lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 3 Feb 2017 17:47:41 +0800
From:   Jason Wang <jasowang@...hat.com>
To:     Christoph Hellwig <hch@....de>
Cc:     mst@...hat.com, axboe@...nel.dk, pbonzini@...hat.com,
        virtualization@...ts.linux-foundation.org,
        linux-block@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/9] virtio_pci: use shared interrupts for virtqueues



On 2017年02月03日 16:26, Christoph Hellwig wrote:
> On Fri, Feb 03, 2017 at 03:54:54PM +0800, Jason Wang wrote:
>> On 2017年01月27日 16:16, Christoph Hellwig wrote:
>>> +		snprintf(vp_dev->msix_names[i + 1],
>>> +			 sizeof(*vp_dev->msix_names), "%s-%s",
>>>    			 dev_name(&vp_dev->vdev.dev), names[i]);
>>>    		err = request_irq(pci_irq_vector(vp_dev->pci_dev, msix_vec),
>>> -				  vring_interrupt, 0,
>>> -				  vp_dev->msix_names[msix_vec],
>>> -				  vqs[i]);
>>> +				  vring_interrupt, IRQF_SHARED,
>>> +				  vp_dev->msix_names[i + 1], vqs[i]);
>> Do we need to check per_vq_vectors before dereferencing msix_names[i + 1] ?
> No, we need to allocate the array larger in that case as want proper
> names for the interrupts.

Consider the case of !per_vq_vectors, the size of msix_names is 2, but 
snprintf can do out of bound accessing here. (We name the msix shared by 
virtqueues with something like "%s-virtqueues" before the patch).

Thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ