On Tue, 2010-02-09 at 18:52 +0100, ext Ramos Falcon, Ernesto wrote: > > >-----Original Message----- > >From: Ameya Palande [mailto:ameya.palande@xxxxxxxxx] > >Sent: Tuesday, February 09, 2010 11:32 AM > >To: Ramos Falcon, Ernesto > >Cc: linux-omap@xxxxxxxxxxxxxxx; Contreras Felipe (Nokia-D/Helsinki); Doyu > >Hiroshi (Nokia-D/Helsinki) > >Subject: Re: [PATCH] DSPBRIDGE: Validate node handle from user > > > >Hi Ernesto, > > > >On Tue, 2010-02-09 at 18:08 +0100, ext Ramos Falcon, Ernesto wrote: > >> From 8310b586b025b0703c3951560849c4ea0250b6e1 Mon Sep 17 00:00:00 2001 > >> From: Ernesto Ramos <ernesto@xxxxxx> > >> Date: Fri, 29 Jan 2010 16:21:59 -0600 > >> Subject: [PATCH] DSPBRIDGE: Validate node handle from user. > >> > >> Add checks to validate the node handles received from user. > >> > >> Signed-off-by: Ernesto Ramos <ernesto@xxxxxx> > >> --- > >> drivers/dsp/bridge/pmgr/wcd.c | 91 ++++++++++++++++++++- > >> drivers/dsp/bridge/rmgr/node.c | 174 +++++++++++++--------------------- > >----- > >> 2 files changed, 146 insertions(+), 119 deletions(-) > >> > >> diff --git a/drivers/dsp/bridge/pmgr/wcd.c > >b/drivers/dsp/bridge/pmgr/wcd.c > >> index 74654dc..2e6eeb0 100644 > >> --- a/drivers/dsp/bridge/pmgr/wcd.c > >> +++ b/drivers/dsp/bridge/pmgr/wcd.c > >> @@ -1066,6 +1066,24 @@ u32 PROCWRAP_Stop(union Trapped_Args *args, void > >*pr_ctxt) > >> return retVal; > >> } > >> > >> +bool validate_node_handle(struct NODE_OBJECT *hNode, void *pr_ctxt) > >> +{ > >> + bool retVal = false; > >> + struct PROCESS_CONTEXT *pCtxt = pr_ctxt; > >> + struct NODE_RES_OBJECT *pNode = pCtxt->pNodeList; > >> + > >> + if (hNode == (struct NODE_OBJECT *) DSP_HGPPNODE) > >> + retVal = true; > >> + > >> + while (pNode && !retVal) { > >> + if (hNode == pNode->hNode) > > > >If you have several nodes allocated by user space, then what you are > >validating here is for any node! Is that ok? > > > >This validation and design itself doesn't look good to me. If we don't > >want to trust user space, then instead of checking the node handle in > >every function it is better to store all user space specific date inside > >pr_context and use it from there. > > > > The user can launch several nodes, how are we going to know which node handle to use? > I think we may need to receive at least one index or id to the node handle. Yes, I guess thats the correct way! We need to maintain how many nodes are allocated for a user process, and just make sure that this id / index is <= number of allocated nodes. Cheers, Ameya. -- To unsubscribe from this list: send the line "unsubscribe linux-omap" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
