lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 13 Oct 2011 01:40:16 -0700
From:	Andrew Lutomirski <luto@....edu>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	Ingo Molnar <mingo@...e.hu>,
	richard -rw- weinberger <richard.weinberger@...il.com>,
	Adrian Bunk <bunk@...sta.de>,
	"H. Peter Anvin" <hpa@...ux.intel.com>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...hat.com>, x86@...nel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [RFC] fixing the UML failure root cause

On Wed, Oct 12, 2011 at 11:19 PM, Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
> On Wed, Oct 12, 2011 at 5:24 AM, Andrew Lutomirski <luto@....edu> wrote:
>>
>> So here's a different approach.  It's not perfect: it always blames
>> SEGV_MAPERR instead of SEGV_ACCERR.  I implemented it for vgettimeofday
>> but not the other two vsyscalls.
>>
>> What do you think of this approach?  If it seems good, I'll finish the
>> patch and submit it.
>
> I think the approach is valid, but you should *not* do this as some
> kind of crazy byte-by-byte copy_to_user() emulation.
>
> Do the "copy tz to user mode" as individual "put_user()" calls for
> tv_sec/tv_usec/timezone. IOW, there are three words being written to
> user mode, not "two memcpy's".

How does that work?  The tricky case is when one of those three words
spans a page boundary if the access to the first page is valid, but
the access to the second page is not.  When that happens, if we report
the fault as coming from the first page, then UML is likely to get
think the fault was spurious and enter an infinite loop.

To handle that case, I'll need 4- and 8- byte versions of put_user_sig
(IIRC vgetcpu uses unsigneds) that check whether their destinations
span page boundaries and complain accordingly, which will end up as
more code than I have now.

--Andy

>
> Other than that, there doesn't seem to be anything wrong.
>
>            Linus
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ