lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6453C3CB8E2B3646B0D020C112613273C5AC6D@sausexmb4.amd.com>
Date:	Thu, 14 Aug 2008 09:02:34 -0500
From:	"Langsdorf, Mark" <mark.langsdorf@....com>
To:	"Pavel Machek" <pavel@...e.cz>
CC:	"Greg KH" <greg@...ah.com>,
	"Deguara, Joachim" <joachim.deguara@....com>, <gregkh@....cz>,
	<tglx@...utronix.de>, <mingo@...hat.com>, <hpa@...or.com>,
	<linux-kernel@...r.kernel.org>
Subject: RE: [PATCH 01/01][retry 3] x86: L3 cache index disable for 2.6.26

> > +
> > +        ret = sscanf(buf, "%x", &val);
> > +        if (ret != 1)
> > +                return -EINVAL;
> 
> Is it okay to strlen() on user-supplied data? Do they have to be
> null-terminated? What about sscanf?

The strlen can go - it's no longer necessary.

If sscanf isn't safe in this context, there's a lot of code
in drivers/cpufreq/cpufreq.c that I cribbed from that needs
to be changed, too.
 
> > +        val |= 0xc0000000;
> > +        pci_write_config_dword(dev, 0x1BC + index * 4, val 
> & ~0x40000000);
> > +        wbinvd();
> > +        pci_write_config_dword(dev, 0x1BC + index * 4, val);
> 
> Should it do if capable() test before doing such stuff?

I don't think so.  If it got this far, it is an AMD processor
from family 0x10 or later, so it has wbinvd().

-Mark Langsdorf
Operating System Research Center
AMD

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ