lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 6 Oct 2022 17:47:04 +0800
From:   Xu Yilun <yilun.xu@...el.com>
To:     Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
Cc:     matthew.gerlach@...ux.intel.com, hao.wu@...el.com,
        russell.h.weight@...el.com, basheer.ahmed.muddebihal@...el.com,
        trix@...hat.com, mdf@...nel.org, linux-fpga@...r.kernel.org,
        linux-doc@...r.kernel.org, linux-kernel@...r.kernel.org,
        tianfei.zhang@...el.com, corbet@....net,
        gregkh@...uxfoundation.org, linux-serial@...r.kernel.org,
        jirislaby@...nel.org, geert+renesas@...der.be,
        niklas.soderlund+renesas@...natech.se, macro@...am.me.uk,
        johan@...nel.org, lukas@...ner.de
Subject: Re: [PATCH v3 3/4] fpga: dfl: add basic support for DFHv1

On 2022-10-04 at 18:11:06 +0300, Andy Shevchenko wrote:
> On Tue, Oct 04, 2022 at 07:37:17AM -0700, matthew.gerlach@...ux.intel.com wrote:
> > From: Matthew Gerlach <matthew.gerlach@...ux.intel.com>
> > 
> > Add generic support for MSIX interrupts for DFL devices.
> 

...

> 
> > +int dfhv1_find_param(void __iomem *base, resource_size_t max, int param)
> > +{
> > +	int off = DFHv1_PARAM_HDR;
> > +	u64 v, next;
> > +
> > +	while (off < max) {
> > +		v = readq(base + off);
> > +		if (param == FIELD_GET(DFHv1_PARAM_HDR_ID, v))
> 
> > +			return (DFHv1_PARAM_DATA + off);
> 
> Too many parentheses.
> 
> > +
> > +		next = FIELD_GET(DFHv1_PARAM_HDR_NEXT_OFFSET, v);
> > +		if (!next)
> > +			break;
> > +
> > +		off += next;
> > +	}
> > +
> > +	return -ENOENT;
> > +}
> 
> The entire function seems a bit dangerous to me. You can ask for any max which
> covers (up to) 64-bit address space and then do MMIO by basically arbitrary
> address. How do you protect against wrong MMIO window here? (This is FPGA, so
> anything can be read from HW, i.o.w. it's _untrusted_ source of the data.)
> 
> Also, have you tested this with IOMMU enabled? How do they work together (if
> there is any collision at all between two?)

Yeah, again I don't think this API is good to be used across modules,
even if the parameters got checked. It requires too much details for
other domain developers.

How about:

  dfl_find_param(struct dfl_device *ddev, int param_id)

Thanks,
Yilun

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ