lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID:
 <DM6PR12MB553486995EB0AEC62777CE0AC7A32@DM6PR12MB5534.namprd12.prod.outlook.com>
Date: Wed, 17 Jul 2024 17:53:35 +0000
From: David Thompson <davthompson@...dia.com>
To: "bp@...en8.de" <bp@...en8.de>, "tony.luck@...el.com"
	<tony.luck@...el.com>, "james.morse@....com" <james.morse@....com>,
	"mchehab@...nel.org" <mchehab@...nel.org>, "rric@...nel.org"
	<rric@...nel.org>
CC: Shravan Ramani <shravankr@...dia.com>, "linux-edac@...r.kernel.org"
	<linux-edac@...r.kernel.org>, "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: RE: [PATCH v1] EDAC/bluefield - fix potential integer overflow

> -----Original Message-----
> From: David Thompson <davthompson@...dia.com>
> Sent: Tuesday, June 11, 2024 6:30 PM
> To: bp@...en8.de; tony.luck@...el.com; james.morse@....com;
> mchehab@...nel.org; rric@...nel.org
> Cc: Shravan Ramani <shravankr@...dia.com>; linux-edac@...r.kernel.org; linux-
> kernel@...r.kernel.org; David Thompson <davthompson@...dia.com>
> Subject: [PATCH v1] EDAC/bluefield - fix potential integer overflow
> 
> The 64-bit argument for the "get DIMM info" SMC call consists of "mem_ctrl_idx"
> left-shifted 16 bits and OR-ed with DIMM index.
> With "mem_ctrl_idx" defined as 32-bits wide the left-shift operation truncates
> the upper 16 bits of information during the calculation of the SMC argument. The
> "mem_ctrl_idx" stack variable must be defined as 64-bits wide to prevent any
> potential integer overflow, i.e. loss of data from upper 16 bits.
> 
> Fixes: 82413e562ea6 ("EDAC, mellanox: Add ECC support for BlueField DDR4")
> Reviewed-by: Shravan Kumar Ramani <shravankr@...dia.com>
> Signed-off-by: David Thompson <davthompson@...dia.com>
> ---
>  drivers/edac/bluefield_edac.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/edac/bluefield_edac.c b/drivers/edac/bluefield_edac.c index
> 5b3164560648..0e539c107351 100644
> --- a/drivers/edac/bluefield_edac.c
> +++ b/drivers/edac/bluefield_edac.c
> @@ -180,7 +180,7 @@ static void bluefield_edac_check(struct mem_ctl_info
> *mci)  static void bluefield_edac_init_dimms(struct mem_ctl_info *mci)  {
>  	struct bluefield_edac_priv *priv = mci->pvt_info;
> -	int mem_ctrl_idx = mci->mc_idx;
> +	u64 mem_ctrl_idx = mci->mc_idx;
>  	struct dimm_info *dimm;
>  	u64 smc_info, smc_arg;
>  	int is_empty = 1, i;
> --
> 2.30.1

Hello, I'm reaching out to check in on the status of this patch.  

Please let me know if you have any questions, concerns with
the patch, or have changes you would like me to make.

Thank you for your time.

Regards, Dave

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ