Ed Maste 8276c4149b mpr/mps/mpt: verify cfg page ioctl lengths ... *_CFG_PAGE ioctl handlers in the mpr, mps, and mpt drivers allocated a buffer of a caller-specified size, but copied to it a fixed size header. Add checks that the size is at least the required minimum. Note that the device nodes are owned by root:operator with 0640 permissions so the ioctls are not available to unprivileged users. This change includes suggestions from scottl, markj and mav. Two of the mpt cases were reported by Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative; scottl reported the third case in mpt. Same issue found in mpr and mps after discussion with imp. Reported by: Lucas Leong (@_wmliang_), Trend Micro Zero Day Initiative Reviewed by: imp, mav MFC after: 3 days Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34692		2022-03-28 20:35:47 -04:00
..
mpi	mpr: clean up empty lines in .c and .h files	2020-09-01 22:07:12 +00:00
mpr.c	mps/mpr: Relax doorbell polling precision.	2022-01-07 21:34:49 -05:00
mpr_config.c	mps/mpr: Add missing newlines in error messages.	2022-02-22 15:08:22 -05:00
mpr_ioctl.h	mpr: clean up empty lines in .c and .h files	2020-09-01 22:07:12 +00:00
mpr_mapping.c	mpr/mps(4): Make device mapping some more robust.	2021-04-23 23:36:51 -04:00
mpr_mapping.h	Update copyright information	2018-12-26 10:43:31 +00:00
mpr_pci.c	Refine the busdma template interface. Provide tools for filling in fields	2020-09-14 05:58:12 +00:00
mpr_sas.c	mpr/mps: Fix a race in diagnostic reset	2022-01-25 19:15:46 -07:00
mpr_sas.h	mpr/mps: Remove write-only flag and callout	2022-01-24 13:21:09 -07:00
mpr_sas_lsi.c	mps/mpr: Add missing newlines in error messages.	2022-02-22 15:08:22 -05:00
mpr_table.c	Fix "set but not used" warnings in the mpr driver. This fixes a minor	2021-11-25 03:28:29 +00:00
mpr_table.h
mpr_user.c	mpr/mps/mpt: verify cfg page ioctl lengths	2022-03-28 20:35:47 -04:00
mprvar.h	mpr(4): Handle mprsas_alloc_tm() errors on device removal.	2021-08-20 10:03:32 -04:00