| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bc47bbe2-b330-7744-8d6b-869e3c7523e4@suse.com>
Date: Mon, 22 Nov 2021 08:57:32 +0100
From: Jan Beulich <jbeulich@...e.com>
To: Stefano Stabellini <sstabellini@...nel.org>
Cc: boris.ostrovsky@...cle.com, xen-devel@...ts.xenproject.org,
linux-kernel@...r.kernel.org,
Stefano Stabellini <stefano.stabellini@...inx.com>,
stable@...r.kernel.org, jgross@...e.com
Subject: Re: [PATCH v2] xen: detect uninitialized xenbus in xenbus_init
On 19.11.2021 21:29, Stefano Stabellini wrote:
> --- a/drivers/xen/xenbus/xenbus_probe.c
> +++ b/drivers/xen/xenbus/xenbus_probe.c
> @@ -951,6 +951,20 @@ static int __init xenbus_init(void)
> err = hvm_get_parameter(HVM_PARAM_STORE_PFN, &v);
> if (err)
> goto out_error;
> + /* Uninitialized. */
> + if (v == 0 || v == ULLONG_MAX) {
Didn't you have a comment in v1 here regarding the check against 0? Or was that
just like now only in the description? IOW I think there ought to be a code
comment justifying the theoretically wrong check ...
Also, while I realize there are various other similar assumptions elsewhere, I
would generally recommend to avoid such: There's no guarantee that now and
forever unsigned long long and uint64_t are the same thing. And it's easy in
cases like this one:
if (!v || !(v + 1)) {
Jan
Powered by blists - more mailing lists