lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 14 Feb 2023 10:23:11 +0300
From:   Daniil Tatianin <d-tatianin@...dex-team.ru>
To:     Simon Horman <simon.horman@...igine.com>
Cc:     Ariel Elior <aelior@...vell.com>,
        Manish Chopra <manishc@...vell.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>,
        Yuval Mintz <Yuval.Mintz@...gic.com>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v0] qed/qed_dev: guard against a possible division by zero



On 2/9/23 2:13 PM, Simon Horman wrote:
> On Thu, Feb 09, 2023 at 01:38:13PM +0300, Daniil Tatianin wrote:
>> Previously we would divide total_left_rate by zero if num_vports
>> happened to be 1 because non_requested_count is calculated as
>> num_vports - req_count. Guard against this by explicitly checking for
>> zero when doing the division.
>>
>> Found by Linux Verification Center (linuxtesting.org) with the SVACE
>> static analysis tool.
>>
>> Fixes: bcd197c81f63 ("qed: Add vport WFQ configuration APIs")
>> Signed-off-by: Daniil Tatianin <d-tatianin@...dex-team.ru>
>> ---
>>   drivers/net/ethernet/qlogic/qed/qed_dev.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/net/ethernet/qlogic/qed/qed_dev.c b/drivers/net/ethernet/qlogic/qed/qed_dev.c
>> index d61cd32ec3b6..90927f68c459 100644
>> --- a/drivers/net/ethernet/qlogic/qed/qed_dev.c
>> +++ b/drivers/net/ethernet/qlogic/qed/qed_dev.c
>> @@ -5123,7 +5123,7 @@ static int qed_init_wfq_param(struct qed_hwfn *p_hwfn,
>>   
>>   	total_left_rate	= min_pf_rate - total_req_min_rate;
>>   
>> -	left_rate_per_vp = total_left_rate / non_requested_count;
>> +	left_rate_per_vp = total_left_rate / (non_requested_count ?: 1);
> 
> I don't know if num_vports can be 1.
> But if it is then I agree that the above will be a divide by zero.
> 
> I do, however, wonder if it would be better to either:
> 
> * Treat this case as invalid and return with -EINVAL if num_vports is 1; or
I think that's a good idea considering num_vports == 1 is indeed an 
invalid value.
I'd like to hear a maintainer's opinion on this.
> * Skip both the calculation immediately above and the code
>    in the if condition below, which is the only place where
>    the calculated value is used, if num_vports is 1.
>    I don't think the if clause makes much sense if num_vports is one.left_rate_per_vp is also used below the if clause, it is assigned to 
.min_speed in a for loop. Looking at that code division by 1 seems to 
make sense to me in this case.
> 
>>   	if (left_rate_per_vp <  min_pf_rate / QED_WFQ_UNIT) {
>>   		DP_VERBOSE(p_hwfn, NETIF_MSG_LINK,
>>   			   "Non WFQ configured vports rate [%d Mbps] is less than one percent of configured PF min rate[%d Mbps]\n",
>> -- 
>> 2.25.1
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ