linux-hardened/drivers/firewire
Jay Fenlason 551f4cb9de firewire: prevent userspace from accessing shut down devices
If userspace ignores the POLLERR bit from poll(), and only attempts to
read() the device when POLLIN is set, it can still make ioctl() calls on
a device that has been removed from the system.  The node_id and
generation returned by GET_INFO will be outdated, but INITIATE_BUS_RESET
would still cause a bus reset, and GET_CYCLE_TIMER will return data.
And if you guess the correct generation to use, you can send requests to
a different device on the bus, and get responses back.

This patch prevents open, ioctl, compat_ioctl, and mmap against shutdown
devices.

Signed-off-by: Jay Fenlason <fenlason@redhat.com>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
2008-05-20 18:24:17 +02:00
..
fw-card.c firewire: cleanups 2008-04-18 17:55:37 +02:00
fw-cdev.c firewire: prevent userspace from accessing shut down devices 2008-05-20 18:24:17 +02:00
fw-device.c Convert asm/semaphore.h users to linux/semaphore.h 2008-04-18 22:22:54 -04:00
fw-device.h firewire: reread config ROM when device reset the bus 2008-04-18 17:55:36 +02:00
fw-iso.c firewire: cleanups 2008-04-18 17:55:37 +02:00
fw-ohci.c firewire: remove unused struct member 2008-04-18 17:55:36 +02:00
fw-ohci.h firewire: fw-ohci: log regAccessFail events 2008-04-18 17:55:34 +02:00
fw-sbp2.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6 2008-05-02 13:52:35 -07:00
fw-topology.c firewire: fix synchronization of gap counts 2008-04-18 17:55:36 +02:00
fw-topology.h firewire: reread config ROM when device reset the bus 2008-04-18 17:55:36 +02:00
fw-transaction.c drivers: Remove unnecessary inclusions of asm/semaphore.h 2008-04-18 22:16:32 -04:00
fw-transaction.h firewire: cleanups 2008-04-18 17:55:37 +02:00
Kconfig firewire: debug interrupt events 2008-04-18 17:55:34 +02:00
Makefile firewire: prefix modules with firewire- instead of fw- 2007-05-27 23:21:01 +02:00