lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180409224842-mutt-send-email-mst@kernel.org> Date: Mon, 9 Apr 2018 22:54:34 +0300 From: "Michael S. Tsirkin" <mst@...hat.com> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Stefan Hajnoczi <stefanha@...hat.com>, virtualization <virtualization@...ts.linux-foundation.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Jason Wang <jasowang@...hat.com>, KVM list <kvm@...r.kernel.org>, syzkaller-bugs@...glegroups.com Subject: Re: [PATCH] vhost: fix vhost_vq_access_ok() log check On Mon, Apr 09, 2018 at 09:52:13AM -0700, Linus Torvalds wrote: > On Mon, Apr 9, 2018 at 6:10 AM, Stefan Hajnoczi <stefanha@...hat.com> wrote: > > @@ -1246,7 +1246,7 @@ int vhost_vq_access_ok(struct vhost_virtqueue *vq) > > { > > int ret = vq_log_access_ok(vq, vq->log_base); > > > > - if (ret || vq->iotlb) > > + if (!ret || vq->iotlb) > > return ret; > > That logic is still very non-obvious. > > This code already had one bug because of an odd illegible test > sequence. Let's not keep the crazy code. > > Why not just do the *obvious* thing, and get rid of "ret" entirely, > and make the damn thing return a boolean, and then just write it all > as > > /* Caller should have vq mutex and device mutex */ > bool vhost_vq_access_ok(struct vhost_virtqueue *vq) > { > if (!vq_log_access_ok(vq, vq->log_base)) > return false; > > if (vq->iotlb || vq_access_ok(vq, vq->num, vq->desc, > vq->avail, vq->used); > } > > which makes the logic obvious: if vq_log_access_ok() fails, then then > vhost_vq_access_ok() fails unconditionally. > > Otherwise, we need to have an iotlb, or a successful vq_access_ok() check. > > Doesn't that all make more sense, and avoid the insane "ret" value use > that is really quite subtle? > > Linus I agree it's cleaner. Stefan, I reposted your patch on netdev (since the breakage got applied there too). Would you like to self-nak it and post v2? Pls remember to CC netdev. -- MST
Powered by blists - more mailing lists