| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Nov 2021 09:40:42 +0100
From: Jan Beulich <jbeulich@...e.com>
To: Stefano Stabellini <sstabellini@...nel.org>
Cc: boris.ostrovsky@...cle.com, xen-devel@...ts.xenproject.org,
linux-kernel@...r.kernel.org,
Stefano Stabellini <stefano.stabellini@...inx.com>,
stable@...r.kernel.org, jgross@...e.com
Subject: Re: [PATCH] xen: detect uninitialized xenbus in xenbus_init
On 18.11.2021 03:37, Stefano Stabellini wrote:
> On Wed, 17 Nov 2021, Jan Beulich wrote:
>> On 17.11.2021 03:11, Stefano Stabellini wrote:
>>> --- a/drivers/xen/xenbus/xenbus_probe.c
>>> +++ b/drivers/xen/xenbus/xenbus_probe.c
>>> @@ -951,6 +951,18 @@ static int __init xenbus_init(void)
>>> err = hvm_get_parameter(HVM_PARAM_STORE_PFN, &v);
>>> if (err)
>>> goto out_error;
>>> + /*
>>> + * Uninitialized hvm_params are zero and return no error.
>>> + * Although it is theoretically possible to have
>>> + * HVM_PARAM_STORE_PFN set to zero on purpose, in reality it is
>>> + * not zero when valid. If zero, it means that Xenstore hasn't
>>> + * been properly initialized. Instead of attempting to map a
>>> + * wrong guest physical address return error.
>>> + */
>>> + if (v == 0) {
>>> + err = -ENOENT;
>>> + goto out_error;
>>> + }
>>
>> If such a check gets added, then I think known-invalid frame numbers
>> should be covered at even higher a priority than zero.
>
> Uhm, that's a good point. We could check for 0 and also ULONG_MAX
Why ULONG_MAX? The upper bound is determined by the number of physical
address bits (in a guest: the virtual counterpart thereof). In a 32-bit
environment ULONG_MAX could in principle even represent a valid frame
number.
Jan
Powered by blists - more mailing lists