lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20240102152046.111961-1-ytcoode@gmail.com>
Date: Tue,  2 Jan 2024 23:20:46 +0800
From: Yuntao Wang <ytcoode@...il.com>
To: bhe@...hat.com
Cc: akpm@...ux-foundation.org,
	bp@...en8.de,
	dave.hansen@...ux.intel.com,
	dyoung@...hat.com,
	hbathini@...ux.ibm.com,
	hpa@...or.com,
	kexec@...ts.infradead.org,
	linux-kernel@...r.kernel.org,
	mingo@...hat.com,
	seanjc@...gle.com,
	tglx@...utronix.de,
	tiwai@...e.de,
	vgoyal@...hat.com,
	x86@...nel.org,
	ytcoode@...il.com
Subject: Re: [PATCH] crash_core: optimize crash_exclude_mem_range()

On Sat, 30 Dec 2023 18:28:06 +0800, Baoquan He <bhe@...hat.com> wrote:

> On 12/29/23 at 12:10pm, Andrew Morton wrote:
> > On Wed, 20 Dec 2023 00:34:18 +0800 Yuntao Wang <ytcoode@...il.com> wrote:
> > 
> > > Because memory ranges in mem->ranges are stored in ascending order, when we
> > > detect `p_end < start`, we can break the for loop early, as the subsequent
> > > memory ranges must also be outside the range we are looking for.
> > > 
> > > Signed-off-by: Yuntao Wang <ytcoode@...il.com>
> > > ---
> > > Hi Andrew,
> > > 
> > > Patch "[PATCH 2/2] crash_core: fix out-of-bounds access check in
> > > crash_exclude_mem_range()" can be ignored, use this patch instead.
> > > 
> > 
> > Some reviewer input on this would be helpful please?
> 
> 
> I suggested this in below discussion thread:
> https://lore.kernel.org/all/ZYEOshALGbDKwSdc@MiWiFi-R3L-srv/T/#u
> 
> So it would be good if squashing this into patch 3 of another patch
> thread you are asking:
> [PATCH 3/3] crash_core: fix and simplify the logic of crash_exclude_mem_range()
>

Hi all,

I've squashed this patch into the patch:

[PATCH 3/3] crash_core: fix and simplify the logic of crash_exclude_mem_range()

The link to the new patch is:

https://lore.kernel.org/lkml/20240102144905.110047-1-ytcoode@gmail.com/t/#m255d0d26148f2b384f6b7ab77eb38edf3f1bc0df

> And I would suggest withdrawing Yuntao's below patch on your
> mm-nonmm-unstable branch.
> 
> 961c69e9f1bf x86/crash: fix potential cmem->ranges array overflow
> 
> Becase there's better one to fix the potential oob from fuqiang,
> although fuqiang need improve his patch log.
> 
> [PATCH v3] x86/kexec: fix potential cmem->ranges out of bounds
> https://lore.kernel.org/all/20231222121855.148215-1-fuqiang.wang@easystack.cn/T/#u
>

I'm okay with that.

> > 
> > > --- a/kernel/crash_core.c
> > > +++ b/kernel/crash_core.c
> > > @@ -575,9 +575,12 @@ int crash_exclude_mem_range(struct crash_mem *mem,
> > >  		p_start = mstart;
> > >  		p_end = mend;
> > >  
> > > -		if (p_start > end || p_end < start)
> > > +		if (p_start > end)
> > >  			continue;
> > >  
> > > +		if (p_end < start)
> > > +			break;
> > > +
> > >  		/* Truncate any area outside of range */
> > >  		if (p_start < start)
> > >  			p_start = start;
> > > -- 
> > > 2.43.0
> > 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ