[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] argo: don't leak stack contents when returning ring info


  • To: Jan Beulich <jbeulich@xxxxxxxx>
  • From: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • Date: Thu, 14 Jan 2021 17:59:14 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Lz+QH4bsi+s1cQF0qjtLP5OkcaVnZ0Qu4qlZxvUtncg=; b=DJzo4aZdRyfVJFG0LjuL3NgyjFOIr/rqjCZz+/e8m6wZlYE7zzwo9Nfu+VbmK9AHsIWSa5GFLkp+5P2qoG7K/i5QGWroVAo+bEcIVEJw4OYbD9syUi0ZOuiKT3/lATSpVeoDbQNrRNl5uZDJrU3hvz6xUP2Adb9da2WJRLqROfzOYmFFRd0dTWi4Aj0+s2lD+WSgPt+uzNc9ieog5tqhykxYNaIWKrkeEYcYD3njEIrW58MNPwohqM43QgPd8P/PZz05OmnRKiJknRNaHuk3MNYNOsIzFR/z/x3yvn/kSQI4WaZcOtscj8Njm7RArkSrBOXhkAg3zooaJz1F0DDImA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H5AlNS8cHI913siYoSSGJyyleFaA+vwxxAX8WWdKpV0tliHQekVrrFuXY3k8wqi/Uu2r94x4/skldicHbk8WJS0DT0KMC+PgdVmKHe2cLnZuvxiZcrNG5lXaOR8JVD6J/DrANykOoUxGGCys3utmy/5YGrUKHasYccTfxDPSoGFksGI6VvzVraGhtOBje5TfhduND+0umGKiT9jsqk5NXdQCRO2PkazgMwKfW1ji4Xdit4fAkBYNGjQl9iVMHYnb1pRKgN8E7eNPAsazRwv/yWkEn9MyMvTudBwtiFWXyhbPy/roxLTgJPq+ax49rdfwJBhS9CEvlnqTm1QTnMxbjg==
  • Authentication-results: esa3.hc3370-68.iphmx.com; dkim=pass (signature verified) header.i=@citrix.onmicrosoft.com
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Christopher Clark <christopher.w.clark@xxxxxxxxx>
  • Delivery-date: Thu, 14 Jan 2021 16:59:31 +0000
  • Ironport-sdr: wvrbibotWmurLJCDVyqMHcl+NxZhwCbJlBbH6FyeZvicQhYWskPlrC8fbbhxN4O0rYaGyl6VGw S/v1umZOLdOzoKlEUiHCkMndTPySD4vxwSlY/yBHBsjJQhZWoUMLhbqFN6TUOUES2hFIwSSx1H +T8SBGWf59Bjwo9a7s3/qaq1w21FIxTExjGYN67L4HIovwWWYmPKdNi/zSeFtjJFDqD+jsFgjm sletX0pID0D3U1FRVnSc/qjgrTMuP7QPQo7jVmPe4oFq3pEZkYau1tc9rMEUKjDzUJwuakgyb2 zs4=
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Jan 14, 2021 at 03:01:06PM +0100, Jan Beulich wrote:
> The max_message_size field of the output gets filled only when the flags
> field is non-zero. Don't copy back uninitialized data to guest context.

I'm afraid I'm missing something. AFAICT ent gets filled from the
user-space contents of data_ent_hnd that's copied from user-space at
the top of the function, so there's no leak from hypervisor stack in
the return path?

Thanks, Roger.



 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.