lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191108110456.GH6990@nanopsycho>
Date:   Fri, 8 Nov 2019 12:04:56 +0100
From:   Jiri Pirko <jiri@...nulli.us>
To:     Parav Pandit <parav@...lanox.com>
Cc:     alex.williamson@...hat.com, davem@...emloft.net,
        kvm@...r.kernel.org, netdev@...r.kernel.org, saeedm@...lanox.com,
        kwankhede@...dia.com, leon@...nel.org, cohuck@...hat.com,
        jiri@...lanox.com, linux-rdma@...r.kernel.org
Subject: Re: [PATCH net-next 07/19] vfio/mdev: Introduce sha1 based mdev alias

Thu, Nov 07, 2019 at 05:08:22PM CET, parav@...lanox.com wrote:
>Some vendor drivers want an identifier for an mdev device that is
>shorter than the UUID, due to length restrictions in the consumers of
>that identifier.
>
>Add a callback that allows a vendor driver to request an alias of a
>specified length to be generated for an mdev device. If generated,
>that alias is checked for collisions.
>
>It is an optional attribute.
>mdev alias is generated using sha1 from the mdev name.
>
>Reviewed-by: Saeed Mahameed <saeedm@...lanox.com>
>Signed-off-by: Parav Pandit <parav@...lanox.com>
>---
> drivers/vfio/mdev/mdev_core.c    | 123 ++++++++++++++++++++++++++++++-
> drivers/vfio/mdev/mdev_private.h |   5 +-
> drivers/vfio/mdev/mdev_sysfs.c   |  13 ++--
> include/linux/mdev.h             |   4 +
> 4 files changed, 135 insertions(+), 10 deletions(-)
>
>diff --git a/drivers/vfio/mdev/mdev_core.c b/drivers/vfio/mdev/mdev_core.c
>index b558d4cfd082..3bdff0469607 100644
>--- a/drivers/vfio/mdev/mdev_core.c
>+++ b/drivers/vfio/mdev/mdev_core.c
>@@ -10,9 +10,11 @@

[...]


>-int mdev_device_create(struct kobject *kobj,
>-		       struct device *dev, const guid_t *uuid)
>+static const char *
>+generate_alias(const char *uuid, unsigned int max_alias_len)
>+{
>+	struct shash_desc *hash_desc;
>+	unsigned int digest_size;
>+	unsigned char *digest;
>+	unsigned int alias_len;
>+	char *alias;
>+	int ret;
>+
>+	/*
>+	 * Align to multiple of 2 as bin2hex will generate
>+	 * even number of bytes.
>+	 */
>+	alias_len = roundup(max_alias_len, 2);

This is odd, see below.


>+	alias = kzalloc(alias_len + 1, GFP_KERNEL);
>+	if (!alias)
>+		return ERR_PTR(-ENOMEM);
>+
>+	/* Allocate and init descriptor */
>+	hash_desc = kvzalloc(sizeof(*hash_desc) +
>+			     crypto_shash_descsize(alias_hash),
>+			     GFP_KERNEL);
>+	if (!hash_desc) {
>+		ret = -ENOMEM;
>+		goto desc_err;
>+	}
>+
>+	hash_desc->tfm = alias_hash;
>+
>+	digest_size = crypto_shash_digestsize(alias_hash);
>+
>+	digest = kzalloc(digest_size, GFP_KERNEL);
>+	if (!digest) {
>+		ret = -ENOMEM;
>+		goto digest_err;
>+	}
>+	ret = crypto_shash_init(hash_desc);
>+	if (ret)
>+		goto hash_err;
>+
>+	ret = crypto_shash_update(hash_desc, uuid, UUID_STRING_LEN);
>+	if (ret)
>+		goto hash_err;
>+
>+	ret = crypto_shash_final(hash_desc, digest);
>+	if (ret)
>+		goto hash_err;
>+
>+	bin2hex(alias, digest, min_t(unsigned int, digest_size, alias_len / 2));
>+	/*
>+	 * When alias length is odd, zero out an additional last byte
>+	 * that bin2hex has copied.
>+	 */
>+	if (max_alias_len % 2)
>+		alias[max_alias_len] = 0;
>+
>+	kfree(digest);
>+	kvfree(hash_desc);
>+	return alias;
>+
>+hash_err:
>+	kfree(digest);
>+digest_err:
>+	kvfree(hash_desc);
>+desc_err:
>+	kfree(alias);
>+	return ERR_PTR(ret);
>+}
>+
>+int mdev_device_create(struct kobject *kobj, struct device *dev,
>+		       const char *uuid_str, const guid_t *uuid)
> {
> 	int ret;
> 	struct mdev_device *mdev, *tmp;
> 	struct mdev_parent *parent;
> 	struct mdev_type *type = to_mdev_type(kobj);
>+	const char *alias = NULL;
> 
> 	parent = mdev_get_parent(type->parent);
> 	if (!parent)
> 		return -EINVAL;
> 
>+	if (parent->ops->get_alias_length) {
>+		unsigned int alias_len;
>+
>+		alias_len = parent->ops->get_alias_length();
>+		if (alias_len) {

I think this should be with WARN_ON. Driver should not never return such
0 and if it does, it's a bug.

Also I think this check should be extended by checking value is multiple
of 2. Then you can avoid the roundup() above. No need to allow even len.


>+			alias = generate_alias(uuid_str, alias_len);
>+			if (IS_ERR(alias)) {
>+				ret = PTR_ERR(alias);
>+				goto alias_fail;
>+			}
>+		}
>+	}
> 	mutex_lock(&mdev_list_lock);
> 
> 	/* Check for duplicate */


[...]

>diff --git a/drivers/vfio/mdev/mdev_sysfs.c b/drivers/vfio/mdev/mdev_sysfs.c
>index 7570c7602ab4..43afe0e80b76 100644
>--- a/drivers/vfio/mdev/mdev_sysfs.c
>+++ b/drivers/vfio/mdev/mdev_sysfs.c
>@@ -63,15 +63,18 @@ static ssize_t create_store(struct kobject *kobj, struct device *dev,
> 		return -ENOMEM;
> 
> 	ret = guid_parse(str, &uuid);
>-	kfree(str);
> 	if (ret)
>-		return ret;
>+		goto err;
> 
>-	ret = mdev_device_create(kobj, dev, &uuid);
>+	ret = mdev_device_create(kobj, dev, str, &uuid);

Why to pass the same thing twice? Move the guid_parse() call to the
beginning of mdev_device_create() function.


> 	if (ret)
>-		return ret;
>+		goto err;
> 
>-	return count;
>+	ret = count;
>+
>+err:
>+	kfree(str);
>+	return ret;
> }
> 
> MDEV_TYPE_ATTR_WO(create);

[...]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ