lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Mon, 28 Jan 2013 11:47:08 -0500
From:	Konrad Rzeszutek Wilk <konrad.wilk@...cle.com>
To:	Jan Beulich <JBeulich@...e.com>
Cc:	Konrad Rzeszutek Wilk <konrad@...nel.org>,
	xen-devel <xen-devel@...ts.xen.org>,
	linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [Xen-devel] [PATCH 3/3] xen/blkback: Check for insane amounts of
 request on the ring.

On Mon, Jan 28, 2013 at 04:18:59PM +0000, Jan Beulich wrote:
> >>> On 28.01.13 at 16:42, Konrad Rzeszutek Wilk <konrad.wilk@...cle.com> wrote:
> > On Mon, Jan 28, 2013 at 11:07:46AM +0000, Jan Beulich wrote:
> >> >>> On 25.01.13 at 19:43, Konrad Rzeszutek Wilk <konrad.wilk@...cle.com> wrote:
> >> > @@ -764,6 +768,9 @@ __do_block_io_op(struct xen_blkif *blkif)
> >> >  	rp = blk_rings->common.sring->req_prod;
> >> >  	rmb(); /* Ensure we see queued requests up to 'rp'. */
> >> >  
> >> > +	if (RING_REQUEST_PROD_OVERFLOW(&blk_rings->common, rp, rc))
> >> > +		return -EACCES;
> >> 
> >> Actually I wonder whether we need the new macro at all: It seems
> >> to me that using RING_REQUEST_CONS_OVERFLOW(&blk_rings->common, rp)
> >> here would achieve the same effect.
> > 
> > But it would not. The RING_REQUEST_CONS_OVERFLOW only check that the
> > non-shared ring entries (rsp_prod and rsp_prod_pvt) are less than
> > the size of the ring (32). In other words - they check whether we want
> > to process more requests as we still have a back-log of responses to
> > deal with.
> 
> So did you not notice that here 'rp' (i.e. req_prod) is being passed,
> not 'rc'?

Oh, no I did not :-(

That ought to do the trick too.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ