lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8eaa5507e4cf77042d39688465c2b989@kernel.org>
Date:   Fri, 06 Mar 2020 13:15:59 +0000
From:   Marc Zyngier <maz@...nel.org>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     LKML <linux-kernel@...r.kernel.org>, x86@...nel.org,
        Bjorn Helgaas <bhelgaas@...gle.com>, linux-pci@...r.kernel.org,
        Keith Busch <kbusch@...nel.org>,
        Kuppuswamy Sathyanarayanan 
        <sathyanarayanan.kuppuswamy@...ux.intel.com>,
        stable@...r.kernel.org
Subject: Re: [patch 1/7] genirq/debugfs: Add missing sanity checks to
 interrupt injection

On 2020-03-06 13:03, Thomas Gleixner wrote:
> Interrupts cannot be injected when the interrupt is not activated and 
> when
> a replay is already in progress.
> 
> Fixes: 536e2e34bd00 ("genirq/debugfs: Triggering of interrupts from 
> userspace")
> Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
> Cc: stable@...r.kernel.org
> ---
>  kernel/irq/debugfs.c |   11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
> 
> --- a/kernel/irq/debugfs.c
> +++ b/kernel/irq/debugfs.c
> @@ -206,8 +206,15 @@ static ssize_t irq_debug_write(struct fi
>  		chip_bus_lock(desc);
>  		raw_spin_lock_irqsave(&desc->lock, flags);
> 
> -		if (irq_settings_is_level(desc) || desc->istate & IRQS_NMI) {
> -			/* Can't do level nor NMIs, sorry */
> +		/*
> +		 * Don't allow injection when the interrupt is:
> +		 *  - Level or NMI type
> +		 *  - not activated
> +		 *  - replaying already
> +		 */
> +		if (irq_settings_is_level(desc) ||
> +		    !irqd_is_activated(&desc->irq_data) ||
> +		    (desc->istate & (IRQS_NMI | IRQS_REPLAY)) {
>  			err = -EINVAL;
>  		} else {
>  			desc->istate |= IRQS_PENDING;

Huh, nice catch.

Acked-by: Marc Zyngier <maz@...nel.org>

         M.
-- 
Jazz is not dead. It just smells funny...

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ