lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20140110204354.GD10235@kroah.com>
Date:	Fri, 10 Jan 2014 12:43:54 -0800
From:	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To:	Sudeep Dutt <sudeep.dutt@...el.com>
Cc:	Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
	Ashutosh Dixit <ashutosh.dixit@...el.com>,
	Caz Yokoyama <Caz.Yokoyama@...el.com>,
	Dasaratharaman Chandramouli 
	<dasaratharaman.chandramouli@...el.com>,
	Nikhil Rao <nikhil.rao@...el.com>,
	Harshavardhan R Kharche <harshavardhan.r.kharche@...el.com>,
	Peter P Waskiewicz Jr <peter.p.waskiewicz.jr@...el.com>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: Intel MIC host driver: possible signed underflow (undefined
 behavior) in userspace API

On Fri, Jan 10, 2014 at 10:22:55AM -0800, Sudeep Dutt wrote:
> On Fri, 2014-01-10 at 06:21 -0800, Greg Kroah-Hartman wrote:
> > On Fri, Jan 10, 2014 at 05:56:25AM +0000, Mathieu Desnoyers wrote:
> > > Hi,
> > > 
> > > Looking at this commit:
> > > 
> > > commit f69bcbf3b4c4b333dcd7a48eaf868bf0c88edab5
> > > Author: Ashutosh Dixit <ashutosh.dixit@...el.com>
> > > Date:   Thu Sep 5 16:42:18 2013 -0700
> > > 
> > >     Intel MIC Host Driver Changes for Virtio Devices.
> > > 
> > > Especially at:
> > > 
> > > +struct mic_copy_desc {
> > > +#ifdef __KERNEL__
> > > +       struct iovec __user *iov;
> > > +#else
> > > +       struct iovec *iov;
> > > +#endif
> > > +       int iovcnt;
> > > +       __u8 vr_idx;
> > > +       __u8 update_used;
> > > +       __u32 out_len;
> > > +};

Oh, there's also the obvious 32/64 bit userspace/kernel issue here as
well, but I'm sure you all know how to handle that properly.  It would
be nice to fix that up, if you can change the ABI still.

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ