lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20090106074928.GA7671@localhost>
Date:	Tue, 6 Jan 2009 10:49:28 +0300
From:	Cyrill Gorcunov <gorcunov@...il.com>
To:	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>, npiggin@...e.de,
	riel@...hat.com, penberg@...helsinki.fi,
	linux-kernel@...r.kernel.org, jirislaby@...il.com
Subject: Re: [PATCH] mm: __nr_to_section - make it safe against overflow v2

[KAMEZAWA Hiroyuki - Tue, Jan 06, 2009 at 03:30:36PM +0900]
| On Tue, 6 Jan 2009 14:57:41 +0900
| KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com> wrote:
| 
| > On Mon, 5 Jan 2009 16:37:42 -0800
| > Andrew Morton <akpm@...ux-foundation.org> wrote:
| > 
| > > On Mon, 5 Jan 2009 13:31:32 +0300
| > > Cyrill Gorcunov <gorcunov@...il.com> wrote:
| > > 
| > > > __nr_to_section should check for array bound overflow.
| > > > We should better get NULL dereference then silently
| > > > pass some memory snippet out of bounds to a caller.
| > > > 
| > > 
| > > Are there actually any known problems here?
| > > 
| > 
| > IIRC, I never saw any problem. (But I may see in memory-hotplug development.)
| 
| I digged mails and seems this patch is from this thread.
| 
| =
| http://lkml.org/lkml/2009/1/4/61
| =
| 
| He seems to want to hunt boot time failure.
| (Finally, BIOS-update was necessary for original problem of this thread.)
| 
| Cyrill, could you modify this WARN_ON() works works when __nr_to_section()
| is called directly by sparse.c and memhotplug.c ?
| 
| Adding WARN_ON() in pfn_to_page() is overkill.
| 
| Thanks,
| -Kame
| 

Thanks for review Kame, this patch should be just dropped.

Actually the only code snippet which make me nervious is
sizeof (mem_section) part. Which is to remain power of
two and even doesn't have 'packed' attribute neither any
comments above. And if it happens that it will be modified
or say gcc decide to add some bytes here (bugs happens) we
would silently address wrong mem_section. So I think at least
the 'comment' part of my patch is deserve to be applied :)

		- Cyrill -
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ