lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Sep 2022 20:16:59 -0300 From: Jason Gunthorpe <jgg@...dia.com> To: Alex Williamson <alex.williamson@...hat.com> Cc: joao.m.martins@...cle.com, Yishai Hadas <yishaih@...dia.com>, saeedm@...dia.com, kvm@...r.kernel.org, netdev@...r.kernel.org, kuba@...nel.org, kevin.tian@...el.com, leonro@...dia.com, maorg@...dia.com, cohuck@...hat.com Subject: Re: [PATCH V5 vfio 04/10] vfio: Add an IOVA bitmap support On Thu, Sep 01, 2022 at 02:36:25PM -0600, Alex Williamson wrote: > > Much of the bitmap helpers don't check that the offset is within the range > > of the passed ulong array. So I followed the same thinking and the > > caller is /provided/ with the range that the IOVA bitmap covers. The intention > > was minimizing the number of operations given that this function sits on the > > hot path. I can add this extra check. > > Maybe Jason can quote a standard here, audit the callers vs sanitize > the input. It'd certainly be fair even if the test were a BUG_ON since > it violates the defined calling conventions and we're not taking > arbitrary input, but it could also pretty easily and quietly go into > the weeds if we do nothing. Thanks, Nope, no consensus I know of But generally people avoid sanity checks on hot paths Linus will reject your merge request if you put a BUG_ON :) Turn on a check if kasn is on or something if you think it is really important? Jason
Powered by blists - more mailing lists