lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: 
 <MW4PR18MB5244717F7C793D18B402BBA0A6DD2@MW4PR18MB5244.namprd18.prod.outlook.com>
Date: Wed, 3 Jul 2024 16:30:32 +0000
From: Vamsi Krishna Attunuru <vattunuru@...vell.com>
To: Greg KH <gregkh@...uxfoundation.org>
CC: "arnd@...db.de" <arnd@...db.de>, Jerin Jacob <jerinj@...vell.com>,
        Srujana
 Challa <schalla@...vell.com>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: RE: [EXTERNAL] Re: [PATCH v9 1/1] misc: mrvl-cn10k-dpi: add Octeon
 CN10K DPI administrative driver



>-----Original Message-----
>From: Greg KH <gregkh@...uxfoundation.org>
>Sent: Wednesday, July 3, 2024 8:03 PM
>To: Vamsi Krishna Attunuru <vattunuru@...vell.com>
>Cc: arnd@...db.de; Jerin Jacob <jerinj@...vell.com>; Srujana Challa
><schalla@...vell.com>; linux-kernel@...r.kernel.org
>Subject: [EXTERNAL] Re: [PATCH v9 1/1] misc: mrvl-cn10k-dpi: add Octeon
>CN10K DPI administrative driver
>
>On Wed, Jun 19, 2024 at 06: 21: 09AM -0700, Vamsi Attunuru wrote: > +struct
>dpi_mps_mrrs_cfg { > + __u16 max_read_req_sz; /* Max read request size */
>> + __u16 max_payload_sz; /* Max payload size */ > + __u16 port; /* Ebus
>port */ 
>On Wed, Jun 19, 2024 at 06:21:09AM -0700, Vamsi Attunuru wrote:
>> +struct dpi_mps_mrrs_cfg {
>> +	__u16 max_read_req_sz; /* Max read request size */
>> +	__u16 max_payload_sz;  /* Max payload size */
>> +	__u16 port; /* Ebus port */
>> +	__u16 rsvd; /* Reserved */
>
>Please spell out "reserved" you have plenty of characters to use.
>
>Anyway, you NEVER check this, so you just made it so it can never be used.
>Please read the documentation in the kernel for how to add new ioctls, it goes
>through the reasoning why you must check this for 0 now.

Thanks for the comment, I presumed the reasoning is mainly for the copy to use space direction.
I will rename it & add the required checks to avoid any info leak.

Regards
Vamsi

>
>thanks,
>
>greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ