lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <a97feb03-7bd6-2dd0-d22b-ebeda9895dd1@amd.com>
Date: Mon, 24 Jun 2024 15:33:46 +0530
From: "Nikunj A. Dadhania" <nikunj@....com>
To: Borislav Petkov <bp@...en8.de>
Cc: linux-kernel@...r.kernel.org, thomas.lendacky@....com, x86@...nel.org,
 kvm@...r.kernel.org, mingo@...hat.com, tglx@...utronix.de,
 dave.hansen@...ux.intel.com, pgonda@...gle.com, seanjc@...gle.com,
 pbonzini@...hat.com
Subject: Re: [PATCH v9 03/24] virt: sev-guest: Make payload a variable length
 array



On 6/24/2024 11:41 AM, Borislav Petkov wrote:
> On Sun, Jun 23, 2024 at 09:46:09PM +0530, Nikunj A. Dadhania wrote:
>> Yes, payload was earlier fixed at 4000 bytes, without considering the size
>> of snp_guest_msg.
> 
> Sorry, you'd need to try explaining this again. Who wasn't considering the
> size of snp_guest_msg?

Sorry, I meant snp_guest_msg_hdr here.

snp_guest_msg includes header and payload. There is an implicit assumption 
that the snp_guest_msg_hdr will always be 96 bytes, and with that assumption 
the payload array size is set to 4000 bytes magic number. 


> AFAICT, the code currently does sizeof(struct snp_guest_msg) which contains
> both the header *and* the payload.
> 
> What could help is if you structure your commit message this way:

How about the below commit message:

-----------------------------------------------------------------------
Currently, snp_guest_msg includes a message header (96 bytes) and a
payload (4000 bytes). There is an implicit assumption here that the SNP
message header will always be 96 bytes, and with that assumption the
payload array size has been set to 4000 bytes magic number. If any new
member is added to the SNP message header, the SNP guest message will
span more than a page.

Instead of using magic number '4000' for the payload array in the
snp_guest_msg structure, use a variable length array for payload. Allocate 
snp_guest_msg of constant size (SNP_GUEST_MSG_SIZE=4096). This will ensure
that message size won't grow beyond the page size even if the message header
size increases. Also, add SNP_GUEST_MSG_PAYLOAD_SIZE for checking buffer
over runs.

While at it, rename the local guest message variables for clarity.
-----------------------------------------------------------------------

Regards
Nikunj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ