-
Tianlin Li authored
Right now several architectures allow their set_memory_*() family of functions to fail, but callers may not be checking the return values. If set_memory_*() returns with an error, call-site assumptions may be infact wrong to assume that it would either succeed or not succeed at all. Ideally, the failure of set_memory_*() should be passed up the call stack, and callers should examine the failure and deal with it. Need to fix the callers and add the __must_check attribute. They also may not provide any level of atomicity, in the sense that the memory protections may be left incomplete on failure. This issue likely has a few steps on effects architectures: 1) Have all callers of set_memory_*() helpers check the return value. 2) Add __must_check to all set_memory_*() helpers so that new uses do not ignore the return value. 3) Add atomicity to the calls so that the memory protections aren't left in a partial state. This series is part of step 1. Make sram driver check the return value of set_memory_*(). Signed-off-by:Tianlin Li <tli@digitalocean.com> Reviewed-by:
Kees Cook <keescook@chromium.org> Link: https://lore.kernel.org/r/20191217194528.16461-1-tli@digitalocean.comSigned-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org>
c576eddf
