lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <PH0PR21MB302526F1483A6FC932AC55CFD7EE9@PH0PR21MB3025.namprd21.prod.outlook.com> Date: Fri, 15 Apr 2022 14:30:29 +0000 From: "Michael Kelley (LINUX)" <mikelley@...rosoft.com> To: Andrea Parri <parri.andrea@...il.com> CC: KY Srinivasan <kys@...rosoft.com>, Haiyang Zhang <haiyangz@...rosoft.com>, Stephen Hemminger <sthemmin@...rosoft.com>, Wei Liu <wei.liu@...nel.org>, Dexuan Cui <decui@...rosoft.com>, Stefano Garzarella <sgarzare@...hat.com>, David Miller <davem@...emloft.net>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, "linux-hyperv@...r.kernel.org" <linux-hyperv@...r.kernel.org>, "virtualization@...ts.linux-foundation.org" <virtualization@...ts.linux-foundation.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org> Subject: RE: [RFC PATCH 4/6] hv_sock: Initialize send_buf in hvs_stream_enqueue() From: Andrea Parri <parri.andrea@...il.com> Sent: Thursday, April 14, 2022 11:51 PM > > > > @@ -655,7 +655,7 @@ static ssize_t hvs_stream_enqueue(struct vsock_sock *vsk, > > > struct msghdr *msg, > > > > > > BUILD_BUG_ON(sizeof(*send_buf) != HV_HYP_PAGE_SIZE); > > > > > > - send_buf = kmalloc(sizeof(*send_buf), GFP_KERNEL); > > > + send_buf = kzalloc(sizeof(*send_buf), GFP_KERNEL); > > > > Is this change really needed? > > The idea was... > > > > All fields are explicitly initialized, and in the data > > array, only the populated bytes are copied to the ring buffer. There should not > > be any uninitialized values sent to the host. Zeroing the memory ahead of > > time certainly provides an extra protection (particularly against padding bytes, > > but there can't be any since the layout of the data is part of the protocol with > > Hyper-V). > > Rather than keeping checking that... The extra protection might be obtained by just zero'ing the header (i.e., the bytes up to the 16 Kbyte data array). I don't have a strong preference either way, so up to you. Michael > > > > It is expensive protection to zero out 16K+ bytes every time we send > > out a small message. > > Do this. ;-) > > Will drop the patch. > > Thanks, > Andrea
Powered by blists - more mailing lists