lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Dec 2017 11:31:02 -0600 From: "Hook, Gary" <ghook@....com> To: Alex Williamson <alex.williamson@...hat.com> Cc: Peter Xu <peterx@...hat.com>, iommu@...ts.linux-foundation.org, dwmw2@...radead.org, linux-kernel@...r.kernel.org, tursulin@...ulin.net Subject: Re: [PATCH] iommu/vt-d: Fix shift overflow in qi_flush_dev_iotlb On 12/13/2017 11:15 AM, Alex Williamson wrote: > On Wed, 13 Dec 2017 10:41:47 -0600 > "Hook, Gary" <ghook@....com> wrote: > >> On 12/13/2017 9:58 AM, Alex Williamson wrote: >>> On Wed, 13 Dec 2017 15:13:55 +0800 >>> Peter Xu <peterx@...hat.com> wrote: >>> >>>> On Tue, Dec 12, 2017 at 03:43:08PM -0700, Alex Williamson wrote: >>>> >>>> [...] >>>> >>>>> diff --git a/drivers/iommu/dmar.c b/drivers/iommu/dmar.c >>>>> index 9a7ffd13c7f0..87888b102057 100644 >>>>> --- a/drivers/iommu/dmar.c >>>>> +++ b/drivers/iommu/dmar.c >>>>> @@ -1345,7 +1345,9 @@ void qi_flush_dev_iotlb(struct intel_iommu *iommu, u16 sid, u16 qdep, >>>>> struct qi_desc desc; >>>>> >>>>> if (mask) { >>>>> - BUG_ON(addr & ((1 << (VTD_PAGE_SHIFT + mask)) - 1)); >>>>> + BUG_ON((mask > MAX_AGAW_PFN_WIDTH) || >>>>> + ((mask == MAX_AGAW_PFN_WIDTH) && addr) || >>>>> + (addr & ((1 << (VTD_PAGE_SHIFT + mask)) - 1))); >>>> >>>> Could it work if we just use 1ULL instead of 1 here? Thanks, >>> >>> In either case we're talking about shifting off the end of the >>> variable, which I understand to be undefined. Right? Thanks, >> >> How so? Bits fall off the left (MSB) end, zeroes fill in the right (LSB) >> end. I believe that behavior is pretty set. > > Maybe I'm relying too much on stackoverflow, but: > > https://stackoverflow.com/questions/11270492/what-does-the-c-standard-say-about-bitshifting-more-bits-than-the-width-of-type No, probably not. I don't have my copy of c99 handy, so can't check it. But it is beyond me why any compiler implementation would choose to use a rotate instead of a shift... probably a performance issue. So, yeah, when you have silly parameters, you get what you get. I'll stick to my suggestion. Which seems unambiguous... but I could be wrong.
Powered by blists - more mailing lists