| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260112025556-mutt-send-email-mst@kernel.org> Date: Mon, 12 Jan 2026 02:56:55 -0500 From: "Michael S. Tsirkin" <mst@...hat.com> To: Eugenio Perez Martin <eperezma@...hat.com> Cc: linux-kernel@...r.kernel.org, virtualization@...ts.linux.dev, Maxime Coquelin <mcoqueli@...hat.com>, Laurent Vivier <lvivier@...hat.com>, Cindy Lu <lulu@...hat.com>, jasowang@...hat.com, Xuan Zhuo <xuanzhuo@...ux.alibaba.com>, Stefano Garzarella <sgarzare@...hat.com>, Yongji Xie <xieyongji@...edance.com> Subject: Re: [PATCH v11 04/12] vhost: move vdpa group bound check to vhost_vdpa On Mon, Jan 12, 2026 at 08:38:26AM +0100, Eugenio Perez Martin wrote: > On Sun, Jan 11, 2026 at 12:46 AM Michael S. Tsirkin <mst@...hat.com> wrote: > > > > On Fri, Jan 09, 2026 at 04:24:22PM +0100, Eugenio Pérez wrote: > > > Remove duplication by consolidating these here. This reduces the > > > posibility of a parent driver missing them. > > > > > > Signed-off-by: Eugenio Pérez <eperezma@...hat.com> > > > --- > > > drivers/vdpa/mlx5/net/mlx5_vnet.c | 3 --- > > > drivers/vdpa/vdpa_sim/vdpa_sim.c | 6 ------ > > > drivers/vhost/vdpa.c | 2 +- > > > 3 files changed, 1 insertion(+), 10 deletions(-) > > > > > > diff --git a/drivers/vdpa/mlx5/net/mlx5_vnet.c b/drivers/vdpa/mlx5/net/mlx5_vnet.c > > > index ddaa1366704b..44062e9d68f0 100644 > > > --- a/drivers/vdpa/mlx5/net/mlx5_vnet.c > > > +++ b/drivers/vdpa/mlx5/net/mlx5_vnet.c > > > @@ -3640,9 +3640,6 @@ static int mlx5_set_group_asid(struct vdpa_device *vdev, u32 group, > > > struct mlx5_vdpa_dev *mvdev = to_mvdev(vdev); > > > int err = 0; > > > > > > - if (group >= MLX5_VDPA_NUMVQ_GROUPS) > > > - return -EINVAL; > > > - > > > mvdev->mres.group2asid[group] = asid; > > > > > > mutex_lock(&mvdev->mres.lock); > > > diff --git a/drivers/vdpa/vdpa_sim/vdpa_sim.c b/drivers/vdpa/vdpa_sim/vdpa_sim.c > > > index c1c6431950e1..df9c7ddc5d78 100644 > > > --- a/drivers/vdpa/vdpa_sim/vdpa_sim.c > > > +++ b/drivers/vdpa/vdpa_sim/vdpa_sim.c > > > @@ -606,12 +606,6 @@ static int vdpasim_set_group_asid(struct vdpa_device *vdpa, unsigned int group, > > > struct vhost_iotlb *iommu; > > > int i; > > > > > > - if (group > vdpasim->dev_attr.ngroups) > > > - return -EINVAL; > > > - > > > > BTW is the original ">" here an off by one error? Should have been >= ? > > if yes then this is a kind of bugfix and maybe needs a fixes tag. > > > > Ouch that's a good catch, thanks! Do you prefer me to mark this patch > as "Fixes:" and send it for backporting to stable to or to create a > new patch just adding the ">=" and then moving the check to the vdpa > core on top? It seems adequate to just send this to backporting. Do document that this is a fix in the commit log though. > > > - if (asid >= vdpasim->dev_attr.nas) > > > - return -EINVAL; > > > - > > > iommu = &vdpasim->iommu[asid]; > > > > > > mutex_lock(&vdpasim->mutex); > > > diff --git a/drivers/vhost/vdpa.c b/drivers/vhost/vdpa.c > > > index 05a481e4c385..9d25b735b43d 100644 > > > --- a/drivers/vhost/vdpa.c > > > +++ b/drivers/vhost/vdpa.c > > > @@ -680,7 +680,7 @@ static long vhost_vdpa_vring_ioctl(struct vhost_vdpa *v, unsigned int cmd, > > > case VHOST_VDPA_SET_GROUP_ASID: > > > if (copy_from_user(&s, argp, sizeof(s))) > > > return -EFAULT; > > > - if (s.num >= vdpa->nas) > > > + if (idx >= vdpa->ngroups || s.num >= vdpa->nas) > > > return -EINVAL; > > > if (!ops->set_group_asid) > > > return -EOPNOTSUPP; > > > -- > > > 2.52.0 > >
Powered by blists - more mailing lists