| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMkAt6q_E-+VV=KOs9LbDzawirWR7M4xL2pCF9fR2kMuBuFM-A@mail.gmail.com>
Date: Tue, 10 Jan 2023 09:44:31 -0700
From: Peter Gonda <pgonda@...gle.com>
To: Tom Lendacky <thomas.lendacky@....com>
Cc: kvm@...r.kernel.org, Andy Nguyen <theflow@...gle.com>,
David Rientjes <rientjes@...gle.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Sean Christopherson <seanjc@...gle.com>,
stable@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] KVM: sev: Fix int overflow in send|recieve_update_data ioctls
> >
> > diff --git a/arch/x86/kvm/svm/sev.c b/arch/x86/kvm/svm/sev.c
> > index 273cba809328..9451de72f917 100644
> > --- a/arch/x86/kvm/svm/sev.c
> > +++ b/arch/x86/kvm/svm/sev.c
> > @@ -1294,7 +1294,7 @@ static int sev_send_update_data(struct kvm *kvm, struct kvm_sev_cmd *argp)
> >
> > /* Check if we are crossing the page boundary */
> > offset = params.guest_uaddr & (PAGE_SIZE - 1);
> > - if ((params.guest_len + offset > PAGE_SIZE))
> > + if (params.guest_len > PAGE_SIZE || (params.guest_len + offset > PAGE_SIZE))
>
> I see the original if statement had double parentheses, which looks
> strange. Should this if (and the one below) be:
>
> if (params.guest_len > PAGE_SIZE || (params.guest_len + offset) > PAGE_SIZE)
Isn't the order of operations here: '+' and then '>'. So is the patch
correct and matches the old conditional? I am fine adding additional
() for clarity though.
Powered by blists - more mailing lists