From 505690f505915cca63cb335a2393cf0e1737c23d Mon Sep 17 00:00:00 2001 From: prsethi Date: Wed, 15 Mar 2023 09:15:13 +0000 Subject: [PATCH] gpu: nvgpu: add validation check for domain name Currently there is no validation checks for domain name used in domain create command which can cause some security risk. Patch enable the validation for domain name by only allowing char from ([a-z], [A-Z], [0-9], -, _) list. Bug 3994374 Change-Id: Ia2cb6f533ed136e74e7a72934ad5267803d1236d Signed-off-by: prsethi Reviewed-on: https://git-master.nvidia.com/r/c/linux-nvgpu/+/2871515 Tested-by: mobile promotions Reviewed-by: mobile promotions --- drivers/gpu/nvgpu/common/nvs/nvs_sched.c | 8 +++++++ drivers/gpu/nvgpu/common/utils/string.c | 28 +++++++++++++++++++++++- drivers/gpu/nvgpu/include/nvgpu/string.h | 14 +++++++++++- 3 files changed, 48 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/nvgpu/common/nvs/nvs_sched.c b/drivers/gpu/nvgpu/common/nvs/nvs_sched.c index 8675c682e..3697328d2 100644 --- a/drivers/gpu/nvgpu/common/nvs/nvs_sched.c +++ b/drivers/gpu/nvgpu/common/nvs/nvs_sched.c @@ -25,6 +25,7 @@ #include #include +#include #include #include #include @@ -33,6 +34,7 @@ #ifdef CONFIG_NVGPU_GSP_SCHEDULER #include #endif + static struct nvs_sched_ops nvgpu_nvs_ops = { .preempt = NULL, .recover = NULL, @@ -879,6 +881,12 @@ int nvgpu_nvs_add_domain(struct gk20a *g, const char *name, u64 timeslice, return -EINVAL; } + err = nvgpu_string_validate(name); + if (err != 0) { + nvgpu_err(g, "Domain Name %s is Invalid.\n", name); + return err; + } + nvgpu_mutex_acquire(&g->sched_mutex); if (nvs_domain_by_name(g->scheduler->sched, name) != NULL) { diff --git a/drivers/gpu/nvgpu/common/utils/string.c b/drivers/gpu/nvgpu/common/utils/string.c index 503f21bec..74bc71f64 100644 --- a/drivers/gpu/nvgpu/common/utils/string.c +++ b/drivers/gpu/nvgpu/common/utils/string.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2021, NVIDIA CORPORATION. All rights reserved. + * Copyright (c) 2018-2023, NVIDIA CORPORATION. All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a * copy of this software and associated documentation files (the "Software"), @@ -131,3 +131,29 @@ ret: /* Return number of bytes (or chars) copied */ return nvgpu_safe_cast_u64_to_u32(strlen(dest)); } + +s32 nvgpu_string_validate(const char *name) +{ + s32 i = 0; + + /* Run the loop until '\0' is not found. */ + while (name[i] != '\0') { + /* Imposed string max limit of 32. */ + if (i > 31) { + return -EPERM; + } + + if ((name[i] >= '0' && name[i] <= '9') || + (name[i] >= 'A' && name[i] <= 'Z') || + (name[i] >= 'a' && name[i] <= 'z') || + (name[i] == '-') || (name[i] == '_')) { + i++; + continue; + } else { + return -EINVAL; + } + + } + + return 0; +} diff --git a/drivers/gpu/nvgpu/include/nvgpu/string.h b/drivers/gpu/nvgpu/include/nvgpu/string.h index f5d0641c2..640a67c36 100644 --- a/drivers/gpu/nvgpu/include/nvgpu/string.h +++ b/drivers/gpu/nvgpu/include/nvgpu/string.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2018-2022, NVIDIA CORPORATION. All rights reserved. + * Copyright (c) 2018-2023, NVIDIA CORPORATION. All rights reserved. * * Permission is hereby granted, free of charge, to any person obtaining a * copy of this software and associated documentation files (the "Software"), @@ -134,4 +134,16 @@ bool nvgpu_mem_is_word_aligned(struct gk20a *g, u8 *addr); u32 nvgpu_str_join(char *dest, u32 dest_len, const char **src_str_list, u32 str_list_len, const char *joiner); +/** + * @brief Validate the string. + * + * API helps to validate the string for filenames. It checks if string is having + * any of ([a-z], [A-Z], [0-9], -, _) characters. + * + * @param name [in] Pointer to filename string. + * + * @retval 0 if string is having only expected characters. + * @retval -EINVAL in case of failure. + */ +s32 nvgpu_string_validate(const char *name); #endif /* NVGPU_STRING_H */