| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Feb 2018 07:50:26 +0100
From: Christophe LEROY <christophe.leroy@....fr>
To: Mathieu Malaterre <malat@...ian.org>,
Michael Ellerman <mpe@...erman.id.au>
Cc: linux-kernel@...r.kernel.org, Paul Mackerras <paulus@...ba.org>,
Jiri Slaby <jslaby@...e.com>, linuxppc-dev@...ts.ozlabs.org
Subject: Re: [PATCH 06/21] powerpc: Avoid comparison of unsigned long >= 0 in
__access_ok
Le 26/02/2018 à 07:34, Christophe LEROY a écrit :
>
>
> Le 25/02/2018 à 18:22, Mathieu Malaterre a écrit :
>> Rewrite check size - 1 <= Y as size < Y since `size` is unsigned value.
>> Fix warning (treated as error in W=1):
>>
>> CC arch/powerpc/kernel/signal_32.o
>> In file included from ./include/linux/uaccess.h:14:0,
>> from ./include/asm-generic/termios-base.h:8,
>> from ./arch/powerpc/include/asm/termios.h:20,
>> from ./include/uapi/linux/termios.h:6,
>> from ./include/linux/tty.h:7,
>> from arch/powerpc/kernel/signal_32.c:36:
>> ./include/asm-generic/termios-base.h: In function
>> ‘user_termio_to_kernel_termios’:
>> ./arch/powerpc/include/asm/uaccess.h:52:35: error: comparison of
>> unsigned expression >= 0 is always true [-Werror=type-limits]
>> (((size) == 0) || (((size) - 1) <= ((segment).seg - (addr)))))
>> ^
>> ./arch/powerpc/include/asm/uaccess.h:58:3: note: in expansion of macro
>> ‘__access_ok’
>> __access_ok((__force unsigned long)(addr), (size), get_fs()))
>> ^~~~~~~~~~~
>> ./arch/powerpc/include/asm/uaccess.h:262:6: note: in expansion of
>> macro ‘access_ok’
>> if (access_ok(VERIFY_READ, __gu_addr, (size))) \
>> ^~~~~~~~~
>> ./arch/powerpc/include/asm/uaccess.h:80:2: note: in expansion of macro
>> ‘__get_user_check’
>> __get_user_check((x), (ptr), sizeof(*(ptr)))
>> ^~~~~~~~~~~~~~~~
>> ./include/asm-generic/termios-base.h:36:6: note: in expansion of macro
>> ‘get_user’
>> if (get_user(termios->c_line, &termio->c_line) < 0)
>> ^~~~~~~~
>> [...]
>> cc1: all warnings being treated as errors
>>
>> Signed-off-by: Mathieu Malaterre <malat@...ian.org>
>> ---
>> arch/powerpc/include/asm/uaccess.h | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/powerpc/include/asm/uaccess.h
>> b/arch/powerpc/include/asm/uaccess.h
>> index 51bfeb8777f0..fadc406bd39d 100644
>> --- a/arch/powerpc/include/asm/uaccess.h
>> +++ b/arch/powerpc/include/asm/uaccess.h
>> @@ -49,7 +49,7 @@
>> #define __access_ok(addr, size, segment) \
>> (((addr) <= (segment).seg) && \
>> - (((size) == 0) || (((size) - 1) <= ((segment).seg - (addr)))))
>> + (((size) == 0) || ((size) < ((segment).seg - (addr)))))
>
> IIUC, ((2 - 1) <= 1) is the same as (2 < 1) ?????
Note that I already try to submit a fix for this warning 3 years ago
(https://patchwork.ozlabs.org/patch/418075/) and it was rejected with
the following comment:
Again, I don't think Linux enables this warning. What did you do to
produce this? In any case, it's a bad warning that doesn't take macros
into account, and the answer is not to make the code less clear by hiding
the fact that zero is a special case.
Christophe
>
> Christophe
>
>> #endif
>>
Powered by blists - more mailing lists