lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20131126180941.GA18542@redhat.com>
Date:	Tue, 26 Nov 2013 19:09:41 +0100
From:	Oleg Nesterov <oleg@...hat.com>
To:	Borislav Petkov <bp@...en8.de>
Cc:	Frederic Weisbecker <fweisbec@...il.com>,
	LKML <linux-kernel@...r.kernel.org>, stable@...r.kernel.org
Subject: Re: [PATCH 2/4] x86: Fix the hw_breakpoint range check

On 11/25, Borislav Petkov wrote:
>
> On Mon, Nov 25, 2013 at 08:50:28PM +0100, Oleg Nesterov wrote:
> > This won't work if va + len overflows?
>
> Oh, right,
>
> > Perhaps we should makes this clear, and we can even check the overflow
> > in the generic code (iirc Linus suggested to do this).
>
> maybe something like
>
> 	((va + len - 1) >= TASK_SIZE) || ((va + len - 1) < va)

Yes. But again, it makes sense to do this in the caller. And kill
the stupid get_hbp_len(). And other cleanups.

But this patch just tries to fix the typo in the security check.

Oleg.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ