lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f0573536-e6cc-3f68-5beb-a53c8e1d0620@redhat.com>
Date:   Wed, 3 Jun 2020 14:36:46 +0800
From:   Jason Wang <jasowang@...hat.com>
To:     "Michael S. Tsirkin" <mst@...hat.com>
Cc:     Al Viro <viro@...iv.linux.org.uk>, linux-kernel@...r.kernel.org,
        netdev@...r.kernel.org
Subject: Re: [PATCH RFC] uaccess: user_access_begin_after_access_ok()


On 2020/6/3 下午2:30, Michael S. Tsirkin wrote:
> On Wed, Jun 03, 2020 at 02:23:08PM +0800, Jason Wang wrote:
>>> BTW now I re-read it I don't understand __vhost_get_user_slow:
>>>
>>>
>>> static void __user *__vhost_get_user_slow(struct vhost_virtqueue *vq,
>>>                                             void __user *addr, unsigned int size,
>>>                                             int type)
>>> {
>>>           int ret;
>>>
>>>           ret = translate_desc(vq, (u64)(uintptr_t)addr, size, vq->iotlb_iov,
>>>                                ARRAY_SIZE(vq->iotlb_iov),
>>>                                VHOST_ACCESS_RO);
>>>
>>> ..
>>> }
>>>
>>> how does this work? how can we cast a pointer to guest address without
>>> adding any offsets?
>>
>> I'm not sure I get you here. What kind of offset did you mean?
>>
>> Thanks
> OK so points:
>
> 1. type argument seems unused. Right?


Yes, we can remove that.


> 2. Second argument to translate_desc is a GPA, isn't it?


No, it's IOVA, this function will be called only when IOTLB is enabled.

Thanks


>     Here we cast a userspace address to this type. What if it
>     matches a valid GPA by mistake?
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ