Re: [PATCH v4 4/9] cxl/mem: Add basic IOCTL interface

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Ben Widawsky <ben.widawsky@intel.com>
Cc: <linux-cxl@vger.kernel.org>, <linux-acpi@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>, <linux-nvdimm@lists.01.org>,
	<linux-pci@vger.kernel.org>, Bjorn Helgaas <helgaas@kernel.org>,
	"Chris Browy" <cbrowy@avery-design.com>,
	Christoph Hellwig <hch@infradead.org>,
	"Dan Williams" <dan.j.williams@intel.com>,
	David Hildenbrand <david@redhat.com>,
	David Rientjes <rientjes@google.com>,
	Ira Weiny <ira.weiny@intel.com>,
	"Jon Masters" <jcm@jonmasters.org>,
	Rafael Wysocki <rafael.j.wysocki@intel.com>,
	Randy Dunlap <rdunlap@infradead.org>,
	Vishal Verma <vishal.l.verma@intel.com>,
	"John Groves (jgroves)" <jgroves@micron.com>,
	"Kelley, Sean V" <sean.v.kelley@intel.com>,
	kernel test robot <lkp@intel.com>
Subject: Re: [PATCH v4 4/9] cxl/mem: Add basic IOCTL interface
Date: Wed, 17 Feb 2021 09:55:24 +0000	[thread overview]
Message-ID: <20210217095524.000071f5@Huawei.com> (raw)
In-Reply-To: <20210216183432.lf2uj63uckogfad4@intel.com>

On Tue, 16 Feb 2021 10:34:32 -0800
Ben Widawsky <ben.widawsky@intel.com> wrote:

...

> > > diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c
> > > index 237b956f0be0..4ca4f5afd9d2 100644
> > > --- a/drivers/cxl/mem.c
> > > +++ b/drivers/cxl/mem.c
> > > @@ -686,7 +686,11 @@ static int cxl_validate_cmd_from_user(struct cxl_mem *cxlm,
> > > 
> > >         memcpy(out_cmd, c, sizeof(*c));
> > >         out_cmd->info.size_in = send_cmd->in.size;
> > > -       out_cmd->info.size_out = send_cmd->out.size;
> > > +       /*
> > > +        * XXX: out_cmd->info.size_out will be controlled by the driver, and the
> > > +        * specified number of bytes @send_cmd->out.size will be copied back out
> > > +        * to userspace.
> > > +        */
> > > 
> > >         return 0;
> > >  }  
> > 
> > This deals with the buffer overflow being triggered from userspace.
> > 
> > I'm still nervous.  I really don't like assuming hardware will do the right
> > thing and never send us more data than we expect.
> > 
> > Given the check that it will fit in the target buffer is simple,
> > I'd prefer to harden it and know we can't have a problem.
> > 
> > Jonathan  
> 
> I'm working on hardening __cxl_mem_mbox_send_cmd now per your request. With
> that, I think this solves the issue, right?

Should do.  Thanks,

Jonathan

WARNING: multiple messages have this Message-ID (diff)

From: Jonathan Cameron <Jonathan.Cameron@Huawei.com>
To: Ben Widawsky <ben.widawsky@intel.com>
Cc: linux-cxl@vger.kernel.org, linux-acpi@vger.kernel.org,
	linux-kernel@vger.kernel.org, linux-nvdimm@lists.01.org,
	linux-pci@vger.kernel.org, Bjorn Helgaas <helgaas@kernel.org>,
	"Chris Browy  <cbrowy@avery-design.com>,
	Christoph Hellwig <hch@infradead.org>,
	 Dan Williams  <dan.j.williams@intel.com>,
	David Hildenbrand <david@redhat.com>,
	David Rientjes" <rientjes@google.com>,
	"Jon Masters  <jcm@jonmasters.org>,
	Rafael Wysocki <rafael.j.wysocki@intel.com>,
	Randy Dunlap" <rdunlap@infradead.org>,
	"John Groves (jgroves)" <jgroves@micron.com>,
	"Kelley, Sean V" <sean.v.kelley@intel.com>,
	kernel test robot <lkp@intel.com>
Subject: Re: [PATCH v4 4/9] cxl/mem: Add basic IOCTL interface
Date: Wed, 17 Feb 2021 09:55:24 +0000	[thread overview]
Message-ID: <20210217095524.000071f5@Huawei.com> (raw)
In-Reply-To: <20210216183432.lf2uj63uckogfad4@intel.com>

On Tue, 16 Feb 2021 10:34:32 -0800
Ben Widawsky <ben.widawsky@intel.com> wrote:

...

> > > diff --git a/drivers/cxl/mem.c b/drivers/cxl/mem.c
> > > index 237b956f0be0..4ca4f5afd9d2 100644
> > > --- a/drivers/cxl/mem.c
> > > +++ b/drivers/cxl/mem.c
> > > @@ -686,7 +686,11 @@ static int cxl_validate_cmd_from_user(struct cxl_mem *cxlm,
> > > 
> > >         memcpy(out_cmd, c, sizeof(*c));
> > >         out_cmd->info.size_in = send_cmd->in.size;
> > > -       out_cmd->info.size_out = send_cmd->out.size;
> > > +       /*
> > > +        * XXX: out_cmd->info.size_out will be controlled by the driver, and the
> > > +        * specified number of bytes @send_cmd->out.size will be copied back out
> > > +        * to userspace.
> > > +        */
> > > 
> > >         return 0;
> > >  }  
> > 
> > This deals with the buffer overflow being triggered from userspace.
> > 
> > I'm still nervous.  I really don't like assuming hardware will do the right
> > thing and never send us more data than we expect.
> > 
> > Given the check that it will fit in the target buffer is simple,
> > I'd prefer to harden it and know we can't have a problem.
> > 
> > Jonathan  
> 
> I'm working on hardening __cxl_mem_mbox_send_cmd now per your request. With
> that, I think this solves the issue, right?

Should do.  Thanks,

Jonathan
_______________________________________________
Linux-nvdimm mailing list -- linux-nvdimm@lists.01.org
To unsubscribe send an email to linux-nvdimm-leave@lists.01.org

next prev parent reply	other threads:[~2021-02-17  9:57 UTC|newest]

Thread overview: 52+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-16  1:45 [PATCH v4 0/9] CXL 2.0 Support Ben Widawsky
2021-02-16  1:45 ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 1/9] cxl/mem: Introduce a driver for CXL-2.0-Type-3 endpoints Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 2/9] cxl/mem: Find device capabilities Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16 14:51   ` Jonathan Cameron
2021-02-16 14:51     ` Jonathan Cameron
2021-02-16 16:43     ` Ben Widawsky
2021-02-16 16:43       ` Ben Widawsky
2021-02-16 17:20       ` Jonathan Cameron
2021-02-16 17:20         ` Jonathan Cameron
2021-02-16 17:56         ` Ben Widawsky
2021-02-16 17:56           ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 3/9] cxl/mem: Register CXL memX devices Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 4/9] cxl/mem: Add basic IOCTL interface Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16 15:22   ` Jonathan Cameron
2021-02-16 15:22     ` Jonathan Cameron
2021-02-16 17:53     ` Ben Widawsky
2021-02-16 17:53       ` Ben Widawsky
2021-02-16 18:28       ` Jonathan Cameron
2021-02-16 18:28         ` Jonathan Cameron
2021-02-16 18:34         ` Ben Widawsky
2021-02-16 18:34           ` Ben Widawsky
2021-02-17  9:55           ` Jonathan Cameron [this message]
2021-02-17  9:55             ` Jonathan Cameron
2021-02-16 18:12   ` Al Viro
2021-02-16 18:12     ` Al Viro
2021-02-16 18:22     ` Ben Widawsky
2021-02-16 18:22       ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 5/9] cxl/mem: Add a "RAW" send command Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16 15:30   ` Jonathan Cameron
2021-02-16 15:30     ` Jonathan Cameron
2021-02-16 18:03     ` Ben Widawsky
2021-02-16 18:03       ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 6/9] cxl/mem: Enable commands via CEL Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16 15:43   ` Jonathan Cameron
2021-02-16 15:43     ` Jonathan Cameron
2021-02-16  1:45 ` [PATCH v4 7/9] cxl/mem: Add set of informational commands Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 8/9] MAINTAINERS: Add maintainers of the CXL driver Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16  1:45 ` [PATCH v4 9/9] cxl/mem: Add payload dumping for debug Ben Widawsky
2021-02-16  1:45   ` Ben Widawsky
2021-02-16 15:48   ` Jonathan Cameron
2021-02-16 15:48     ` Jonathan Cameron
2021-02-16 16:48     ` Dan Williams
2021-02-16 16:48       ` Dan Williams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210217095524.000071f5@Huawei.com \
    --to=jonathan.cameron@huawei.com \
    --cc=ben.widawsky@intel.com \
    --cc=cbrowy@avery-design.com \
    --cc=dan.j.williams@intel.com \
    --cc=david@redhat.com \
    --cc=hch@infradead.org \
    --cc=helgaas@kernel.org \
    --cc=ira.weiny@intel.com \
    --cc=jcm@jonmasters.org \
    --cc=jgroves@micron.com \
    --cc=linux-acpi@vger.kernel.org \
    --cc=linux-cxl@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-nvdimm@lists.01.org \
    --cc=linux-pci@vger.kernel.org \
    --cc=lkp@intel.com \
    --cc=rafael.j.wysocki@intel.com \
    --cc=rdunlap@infradead.org \
    --cc=rientjes@google.com \
    --cc=sean.v.kelley@intel.com \
    --cc=vishal.l.verma@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.