| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 14 Oct 2014 07:04:22 -0700 From: Martin Kelly <martin@...tingkelly.com> To: David Vrabel <david.vrabel@...rix.com>, xen-devel@...ts.xenproject.org, x86@...nel.org, linux-kernel@...r.kernel.org CC: konrad.wilk@...cle.com, boris.ostrovsky@...cle.com, tglx@...utronix.de, mingo@...hat.com, Martin Kelly <martkell@...zon.com> Subject: Re: [PATCH] xen/setup: add paranoid index check and warning On 10/14/2014 02:22 AM, David Vrabel wrote: > On 14/10/14 02:19, Martin Kelly wrote: >> In a call to set_phys_range_identity, i-1 is used without checking that >> i is non-zero. Although unlikely, a bug in the code before it could >> cause the value to be 0, leading to erroneous behavior. This patch adds >> a check against 0 value and a corresponding warning. > > This can only happen if the toolstack supplies a memory map with zero > entries. I could see justification for adding a panic at the top of > this function in this case, but I can't see the usefulness of this warning. > Yes, a panic is probably appropriate. What do you think about the relative merits of panicing in the callers vs. in the sanitize_e820_map function itself (thus to avoid a bunch of similar error checks in the callers)? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists