lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 14 Aug 2023 20:15:47 +0000
From:   "Michael Kelley (LINUX)" <mikelley@...rosoft.com>
To:     "Michael Kelley (LINUX)" <mikelley@...rosoft.com>,
        Saurabh Singh Sengar <ssengar@...rosoft.com>,
        Saurabh Sengar <ssengar@...ux.microsoft.com>,
        KY Srinivasan <kys@...rosoft.com>,
        Haiyang Zhang <haiyangz@...rosoft.com>,
        "wei.liu@...nel.org" <wei.liu@...nel.org>,
        Dexuan Cui <decui@...rosoft.com>
CC:     "linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH] hv: hyperv.h: Replace one-element array with
 flexible-array member

From: Michael Kelley (LINUX) <mikelley@...rosoft.com> Sent: Monday, August 14, 2023 1:10 PM
> From: Saurabh Singh Sengar <ssengar@...rosoft.com> Sent: Tuesday, August 8, 2023 2:49 AM
> >

[snip]

> >
> > Thanks for your comment, I wanted to have this discussion.
> >
> > Before sending this patch, I was contemplating whether or not to make this change.
> > Through my analysis, I arrived at the conclusion that the initial validation code
> > wasn't entirely accurate. And with the proposed changes it gets more accurate.
> > IMHO it is more accurate to exclude the size of 'ranges' in the header.
> >
> > With my limited understanding of this driver,  the current "header size validation"
> > is only to make sure that header is correct. So, that we fetch the range_cnt and
> > xfer_pageset_id correctly from it. For this to be done I don't find any reason
> > to include the size of ranges in this check. With inclusion of ranges we are
> > checking the first 'struct vmtransfer_page_range' size as well which is not required
> > for fetching above two values.
> >
> > Once we have the count of ranges we will anyway check the sanity of ranges with
> > NETVSC_XFER_HEADER_SIZE. This will check "count * (struct vmtransfer_page_range)"
> > Which is present few lines after.
> >
> > For a ranges count = 1, I don't see there is any difference between both the checks as
> > of today.
> >
> > Please let me know you opinion if you don't find my explanation reasonable.
> >
> > I don't see any other place this structure's size change will affect.
> >
> 
> Got it.  I have now carefully looked at the netvsc_receive() code myself,
> and I agree with you.  With the 1 element array, the validation in
> netvsc_receive() could have generated a false positive if the range_cnt
> is zero.  But I don't think a zero range_cnt ever happens, so the
> false positive never happens.  With the change to use a flexible array,
> the validation is now correct even with a range_cnt of zero.
> 
> Please add a note to the commit message for this patch:  The validation
> code in the netvsc driver is affected by changing the struct size, but the
> effects have been examined and have been determined to be appropriate.
> 

One other thought:  Could this change affect user space DPDK code that
is processing netvsc packets?

Michael

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ