| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <b7efba7a-0948-4b54-93cf-d676f9d5ea30@redhat.com>
Date: Mon, 23 Oct 2023 09:35:24 +0200
From: Maxime Coquelin <maxime.coquelin@...hat.com>
To: Casey Schaufler <casey@...aufler-ca.com>, mst@...hat.com,
jasowang@...hat.com, xuanzhuo@...ux.alibaba.com,
paul@...l-moore.com, jmorris@...ei.org, serge@...lyn.com,
stephen.smalley.work@...il.com, eparis@...isplace.org,
xieyongji@...edance.com, virtualization@...ts.linux-foundation.org,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org, selinux@...r.kernel.org,
david.marchand@...hat.com, lulu@...hat.com
Subject: Re: [PATCH v4 1/4] vduse: validate block features only with block
devices
On 10/21/23 00:07, Casey Schaufler wrote:
> On 10/20/2023 8:58 AM, Maxime Coquelin wrote:
>> This patch is preliminary work to enable network device
>> type support to VDUSE.
>>
>> As VIRTIO_BLK_F_CONFIG_WCE shares the same value as
>> VIRTIO_NET_F_HOST_TSO4, we need to restrict its check
>> to Virtio-blk device type.
>>
>> Acked-by: Jason Wang <jasowang@...hat.com>
>> Reviewed-by: Xie Yongji <xieyongji@...edance.com>
>> Signed-off-by: Maxime Coquelin <maxime.coquelin@...hat.com>
>> ---
>> drivers/vdpa/vdpa_user/vduse_dev.c | 9 +++++----
>> 1 file changed, 5 insertions(+), 4 deletions(-)
>>
>> diff --git a/drivers/vdpa/vdpa_user/vduse_dev.c b/drivers/vdpa/vdpa_user/vduse_dev.c
>> index df7869537ef1..5b3879976b3d 100644
>> --- a/drivers/vdpa/vdpa_user/vduse_dev.c
>> +++ b/drivers/vdpa/vdpa_user/vduse_dev.c
>> @@ -1662,13 +1662,14 @@ static bool device_is_allowed(u32 device_id)
>> return false;
>> }
>>
>> -static bool features_is_valid(u64 features)
>> +static bool features_is_valid(struct vduse_dev_config *config)
>
> This should either be features_are_valid() or feature_is_valid().
> Correct pluralization is important in the English language.
Indeed, I will change to features_are_valid() in next revision.
Thanks,
Maxime
>> {
>> - if (!(features & (1ULL << VIRTIO_F_ACCESS_PLATFORM)))
>> + if (!(config->features & (1ULL << VIRTIO_F_ACCESS_PLATFORM)))
>> return false;
>>
>> /* Now we only support read-only configuration space */
>> - if (features & (1ULL << VIRTIO_BLK_F_CONFIG_WCE))
>> + if ((config->device_id == VIRTIO_ID_BLOCK) &&
>> + (config->features & (1ULL << VIRTIO_BLK_F_CONFIG_WCE)))
>> return false;
>>
>> return true;
>> @@ -1695,7 +1696,7 @@ static bool vduse_validate_config(struct vduse_dev_config *config)
>> if (!device_is_allowed(config->device_id))
>> return false;
>>
>> - if (!features_is_valid(config->features))
>> + if (!features_is_valid(config))
>> return false;
>>
>> return true;
>
Powered by blists - more mailing lists