[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 4 Apr 2019 12:35:28 +0200
From: Michal Hocko <mhocko@...nel.org>
To: Dan Carpenter <dan.carpenter@...cle.com>
Cc: "David S. Miller" <davem@...emloft.net>,
Alexander Viro <viro@...iv.linux.org.uk>,
Jens Axboe <axboe@...nel.dk>,
Amritha Nambiar <amritha.nambiar@...el.com>,
Willem de Bruijn <willemb@...gle.com>,
kernel-janitors@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
Peter Zijlstra <peterz@...radead.org>
Subject: Re: [PATCH 1/2] cpumask: Introduce possible_cpu_safe()
On Thu 04-04-19 13:02:19, Dan Carpenter wrote:
> There have been two cases recently where we pass user a controlled "cpu"
> to possible_cpus(). That's not allowed. If it's invalid, it will
> trigger a WARN_ONCE() and an out of bounds read which could result in an
> Oops.
>
> This patch introduces possible_cpu_safe() which first checks to see if
> the cpu is valid, turns off speculation and then checks if the cpu is
> possible.
Why cannot we do the check in possible_cpu directly? Is it used from any
hot path? I am quite skeptical people will use the new helper
consistently.
--
Michal Hocko
SUSE Labs
Powered by blists - more mailing lists