lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <24d9dd82485fc058abddc31bd31a041926d7a905.camel@gmail.com>
Date:   Fri, 24 Feb 2023 08:05:01 +0100
From:   Miko Larsson <mikoxyzzz@...il.com>
To:     Weichen Chen <weichen.chen@...iatek.com>, yt.shen@...iatek.com,
        darren.chen@...iatek.com, keescook@...omium.org,
        tony.luck@...el.com, angelogioacchino.delregno@...labora.com,
        matthias.bgg@...il.com, gpiccoli@...lia.com,
        linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 1/1] pstore/ram: Fix crash when setting number of
 cpus to an odd number

On Fri, 2023-02-24 at 10:36 +0800, Weichen Chen wrote:
> When the number of cpu cores is adjusted to 7 or other odd numbers,
> the zone size will become an odd number.
> The address of the zone will become:
>     addr of zone0 = BASE
>     addr of zone1 = BASE + zone_size
>     addr of zone2 = BASE + zone_size*2
>     ...
> The address of zone1/3/5/7 will be mapped to non-alignment va.
> Eventually crashes will occur when accessing these va.
> 
> So, use ALIGN_DOWN() to make sure the zone size is even
> to avoid this bug.
> 
> Signed-off-by: Weichen Chen <weichen.chen@...iatek.com>
> ---
>  fs/pstore/ram.c | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/fs/pstore/ram.c b/fs/pstore/ram.c
> index ade66dbe5f39..fc57ac97e506 100644
> --- a/fs/pstore/ram.c
> +++ b/fs/pstore/ram.c
> @@ -528,6 +528,7 @@ static int ramoops_init_przs(const char *name,
>         }
>  
>         zone_sz = mem_sz / *cnt;
> +       zone_sz = ALIGN_DOWN(zone_sz, 2);
>         if (!zone_sz) {
>                 dev_err(dev, "%s zone size == 0\n", name);
>                 goto fail;

Might want to Cc this to the stable mailing list.
-- 
~miko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ