| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 2 Dec 2020 10:14:29 +0800
From: Shuo A Liu <shuo.a.liu@...el.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: linux-kernel@...r.kernel.org, x86@...nel.org,
"H . Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
Sean Christopherson <sean.j.christopherson@...el.com>,
Yu Wang <yu1.wang@...el.com>,
Reinette Chatre <reinette.chatre@...el.com>,
Zhi Wang <zhi.a.wang@...el.com>,
Zhenyu Wang <zhenyuw@...ux.intel.com>
Subject: Re: [PATCH v6 06/18] virt: acrn: Introduce VM management interfaces
On Tue 1.Dec'20 at 11:09:47 +0100, Greg Kroah-Hartman wrote:
>On Tue, Dec 01, 2020 at 05:38:41PM +0800, shuo.a.liu@...el.com wrote:
>> + vm_param->reserved0 = 0;
>> + vm_param->reserved1 = 0;
>
>NO!
>
>This means that userspace can put whatever crud they want in those
>fields, and you will happily zero it out. Then, when those reserved
>fields are wanted to be used in the future, you will take those values
>from userspace and accept them as a valid value. But, since userspace
>was sending crud before, now you will take that crud and do something
>with it.
>
>TEST IT to verify that it is zero, that way userspace gets it right the
>first time, and you don't get it wrong later, as you can not change it
>later.
OK. Thanks for the elaboration. I will test it and return -EINVAL if
it is not zero.
Powered by blists - more mailing lists