lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 26 Oct 2015 10:31:55 -0600
From:	Toshi Kani <toshi.kani@....com>
To:	"Luck, Tony" <tony.luck@...el.com>, "bp@...en8.de" <bp@...en8.de>,
	"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
	"Williams, Dan J" <dan.j.williams@...el.com>,
	"rjw@...ysocki.net" <rjw@...ysocki.net>
Cc:	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	"linux-nvdimm@...ts.01.org" <linux-nvdimm@...ts.01.org>,
	"linux-acpi@...r.kernel.org" <linux-acpi@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 UPDATE 3/3] ACPI/APEI/EINJ: Allow memory error
 injection to NVDIMM

On Mon, 2015-10-26 at 16:26 +0000, Luck, Tony wrote:
> -	pfn = PFN_DOWN(param1 & param2);
> -	if (!page_is_ram(pfn) || ((param2 & PAGE_MASK) != PAGE_MASK))
> +	base_addr = param1 & param2;
> +	size = (~param2) + 1;
> 
> We expect the user will supply us with param2 in the form 0xffffffff[fec8]00000
> with various numbers of leading 'f' and trailing '0' ... but I don't think we actually
> check that anywhere.  But we have a bunch of places that assume it is OK, including
> this new one.
> 
> It's time to fix that.  Maybe even provide a default 0xfffffffffffff000 so I can save 
> myself some typing?

+       if (((region_intersects_ram(base_addr, size) != REGION_INTERSECTS) &&
+            (region_intersects_pmem(base_addr, size) != REGION_INTERSECTS)) ||
+           ((param2 & PAGE_MASK) != PAGE_MASK))
                return -EINVAL;

The 3rd condition check makes sure that the param2 mask is the page size or less.  So, I
think we are OK on this.

Thanks,
-Toshi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ