lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260105100547.287332-1-john.g.garry@oracle.com>
Date: Mon,  5 Jan 2026 10:05:43 +0000
From: John Garry <john.g.garry@...cle.com>
To: chenhuacai@...nel.org, kernel@...0n.name, jiaxun.yang@...goat.com,
        tsbogend@...ha.franken.de, tglx@...utronix.de, mingo@...hat.com,
        bp@...en8.de, dave.hansen@...ux.intel.com, hpa@...or.com,
        luto@...nel.org, peterz@...radead.org, arnd@...db.de, x86@...nel.org
Cc: loongarch@...ts.linux.dev, linux-kernel@...r.kernel.org,
        linux-mips@...r.kernel.org, linux-arch@...r.kernel.org,
        vulab@...as.ac.cn, gregkh@...uxfoundation.org, rafael@...nel.org,
        dakr@...nel.org, John Garry <john.g.garry@...cle.com>
Subject: [PATCH 0/4] Make cpumask_of_node() robust against NUMA_NO_NODE

This series aims to remedy an issue that not all per-arch versions of
cpumask_of_node() are robust against NUMA_NO_NODE.

In my view, cpumask_of_node() should be able to handle NUMA_NO_NODE. This
is because NUMA_NO_NODE is a valid index from the following flow, where
the device NUMA node is not set (from default):

device_initialize(dev)
	set_dev_node(dev, NUMA_NO_NODE);

mask = cpumask_of_node(dev_to_node(dev));

The CONFIG_DEBUG_PER_CPU_MAPS=n x86 version cpumask_of_node() would
produce an array out-of-index issue (when passed NUMA_NO_NODE), which I
think is attempted to be worked around here:
https://lore.kernel.org/linux-scsi/cf0f9085-6c87-4dd5-9114-925723e68495@oracle.com/T/#mdedb68052e419b4bfca9ce45bb33b58988018945

I also see a CVE which also looks related:
https://nvd.nist.gov/vuln/detail/cve-2024-39277

Each per-arch version could be picked up separately, as can the
asm-generic change.

John Garry (4):
  include/asm-generic/topology.h: Remove unused definition of
    cpumask_of_node()
  LoongArch: Make cpumask_of_node() robust against NUMA_NO_NODE
  MIPS: Loongson: Make cpumask_of_node() robust against NUMA_NO_NODE
  x86/cpu/topology: Make cpumask_of_node() robust against NUMA_NO_NODE

 arch/loongarch/include/asm/topology.h            | 4 +++-
 arch/mips/include/asm/mach-loongson64/topology.h | 4 +++-
 arch/x86/include/asm/topology.h                  | 2 ++
 arch/x86/mm/numa.c                               | 2 ++
 include/asm-generic/topology.h                   | 8 ++------
 5 files changed, 12 insertions(+), 8 deletions(-)

-- 
2.43.5

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ