lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <69696e3f-10ca-50b4-3592-9cffba66fc81@linux.vnet.ibm.com>
Date:   Tue, 3 Jan 2017 15:17:44 +0530
From:   Anshuman Khandual <khandual@...ux.vnet.ibm.com>
To:     Michal Hocko <mhocko@...nel.org>,
        Anshuman Khandual <khandual@...ux.vnet.ibm.com>
Cc:     linux-kernel@...r.kernel.org, linux-mm@...ck.org, vbabka@...e.cz,
        akpm@...ux-foundation.org
Subject: Re: [RFC] nodemask: Consider MAX_NUMNODES inside node_isset

On 01/03/2017 02:47 PM, Michal Hocko wrote:
> On Tue 03-01-17 14:37:09, Anshuman Khandual wrote:
>> On 01/03/2017 02:14 PM, Michal Hocko wrote:
>>> On Tue 03-01-17 13:57:53, Anshuman Khandual wrote:
>>>> node_isset can give incorrect result if the node number is beyond the
>>>> bitmask size (MAX_NUMNODES in this case) which is not checked inside
>>>> test_bit. Hence check for the bit limits (MAX_NUMNODES) inside the
>>>> node_isset function before calling test_bit.
>>> Could you be more specific when such a thing might happen? Have you seen
>>> any in-kernel user who would give such a bogus node?
>>
>> Have not seen this through any in-kernel use case. While rebasing the CDM
>> zonelist rebuilding series,
> 
> Then fix this particular code path...

Yeah I did.

> 
>> I came across this through an error path when
>> a bogus node value of 256 (MAX_NUMNODES on POWER) is received when we call
>> first_node() on an empty nodemask (which itself seems weird as well).
> 
> Does calling first_node on an empty nodemask make any sense? If there is
> a risk then I would expect nodes_empty() check before doing any mask
> related operations.

Hmm, you are right. All these checks should be done by the caller not
these nodemask helper functions.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ