lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 17 Feb 2021 12:10:15 +0100
From:   Stefano Garzarella <sgarzare@...hat.com>
To:     Greg KH <gregkh@...uxfoundation.org>
Cc:     "Michael S. Tsirkin" <mst@...hat.com>, stable@...r.kernel.org,
        Jason Wang <jasowang@...hat.com>,
        virtualization@...ts.linux-foundation.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH for 5.10 v2 0/5] vdpa_sim: fix param validation in
 vdpasim_get_config()

On Wed, Feb 17, 2021 at 11:58:53AM +0100, Greg KH wrote:
>On Tue, Feb 16, 2021 at 03:24:34PM +0100, Stefano Garzarella wrote:
>> v1: https://lore.kernel.org/stable/20210211162519.215418-1-sgarzare@redhat.com/
>>
>> v2:
>> - backport the upstream patch and related patches needed
>>
>> Commit 65b709586e22 ("vdpa_sim: add get_config callback in
>> vdpasim_dev_attr") unintentionally solved an issue in vdpasim_get_config()
>> upstream while refactoring vdpa_sim.c to support multiple devices.
>>
>> Before that patch, if 'offset + len' was equal to
>> sizeof(struct virtio_net_config), the entire buffer wasn't filled,
>> returning incorrect values to the caller.
>>
>> Since 'vdpasim->config' type is 'struct virtio_net_config', we can
>> safely copy its content under this condition.
>>
>> The minimum set of patches to backport the patch that fixes the issue, is the
>> following:
>>
>>    423248d60d2b vdpa_sim: remove hard-coded virtq count
>>    6c6e28fe4579 vdpa_sim: add struct vdpasim_dev_attr for device attributes
>>    cf1a3b35382c vdpa_sim: store parsed MAC address in a buffer
>>    f37cbbc65178 vdpa_sim: make 'config' generic and usable for any device type
>>    65b709586e22 vdpa_sim: add get_config callback in vdpasim_dev_attr
>>
>> The patches apply fairly cleanly. There are a few contextual differences
>> due to the lack of the other patches:
>>
>>    $ git backport-diff -u master -r linux-5.10.y..HEAD
>
>Cool, where is 'backport-diff' from?

It was developed by Jeff Cody and I find it very useful when doing or 
reviewing backports :-)

It's available here:
https://github.com/codyprime/git-scripts/blob/master/git-backport-diff

>
>>    Key:
>>    [----] : patches are identical
>>    [####] : number of functional differences between upstream/downstream patch
>>    [down] : patch is downstream-only
>>    The flags [FC] indicate (F)unctional and (C)ontextual differences, respectively
>>
>>    001/5:[----] [--] 'vdpa_sim: remove hard-coded virtq count'
>>    002/5:[----] [-C] 'vdpa_sim: add struct vdpasim_dev_attr for device attributes'
>>    003/5:[----] [--] 'vdpa_sim: store parsed MAC address in a buffer'
>>    004/5:[----] [-C] 'vdpa_sim: make 'config' generic and usable for any device type'
>>    005/5:[----] [-C] 'vdpa_sim: add get_config callback in vdpasim_dev_attr'
>
>Now all applied, thanks.

Thanks,
Stefano

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ