lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <e9adc7ef-37c5-d2e0-ce3d-1aa70c3432f1@redhat.com> Date: Tue, 12 Dec 2017 17:07:54 +0100 From: Paolo Bonzini <pbonzini@...hat.com> To: Wanpeng Li <kernellwp@...il.com>, linux-kernel@...r.kernel.org, kvm@...r.kernel.org Cc: Radim Krčmář <rkrcmar@...hat.com>, Wanpeng Li <wanpeng.li@...mail.com> Subject: Re: [PATCH RESEND] KVM: X86: Fix stack-out-of-bounds read in write_mmio On 12/12/2017 09:57, Wanpeng Li wrote: > diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c > index bc5d853..51e7932 100644 > --- a/arch/x86/kvm/x86.c > +++ b/arch/x86/kvm/x86.c > @@ -4690,7 +4690,10 @@ static int write_emulate(struct kvm_vcpu *vcpu, gpa_t gpa, > > static int write_mmio(struct kvm_vcpu *vcpu, gpa_t gpa, int bytes, void *val) > { > - trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, bytes, gpa, *(u64 *)val); > + u64 data = 0; > + > + memcpy(&data, val, min(8, bytes)); > + trace_kvm_mmio(KVM_TRACE_MMIO_WRITE, bytes, gpa, data); > return vcpu_mmio_write(vcpu, gpa, bytes, val); > } > > Please do the memcpy in TRACE_EVENT(kvm_mmio)'s TP_fast_assign block. That is done only when the trace event is active. Thanks, Paolo
Powered by blists - more mailing lists