lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 22 Nov 2022 20:13:43 +0700
From:   Ammar Faizi <ammarfaizi2@...weeb.org>
To:     Jens Axboe <axboe@...nel.dk>
Cc:     Stefan Roesch <shr@...kernel.io>,
        Facebook Kernel Team <kernel-team@...com>,
        Olivier Langlois <olivier@...llion01.com>,
        netdev Mailing List <netdev@...r.kernel.org>,
        io-uring Mailing List <io-uring@...r.kernel.org>,
        Jakub Kicinski <kuba@...nel.org>
Subject: Re: [PATCH v5 2/3] io_uring: add api to set / get napi configuration.

On 11/22/22 2:46 AM, Jens Axboe wrote:
> On 11/21/22 12:14?PM, Stefan Roesch wrote:
>> +static int io_unregister_napi(struct io_ring_ctx *ctx, void __user *arg)
>> +{
>> +#ifdef CONFIG_NET_RX_BUSY_POLL
>> +	const struct io_uring_napi curr = {
>> +		.busy_poll_to = ctx->napi_busy_poll_to,
>> +	};
>> +
>> +	if (copy_to_user(arg, &curr, sizeof(curr)))
>> +		return -EFAULT;
>> +
>> +	WRITE_ONCE(ctx->napi_busy_poll_to, 0);
>> +	return 0;
>> +#else
>> +	return -EINVAL;
>> +#endif
>> +}
> 
> Should probably check resv/pad here as well, maybe even the
> 'busy_poll_to' being zero?

Jens, this function doesn't read from __user memory, it writes to
__user memory.

@curr.resv and @curr.pad are on the kernel's stack. Both are already
implicitly initialized to zero by the partial struct initializer.

-- 
Ammar Faizi

Powered by blists - more mailing lists