[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-ia64-devel] [PATCH] Fix vulnerability of copy_to_user in PAL emulation

On Wed, 2007-12-12 at 07:17 +0100, Tristan Gingold wrote:
> My latest idea on this subject:
> 
> The buffers are small: 64 bytes.  So, instead of passing a buffer address,
> return the buffer by register (using scratch register r14-r21).  The PAL
> stub can then save it to memory.  I think this approach is the simplest
> one.

   PAL_BRAND_INFO takes 128 bytes, but probably still feasible.
Interesting idea.

        Alex

-- 
Alex Williamson                             HP Open Source & Linux Org.


_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.