From: Jiri Pirko <jiri@resnulli.us>
To: linux-rdma@vger.kernel.org
Cc: jgg@ziepe.ca, leon@kernel.org, mrgolin@amazon.com,
gal.pressman@linux.dev, sleybo@amazon.com, parav@nvidia.com,
mbloch@nvidia.com, yanjun.zhu@linux.dev,
marco.crivellari@suse.com, roman.gushchin@linux.dev,
phaddad@nvidia.com, lirongqing@baidu.com, ynachum@amazon.com,
huangjunxian6@hisilicon.com,
kalesh-anakkur.purayil@broadcom.com, ohartoov@nvidia.com,
michaelgur@nvidia.com, shayd@nvidia.com, edwards@nvidia.com,
sriharsha.basavapatna@broadcom.com,
andrew.gospodarek@broadcom.com, selvin.xavier@broadcom.com,
jmoroni@google.com
Subject: Re: [PATCH rdma-next v9 03/16] RDMA/core: Introduce generic buffer descriptor infrastructure for umem
Date: Fri, 29 May 2026 21:14:50 +0200 [thread overview]
Message-ID: <ahnkoTRWKA3r1RJ2@FV6GYCPJ69> (raw)
In-Reply-To: <20260529134312.2836341-4-jiri@resnulli.us>
Fri, May 29, 2026 at 03:42:59PM +0200, jiri@resnulli.us wrote:
[..]
>+struct ib_umem *ib_umem_get_desc(struct ib_device *device,
>+ const struct ib_uverbs_buffer_desc *desc,
>+ int access)
>+{
>+ struct ib_umem_dmabuf *umem_dmabuf;
>+
>+ if (desc->flags & ~IB_UVERBS_BUFFER_DESC_FLAGS_KNOWN_MASK)
>+ return ERR_PTR(-EINVAL);
>+
>+ if (overflows_type(desc->addr, unsigned long) ||
>+ overflows_type(desc->length, size_t))
>+ return ERR_PTR(-EOVERFLOW);
Sashiko says:
Does this validation evaluate potentially uninitialized garbage data?
If a user passes an invalid, unsupported, or future buffer type, the
addr and length fields might be uninitialized garbage. Evaluating them
before validating desc->type might cause the kernel to return -EOVERFLOW
instead of -EINVAL, which can break userspace feature probing based on
error codes.
Should this validation be moved inside the cases of the switch statement
that actually use these fields?
Probably this may be hit in case some other type does not use addr
and length (how likely is that?).
I would sanitize it as a follow-up if nobody is oppose that.
[..]
next prev parent reply other threads:[~2026-05-29 19:14 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-29 13:42 [PATCH rdma-next v9 00/16] RDMA: Introduce generic buffer descriptor infrastructure for umem Jiri Pirko
2026-05-29 13:42 ` [PATCH rdma-next v9 01/16] RDMA/umem: Rename ib_umem_get() to ib_umem_get_va() Jiri Pirko
2026-05-29 13:42 ` [PATCH rdma-next v9 02/16] RDMA/umem: Split ib_umem_get_va() into a thin wrapper around __ib_umem_get_va() Jiri Pirko
2026-05-29 13:42 ` [PATCH rdma-next v9 03/16] RDMA/core: Introduce generic buffer descriptor infrastructure for umem Jiri Pirko
2026-05-29 19:14 ` Jiri Pirko [this message]
2026-05-29 19:53 ` Jason Gunthorpe
2026-05-29 13:43 ` [PATCH rdma-next v9 04/16] RDMA/umem: Route ib_umem_get_va() through ib_umem_get_attr_or_va() Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 05/16] RDMA/uverbs: Push out CQ buffer umem processing into a helper Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 06/16] RDMA/uverbs: Add CQ buffer UMEM attribute and driver helpers Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 07/16] RDMA/efa: Use ib_umem_get_cq_buf() for user CQ buffer Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 08/16] RDMA/mlx5: Use ib_umem_get_cq_buf_or_va() " Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 09/16] RDMA/bnxt_re: " Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 10/16] RDMA/mlx4: Use ib_umem_get_cq_buf() " Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 11/16] RDMA/uverbs: Remove legacy umem field from struct ib_cq Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 12/16] RDMA/uverbs: Use UMEM attributes for QP creation Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 13/16] RDMA/mlx5: Use UMEM attributes for QP buffers in create_qp Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 14/16] RDMA/umem: Add ib_umem_is_contiguous() stub for !CONFIG_INFINIBAND_USER_MEM Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 15/16] RDMA/mlx5: Use UMEM attribute for CQ doorbell record Jiri Pirko
2026-05-29 13:43 ` [PATCH rdma-next v9 16/16] RDMA/mlx5: Use UMEM attribute for QP " Jiri Pirko
2026-05-29 23:26 ` [PATCH rdma-next v9 00/16] RDMA: Introduce generic buffer descriptor infrastructure for umem Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ahnkoTRWKA3r1RJ2@FV6GYCPJ69 \
--to=jiri@resnulli.us \
--cc=andrew.gospodarek@broadcom.com \
--cc=edwards@nvidia.com \
--cc=gal.pressman@linux.dev \
--cc=huangjunxian6@hisilicon.com \
--cc=jgg@ziepe.ca \
--cc=jmoroni@google.com \
--cc=kalesh-anakkur.purayil@broadcom.com \
--cc=leon@kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=lirongqing@baidu.com \
--cc=marco.crivellari@suse.com \
--cc=mbloch@nvidia.com \
--cc=michaelgur@nvidia.com \
--cc=mrgolin@amazon.com \
--cc=ohartoov@nvidia.com \
--cc=parav@nvidia.com \
--cc=phaddad@nvidia.com \
--cc=roman.gushchin@linux.dev \
--cc=selvin.xavier@broadcom.com \
--cc=shayd@nvidia.com \
--cc=sleybo@amazon.com \
--cc=sriharsha.basavapatna@broadcom.com \
--cc=yanjun.zhu@linux.dev \
--cc=ynachum@amazon.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox