linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Andriy Shevchenko <andriy.shevchenko@linux.intel.com>
To: Jacob Pan <jacob.jun.pan@linux.intel.com>
Cc: iommu@lists.linux-foundation.org,
	LKML <linux-kernel@vger.kernel.org>,
	Joerg Roedel <joro@8bytes.org>,
	David Woodhouse <dwmw2@infradead.org>,
	Alex Williamson <alex.williamson@redhat.com>,
	Jean-Philippe Brucker <jean-philippe.brucker@arm.com>,
	Yi Liu <yi.l.liu@intel.com>, "Tian, Kevin" <kevin.tian@intel.com>,
	Raj Ashok <ashok.raj@intel.com>,
	Christoph Hellwig <hch@infradead.org>,
	Lu Baolu <baolu.lu@linux.intel.com>,
	"Liu, Yi L" <yi.l.liu@linux.intel.com>,
	Liu@smile.fi.intel.com, Eric Auger <eric.auger@redhat.com>
Subject: Re: [PATCH 08/18] iommu: Introduce cache_invalidate API
Date: Thu, 11 Apr 2019 13:02:35 +0300	[thread overview]
Message-ID: <20190411100235.GQ9224@smile.fi.intel.com> (raw)
In-Reply-To: <20190410142131.50ee2e44@jacob-builder>

On Wed, Apr 10, 2019 at 02:21:31PM -0700, Jacob Pan wrote:
> On Tue, 9 Apr 2019 20:37:55 +0300
> Andriy Shevchenko <andriy.shevchenko@linux.intel.com> wrote:
> > On Tue, Apr 09, 2019 at 09:43:28AM -0700, Jacob Pan wrote:
> > > On Tue, 9 Apr 2019 13:07:18 +0300
> > > Andriy Shevchenko <andriy.shevchenko@linux.intel.com> wrote:  
> > > > On Mon, Apr 08, 2019 at 04:59:23PM -0700, Jacob Pan wrote:  
> > 
> > > > > +int iommu_cache_invalidate(struct iommu_domain *domain, struct
> > > > > device *dev,
> > > > > +			   struct iommu_cache_invalidate_info
> > > > > *inv_info) +{
> > > > > +	int ret = 0;    
> > > > 
> > > > Redundant assignment.
> > > >   
> > > I am not a security expert but initialization of local variable can
> > > be more secure.
> > > I was looking at this talk.
> > > https://outflux.net/slides/2018/lss/danger.pdf
> > > https://cwe.mitre.org/data/definitions/457.html  
> > 
> > I hardly see any of these applied to your case here.
> > Care to show what I'm missing?
> > 
> I thought your comments was that I should not need to initialize local
> variable ret = 0. 

Correct.

> Always initialize local variable can be a good
> security practice as suggested in the paper. Perhaps I missed
> something :)

Paper suggested to do that in a sense to avoid use of uninitialized variable.
This is not your case (usually it's not the case for variable which contains
return code), so, assignment is redundant. Moreover, default assignment can
hide an actual warning and an issue. Security people are not always correct.

> > > > > +	if (unlikely(!domain->ops->cache_invalidate))
> > > > > +		return -ENODEV;
> > > > > +
> > > > > +	ret = domain->ops->cache_invalidate(domain, dev,
> > > > > inv_info); +
> > > > > +	return ret;
> > > > > +}    

-- 
With Best Regards,
Andy Shevchenko



  reply	other threads:[~2019-04-11 10:02 UTC|newest]

Thread overview: 49+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-04-08 23:59 [PATCH 00/18] Shared virtual address IOMMU and VT-d support Jacob Pan
2019-04-08 23:59 ` [PATCH 01/18] drivers core: Add I/O ASID allocator Jacob Pan
2019-04-09 10:00   ` Andriy Shevchenko
2019-04-09 10:04     ` Christoph Hellwig
2019-04-09 10:30       ` Andriy Shevchenko
2019-04-09 14:53         ` Paul E. McKenney
2019-04-09 15:21           ` Andriy Shevchenko
2019-04-09 22:08             ` Paul E. McKenney
2019-04-08 23:59 ` [PATCH 02/18] ioasid: Add custom IOASID allocator Jacob Pan
2019-04-15 18:53   ` Alex Williamson
2019-04-15 22:45     ` Jacob Pan
2019-04-08 23:59 ` [PATCH 03/18] ioasid: Convert ioasid_idr to XArray Jacob Pan
2019-04-08 23:59 ` [PATCH 04/18] driver core: add per device iommu param Jacob Pan
2019-04-08 23:59 ` [PATCH 05/18] iommu: introduce device fault data Jacob Pan
2019-04-09 10:03   ` Andriy Shevchenko
2019-04-09 16:44     ` Jacob Pan
2019-04-08 23:59 ` [PATCH 06/18] iommu: introduce device fault report API Jacob Pan
2019-04-08 23:59 ` [PATCH 07/18] iommu: Introduce attach/detach_pasid_table API Jacob Pan
2019-04-08 23:59 ` [PATCH 08/18] iommu: Introduce cache_invalidate API Jacob Pan
2019-04-09 10:07   ` Andriy Shevchenko
2019-04-09 16:43     ` Jacob Pan
2019-04-09 17:37       ` Andriy Shevchenko
2019-04-10 21:21         ` Jacob Pan
2019-04-11 10:02           ` Andriy Shevchenko [this message]
2019-04-08 23:59 ` [PATCH 09/18] iommu/vt-d: Enlightened PASID allocation Jacob Pan
2019-04-09 10:08   ` Andriy Shevchenko
2019-04-09 16:34     ` Jacob Pan
2019-04-08 23:59 ` [PATCH 10/18] iommu/vt-d: Add custom allocator for IOASID Jacob Pan
2019-04-15 20:37   ` Alex Williamson
2019-04-15 23:10     ` Jacob Pan
2019-04-18 15:36       ` Jean-Philippe Brucker
2019-04-19  4:29         ` Jacob Pan
2019-04-23 10:53           ` Jean-Philippe Brucker
2019-04-16 15:30     ` Jacob Pan
2019-04-08 23:59 ` [PATCH 11/18] iommu/vt-d: Replace Intel specific PASID allocator with IOASID Jacob Pan
2019-04-08 23:59 ` [PATCH 12/18] iommu: Add guest PASID bind function Jacob Pan
2019-04-08 23:59 ` [PATCH 13/18] iommu/vt-d: Move domain helper to header Jacob Pan
2019-04-08 23:59 ` [PATCH 14/18] iommu/vt-d: Add nested translation support Jacob Pan
2019-04-08 23:59 ` [PATCH 15/18] iommu/vt-d: Add bind guest PASID support Jacob Pan
2019-04-09 14:52   ` Andriy Shevchenko
2019-04-08 23:59 ` [PATCH 16/18] iommu: add max num of cache and granu types Jacob Pan
2019-04-09 14:53   ` Andriy Shevchenko
2019-04-08 23:59 ` [PATCH 17/18] iommu/vt-d: Support flushing more translation cache types Jacob Pan
2019-04-08 23:59 ` [PATCH 18/18] iommu/vt-d: Add svm/sva invalidate function Jacob Pan
2019-04-09 14:57   ` Andriy Shevchenko
2019-04-09 17:43     ` Jacob Pan
2019-04-09  9:56 ` [PATCH 00/18] Shared virtual address IOMMU and VT-d support Andriy Shevchenko
2019-04-09 16:33   ` Jacob Pan
2019-04-15 17:25 ` Jacob Pan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190411100235.GQ9224@smile.fi.intel.com \
    --to=andriy.shevchenko@linux.intel.com \
    --cc=Liu@smile.fi.intel.com \
    --cc=alex.williamson@redhat.com \
    --cc=ashok.raj@intel.com \
    --cc=baolu.lu@linux.intel.com \
    --cc=dwmw2@infradead.org \
    --cc=eric.auger@redhat.com \
    --cc=hch@infradead.org \
    --cc=iommu@lists.linux-foundation.org \
    --cc=jacob.jun.pan@linux.intel.com \
    --cc=jean-philippe.brucker@arm.com \
    --cc=joro@8bytes.org \
    --cc=kevin.tian@intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=yi.l.liu@intel.com \
    --cc=yi.l.liu@linux.intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).