lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YQRUz9Uw9nfiLcgr@bombadil.infradead.org>
Date:   Fri, 30 Jul 2021 12:36:47 -0700
From:   Luis Chamberlain <mcgrof@...nel.org>
To:     Liang Wang <wangliang101@...wei.com>
Cc:     palmerdabbelt@...gle.com, linux-kernel@...r.kernel.org,
        gregkh@...uxfoundation.org, linux@...linux.org.uk,
        linux-arm-kernel@...ts.infradead.org, stable@...r.kernel.org,
        wangle6@...wei.com, kepler.chenxin@...wei.com,
        nixiaoming@...wei.com, wangkefeng.wang@...wei.com
Subject: Re: [PATCH v2] lib: Use PFN_PHYS() in devmem_is_allowed()

On Fri, Jul 30, 2021 at 03:43:15PM +0800, Liang Wang wrote:
> The physical address may exceed 32 bits on ARM(when ARM_LPAE enabled),
> use PFN_PHYS() in devmem_is_allowed(),

First off, good catch!

This should not be ARM specific, this should just say:

on 32-bit systems with more than 32 bits of physcial address

Also, towards then end then explain that in practice, yes,
this is probably just ARM which is affected. By explaining
this, it ensures folks are aware of the affected systems.

May be good to refer to commit 947d0496cf3e1 ("generic: make PFN_PHYS
explicitly return phys_addr_t") which added the original PFN_PHYS()
casting to phys_addr_t to resolve the same problem.

> or the physical address may overflow and be truncated.

Indeed. How did you find this issue? Can you describe that in the commit
log? Was it a real world issue or did you do just code inspection? Or
was there a bot which helped you?

> This bug was initially introduced from v2.6.37, and the function was moved
> to lib when v5.11.
> 
> Fixes: 087aaffcdf9c ("ARM: implement CONFIG_STRICT_DEVMEM by disabling access to RAM via /dev/mem")
> Fixes: 527701eda5f1 ("lib: Add a generic version of devmem_is_allowed()")
> Cc: stable@...r.kernel.org # v2.6.37
> Signed-off-by: Liang Wang <wangliang101@...wei.com>

Other than that:

Reviewed-by: Luis Chamberlain <mcgrof@...nel.org>

  Luis

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ