lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 7 Dec 2021 18:13:46 +0000
From:   "Saleem, Shiraz" <shiraz.saleem@...el.com>
To:     Christophe JAILLET <christophe.jaillet@...adoo.fr>,
        "Ismail, Mustafa" <mustafa.ismail@...el.com>,
        "jgg@...pe.ca" <jgg@...pe.ca>
CC:     "linux-rdma@...r.kernel.org" <linux-rdma@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "kernel-janitors@...r.kernel.org" <kernel-janitors@...r.kernel.org>
Subject: RE: [PATCH] RDMA/irdma: Fix a potential memory allocation issue in
 'irdma_prm_add_pble_mem()'

> Subject: [PATCH] RDMA/irdma: Fix a potential memory allocation issue in
> 'irdma_prm_add_pble_mem()'
> 
> 'pchunk->bitmapbuf' is a bitmap. Its size (in number of bits) is stored in 'pchunk-
> >sizeofbitmap'.
> 
> When it is allocated, the size (in bytes) is computed by:
>    size_in_bits >> 3
> 
> There are 2 issues (numbers bellow assume that longs are 64 bits):
>    - there is no guarantee here that 'pchunk->bitmapmem.size' is modulo
>      BITS_PER_LONG but bitmaps are stored as longs
>      (sizeofbitmap=8 bits will only allocate 1 byte, instead of 8 (1 long))
> 
>    - the number of bytes is computed with a shift, not a round up, so we
>      may allocate less memory than needed
>      (sizeofbitmap=65 bits will only allocate 8 bytes (i.e. 1 long), when 2
>      longs are needed = 16 bytes)

Since sizeofbitmap is always a multiple of 64 (pchunk->size is a multiple of 4K block size, and pprm->pble_shift = 6),
I am not sure we will hit these issues today.

> 
> Fix both issues by using 'bitmap_zalloc()' and remove the useless 'bitmapmem'
> from 'struct irdma_chunk'.
> 
> While at it, remove some useless NULL test before calling kfree/bitmap_free.

Yes nonetheless the patch is good. And we should be using the bitmap_zalloc/free API's rather than open-coding it.

Reviewed-by: Shiraz Saleem <shiraz.saleem@...el.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ