| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Jan 2019 10:10:45 +0100
From: Paolo Bonzini <pbonzini@...hat.com>
To: Radim Krčmář <rkrcmar@...hat.com>,
Tomas Bortoli <tomasbortoli@...il.com>
Cc: kvm@...r.kernel.org, linux-kernel@...r.kernel.org,
syzkaller@...glegroups.com
Subject: Re: [PATCH] KVM: validate userspace input in
kvm_clear_dirty_log_protect()
On 11/01/19 14:49, Radim Krčmář wrote:
> 2019-01-08 17:28+0100, Tomas Bortoli:
>> Hi Paolo,
>>
>> On 1/7/19 11:42 PM, Paolo Bonzini wrote:
>>> On 02/01/19 18:29, Tomas Bortoli wrote:
>>>> n = kvm_dirty_bitmap_bytes(memslot);
>>>> +
>>>> + if (n << 3 < log->num_pages || log->first_page > log->num_pages)
>>>> + return -EINVAL;
>>>> +
>>>
>>> This should be
>>>
>>> if (log->first_page > memslot->npages ||
>
> (Wouldn't this be clearer with a >= instead?)
log->first_page == memslot->npages is technically okay if log->num_pages
is zero.
Paolo
>>> log->num_pages > memslot->npages - log->first_page)
>>> return -EINVAL;
>>>
>>> i.e. the comparison should check the last page in the range, not the
>>> number of pages. In addition, using "n" is unnecessary since we do have
>>> the memslot. I'll do the changes myself if you prefer, but an ack would
>>> be nice.
>>>
>>>
>>
>>
>> Yeah, I agree. Thanks for the reply and sure you can do the changes, np :)
>
> Done that and applied, thanks.
>
Powered by blists - more mailing lists