lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 21 Nov 2022 21:30:10 +0000 From: "Keller, Jacob E" <jacob.e.keller@...el.com> To: "Lobakin, Alexandr" <alexandr.lobakin@...el.com>, Andrew Lunn <andrew@...n.ch> CC: "Lobakin, Alexandr" <alexandr.lobakin@...el.com>, Maxim Korotkov <korotkov.maxim.s@...il.com>, "David S. Miller" <davem@...emloft.net>, "Eric Dumazet" <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, Guangbin Huang <huangguangbin2@...wei.com>, Tom Rix <trix@...hat.com>, Marco Bonelli <marco@...eim.net>, Edward Cree <ecree@...arflare.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "lvc-project@...uxtesting.org" <lvc-project@...uxtesting.org> Subject: RE: [PATCH] ethtool: avoiding integer overflow in ethtool_phys_id() > -----Original Message----- > From: Alexander Lobakin <alexandr.lobakin@...el.com> > Sent: Monday, November 21, 2022 7:03 AM > To: Andrew Lunn <andrew@...n.ch> > Cc: Lobakin, Alexandr <alexandr.lobakin@...el.com>; Maxim Korotkov > <korotkov.maxim.s@...il.com>; David S. Miller <davem@...emloft.net>; Eric > Dumazet <edumazet@...gle.com>; Jakub Kicinski <kuba@...nel.org>; Paolo > Abeni <pabeni@...hat.com>; Guangbin Huang > <huangguangbin2@...wei.com>; Tom Rix <trix@...hat.com>; Marco Bonelli > <marco@...eim.net>; Edward Cree <ecree@...arflare.com>; > netdev@...r.kernel.org; linux-kernel@...r.kernel.org; lvc- > project@...uxtesting.org > Subject: Re: [PATCH] ethtool: avoiding integer overflow in ethtool_phys_id() > > From: Andrew Lunn <andrew@...n.ch> > Date: Mon, 21 Nov 2022 15:10:18 +0100 > > > On Mon, Nov 21, 2022 at 10:56:18AM +0300, Maxim Korotkov wrote: > > > The value of an arithmetic expression "n * id.data" is subject > > > to possible overflow due to a failure to cast operands to a larger data > > > type before performing arithmetic. Added cast of first operand to u64 > > > for avoiding overflow. > > > > > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > > > > > Fixes: 2adc6edcaec0 ("ethtool: fix error handling in ethtool_phys_id") > > > Signed-off-by: Maxim Korotkov <korotkov.maxim.s@...il.com> > > > --- > > > net/ethtool/ioctl.c | 2 +- > > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > > > diff --git a/net/ethtool/ioctl.c b/net/ethtool/ioctl.c > > > index 6a7308de192d..cf87e53c2e74 100644 > > > --- a/net/ethtool/ioctl.c > > > +++ b/net/ethtool/ioctl.c > > > @@ -2007,7 +2007,7 @@ static int ethtool_phys_id(struct net_device *dev, > void __user *useraddr) > > > } else { > > > /* Driver expects to be called at twice the frequency in rc */ > > > int n = rc * 2, interval = HZ / n; > > > - u64 count = n * id.data, i = 0; > > > + u64 count = (u64)n * id.data, i = 0; > > > > > > How about moving the code around a bit, change n to a u64 and drop the > > cast? Does this look correct? > > > > int interval = HZ / rc / 2; > > u64 n = rc * 2; > > u64 count = n * id.data; > > > > i = 0; > > > > I just don't like casts, they suggest the underlying types are wrong, > > so should fix that, not add a cast. > > This particular one is absolutely fine. When you want to multiply > u32 by u32, you always need a cast, otherwise the result will be > truncated. mul_u32_u32() does it the very same way[0]. > Why not just use mul_u32_u32 then? Thanks, Jake > > > > Andrew > > > > [0] https://elixir.bootlin.com/linux/v6.1- > rc6/source/include/linux/math64.h#L153 > > Thanks, > Olek
Powered by blists - more mailing lists