lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Wed, 27 Feb 2008 20:55:28 +0100 (CET)
From:	Thomas Gleixner <tglx@...utronix.de>
To:	David Miller <davem@...emloft.net>
cc:	mikpe@...uu.se, sparclinux@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [BUG] 2.6.25-rc3 hangs in early boot on Sun Ultra5

On Wed, 27 Feb 2008, David Miller wrote:

> From: Thomas Gleixner <tglx@...utronix.de>
> Date: Wed, 27 Feb 2008 09:02:22 +0100 (CET)
> 
> > On Tue, 26 Feb 2008, David Miller wrote:
> > > What the FUTEX checking code is doing now is doing a "user" access
> > > with set_fs(KERNEL_DS) since it runs from the kernel bootup early init
> > > sequence.  And this is illegal according to the existing checks.
> > > 
> > > When we do set_fs(KERNEL_DS) then pass a "user" pointer down
> > > into a system call or something like that, we give it a pointer
> > > that "cannot fault".  So if we get into the fault handling
> > > path here for a case like that we really do want to scream and
> > > print out an OOPS message in my opinion.
> > 
> > So it would be correct to set_fs(USER_DS) then do the check and switch
> > back to KERNEL_DS ?
> 
> No, I'm saying it would be better not to take faults purposefully in
> the kernel address space.

I would have preferred not to. The hassle is that we need to figure
out, whether it works or not _before_ any user space program can use
the interfaces. We could omit the check for archs where the
in_atomic_cmpxchg is guaranteed to be functional.

> We don't have a usable user address space
> setup at this point in the boot, so using USER_DS would be even worse.

Ouch, yes. Stupid me.

> I think I'll just add a different version of the sanity check to this
> sparc64 code later on, one that will take into consideration this
> KERNEL_DS case because I can see how it could be useful in other
> circumstances.

Ok.
 
Thanks,
	tglx
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ