Commit Graph

6 Commits (1f81f496a7fb4b86cc0eb04d534c27f1484efa80)

Author SHA1 Message Date
Felix Fietkau edc8daeffe kernel: crashlog: Avoid out-of-bounds write
vsnprintf returns the number of chars that would have been written, not
the actual number of chars written. This can lead to crashlog_buf->len
being too big which in turn can lead to get_maxlen() returning negative
numbers. The length argument of kmsg_dump_get_buffer will be casted to
a size_t which makes a negative input a big positive number allowing
kmsg_dump_get_buffer to write out of bounds.

Fix this by using vscnprintf which returns the actually written number
of chars.

Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@37820 3c298f89-4303-0410-b956-a3cf2f4a3e73
2013-08-21 20:59:25 +00:00
Gabor Juhos 56a3d46583 generic: disable crashlog on ppc
It causes panic on boot:

[    0.194287] __ioremap(): phys addr 0x1f00000 is RAM lr crashlog_init_fs
[    0.200902] Unable to handle kernel paging request for data at address 0x00000000
[    0.208347] Faulting instruction address: 0xc026cb10
[    0.213282] Oops: Kernel access of bad area, sig: 11 [#1]
[    0.218586] PowerPC 40x Platform
[    0.221783] Modules linked in:
[    0.224817] NIP: c026cb10 LR: c026cb10 CTR: c000c1b8
[    0.229745] REGS: c1825ed0 TRAP: 0300   Not tainted  (3.6.11)
[    0.235435] MSR: 00029030 <EE,ME,IR,DR>  CR: 42004082  XER: 00000000
[    0.241745] DEAR: 00000000, ESR: 00000000
[    0.245724] TASK = c181e000[1] 'swapper' THREAD: c1824000
GPR00: c026cb10 c1825f80 c181e000 00000000 0000004b 0000004b c029a4dd 6f675f69
GPR08: 6e69745f c0290440 00000000 00000000 22004084 00000000 01ffc400 004011f8
GPR16: 00000001 ffffffff 00000000 007fff00 01ff6120 01f94298 01fff258 c02631b8
GPR24: c02604bc 00000019 c02a0000 c02a0000 c027c644 00000000 c02c0000 c02bd388
[    0.279089] NIP [c026cb10] crashlog_init_fs+0x30/0xe0
[    0.284095] LR [c026cb10] crashlog_init_fs+0x30/0xe0
[    0.289000] Call Trace:
[    0.291442] [c1825f80] [c026cb10] crashlog_init_fs+0x30/0xe0 (unreliable)
[    0.298185] [c1825f90] [c00023fc] do_one_initcall+0xdc/0x1c8
[    0.303812] [c1825fc0] [c02638c4] kernel_init+0x110/0x1a4
[    0.309154] [c1825ff0] [c000ad4c] kernel_thread+0x4c/0x68
[    0.314488] Instruction dump:
[    0.317429] 9421fff0 7c0802a6 bfc10008 3fc0c02c 90010014 3bfed388 3800fff4 807f0004
[    0.325117] 2f830000 41be00a4 38804000 4bda2809 <81630000> 7c691b78 907ed388 6d605e11

Signed-off-by: Gabor Juhos <juhosg@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34773 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-12-18 20:10:02 +00:00
Florian Fainelli 141f8f453d [kernel] do not build crashlog on sparc too
This is crashing the kernel in crashlog_init_fs(), until fixed, disable it
for SPARC too.

Signed-off-by: Florian Fainelli <florian@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@34213 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-11-16 16:32:33 +00:00
Gabor Juhos 7a14817d2d generic: fix crashlog patch for 3.6
kmsg_dump() uses an iterator to receive log buffer
content since 3.5. Change the 'crashlog_do_dump'
function in order to make it compatible with the
new version.

Signed-off-by: Gabor Juhos <juhosg@openwrt.org>

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33970 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-10-28 09:50:50 +00:00
Florian Fainelli dcde44e37e [kernel] make all 3.6 patches apply and build
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33911 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-10-24 13:05:22 +00:00
Imre Kaloz 648f1d0171 [generic]: linux 3.6 support (work in progress)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@33897 3c298f89-4303-0410-b956-a3cf2f4a3e73
2012-10-23 12:21:34 +00:00