|
|
|
|
|
|
|
|
|
|
xen-ia64-devel
Re: [Xen-ia64-devel] [PATCH] Fix vulnerability of copy_to_user in PAL em
On Wed, 2007-12-12 at 07:17 +0100, Tristan Gingold wrote:
> My latest idea on this subject:
>
> The buffers are small: 64 bytes. So, instead of passing a buffer address,
> return the buffer by register (using scratch register r14-r21). The PAL
> stub can then save it to memory. I think this approach is the simplest
> one.
PAL_BRAND_INFO takes 128 bytes, but probably still feasible.
Interesting idea.
Alex
--
Alex Williamson HP Open Source & Linux Org.
_______________________________________________
Xen-ia64-devel mailing list
Xen-ia64-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-ia64-devel
|
|
|
|
|