lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170103091741.GD30111@dhcp22.suse.cz>
Date:   Tue, 3 Jan 2017 10:17:42 +0100
From:   Michal Hocko <mhocko@...nel.org>
To:     Anshuman Khandual <khandual@...ux.vnet.ibm.com>
Cc:     linux-kernel@...r.kernel.org, linux-mm@...ck.org, vbabka@...e.cz,
        akpm@...ux-foundation.org
Subject: Re: [RFC] nodemask: Consider MAX_NUMNODES inside node_isset

On Tue 03-01-17 14:37:09, Anshuman Khandual wrote:
> On 01/03/2017 02:14 PM, Michal Hocko wrote:
> > On Tue 03-01-17 13:57:53, Anshuman Khandual wrote:
> >> node_isset can give incorrect result if the node number is beyond the
> >> bitmask size (MAX_NUMNODES in this case) which is not checked inside
> >> test_bit. Hence check for the bit limits (MAX_NUMNODES) inside the
> >> node_isset function before calling test_bit.
> > Could you be more specific when such a thing might happen? Have you seen
> > any in-kernel user who would give such a bogus node?
> 
> Have not seen this through any in-kernel use case. While rebasing the CDM
> zonelist rebuilding series,

Then fix this particular code path...

> I came across this through an error path when
> a bogus node value of 256 (MAX_NUMNODES on POWER) is received when we call
> first_node() on an empty nodemask (which itself seems weird as well).

Does calling first_node on an empty nodemask make any sense? If there is
a risk then I would expect nodes_empty() check before doing any mask
related operations.

-- 
Michal Hocko
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ