lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <4d459714-734b-4cee-8ce6-d6abb9cff220@ancud.ru>
Date: Fri, 15 Mar 2024 22:40:35 +0300
From: Nikita Kiryushin <kiryushin@...ud.ru>
To: linux-scsi@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, Lee Duncan <lduncan@...e.com>,
 "James E.J. Bottomley" <jejb@...ux.ibm.com>,
 "Martin K. Petersen" <martin.petersen@...cle.com>
Subject: ida_alloc result as scsi host_no

Hi all,

Today I was reading documentation on struct Scsi_Host,
as I was interested in possible values for host_no.

The documentation says that:
 > host_no - system wide unique number that is used for
identifying this host. Issued in ascending order from 0.

In the code (scsi/hosts.c: scsi_host_alloc()) host_no is set
as non-error result of ida_alloc() call (as added in
Commit 126a4fe010fd ("scsi: Use ida for host number management")
with a good reason of reusing invalidated host_no ids).

My question is about implications of using ida_alloc().
As I understand, ida does not guarantee the order of id issuing,
only that id is unclaimed in the pool and is within limits (which is
0 - INT_MAX for ida_alloc). Given that, my questions are:

1) Should it be mentioned in the documentation, that host_no is now
reclaimable? The current wording is not clear about it;

2) The documentation mentions
 > sh_list - a double linked list of pointers to all struct Scsi_Host
instances (currently ordered by ascending host_no)
I could not find what it would be now in the code, but it seems that
maintaining such a thing ordered should be a little less trivial with
reclaimable ids;

3) Does ida_alloc() ensure ascending order? Is there a possibility
of some new-more-effective ida implementation in the future,
that honors id uniqueness and limits, but does not guarantee
any particular ordering of id issuing? If it is possible, what would it break?

4) Should host_no really be limited only by int capacity (as it is now)
or maybe some additional limits would make sense?
There is at least one case in the current code with a buffer overrun
if huge host_no is used (which led me to the research on host_no).

Any clarification on the matter would be appreciated!

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ