lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 11 May 2020 14:01:00 -0400
From:   Boris Ostrovsky <boris.ostrovsky@...cle.com>
To:     Juergen Gross <jgross@...e.com>, xen-devel@...ts.xenproject.org,
        linux-kernel@...r.kernel.org, clang-built-linux@...glegroups.com
Cc:     Stefano Stabellini <sstabellini@...nel.org>,
        Arnd Bergmann <arnd@...db.de>
Subject: Re: [PATCH 1/2] xen/xenbus: avoid large structs and arrays on the
 stack

On 5/11/20 3:31 AM, Juergen Gross wrote:
>  
>  static int xenbus_map_ring_valloc_hvm(struct xenbus_device *dev,


I wonder whether we can drop valloc/vfree from xenbus_ring_ops' names.


> +				      struct map_ring_valloc *info,
>  				      grant_ref_t *gnt_ref,
>  				      unsigned int nr_grefs,
>  				      void **vaddr)
>  {
> -	struct xenbus_map_node *node;
> +	struct xenbus_map_node *node = info->node;
>  	int err;
>  	void *addr;
>  	bool leaked = false;
> -	struct map_ring_valloc_hvm info = {
> -		.idx = 0,
> -	};
>  	unsigned int nr_pages = XENBUS_PAGES(nr_grefs);
>  
> -	if (nr_grefs > XENBUS_MAX_RING_GRANTS)
> -		return -EINVAL;
> -
> -	*vaddr = NULL;
> -
> -	node = kzalloc(sizeof(*node), GFP_KERNEL);
> -	if (!node)
> -		return -ENOMEM;
> -
>  	err = alloc_xenballooned_pages(nr_pages, node->hvm.pages);
>  	if (err)
>  		goto out_err;
>  
>  	gnttab_foreach_grant(node->hvm.pages, nr_grefs,
>  			     xenbus_map_ring_setup_grant_hvm,
> -			     &info);
> +			     info);
>  
>  	err = __xenbus_map_ring(dev, gnt_ref, nr_grefs, node->handles,
> -				info.phys_addrs, GNTMAP_host_map, &leaked);
> +				info, GNTMAP_host_map, &leaked);
>  	node->nr_handles = nr_grefs;
>  
>  	if (err)
> @@ -641,11 +654,13 @@ static int xenbus_map_ring_valloc_hvm(struct xenbus_device *dev,
>  	spin_unlock(&xenbus_valloc_lock);
>  
>  	*vaddr = addr;
> +	info->node = NULL;


Is this so that xenbus_map_ring_valloc() doesn't free it accidentally?


-boris


> +
>  	return 0;
>  
>  


Download attachment "pEpkey.asc" of type "application/pgp-keys" (4996 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ