pixel Security -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html