| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <874jslqk4x.fsf@ubik.fi.intel.com>
Date: Fri, 20 Jan 2023 17:51:42 +0200
From: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
To: "Michael S. Tsirkin" <mst@...hat.com>
Cc: jasowang@...hat.com, virtualization@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org, elena.reshetova@...el.com,
kirill.shutemov@...ux.intel.com, Andi Kleen <ak@...ux.intel.com>,
Amit Shah <amit@...nel.org>, Arnd Bergmann <arnd@...db.de>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
alexander.shishkin@...ux.intel.com
Subject: Re: [PATCH v1 1/6] virtio console: Harden multiport against invalid
host input
"Michael S. Tsirkin" <mst@...hat.com> writes:
> Weird. Don't we already check for that?
>
> /* Don't test MULTIPORT at all if we're rproc: not a valid feature! */
> if (!is_rproc_serial(vdev) &&
> virtio_cread_feature(vdev, VIRTIO_CONSOLE_F_MULTIPORT,
> struct virtio_console_config, max_nr_ports,
> &portdev->max_nr_ports) == 0) {
> if (portdev->max_nr_ports == 0 ||
> portdev->max_nr_ports > VIRTCONS_MAX_PORTS) {
> dev_err(&vdev->dev,
> "Invalidate max_nr_ports %d",
> portdev->max_nr_ports);
> err = -EINVAL;
> goto free;
> }
> multiport = true;
> }
Yes, I missed this earlier. I'll drop this patch.
Thanks,
--
Alex
Powered by blists - more mailing lists