| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <alpine.LFD.1.00.0802111442130.12988@apollo.tec.linutronix.de>
Date: Mon, 11 Feb 2008 14:59:34 +0100 (CET)
From: Thomas Gleixner <tglx@...utronix.de>
To: Adrian Bunk <adrian.bunk@...ial.fi>
cc: Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org,
Riku Voipio <riku.voipio@...ial.fi>,
Mikael Pettersson <mikpe@...uu.se>,
Lennert Buytenhek <buytenh@...tstofly.org>,
Rusty Russell <rusty@...tcorp.com.au>
Subject: Re: futex local DoS on most architectures
On Mon, 11 Feb 2008, Adrian Bunk wrote:
> The issue described in [1] is still present and unfixed (and even the
> fix there wasn't complete since it didn't cover SMP).
Damn, this slipped through my attention completely. Hotfix (which can
be easily backported) below.
> Thanks to Riku Voipio for noting that it is still unfixed.
>
> cu
> Adrian
>
> [1] http://lkml.org/lkml/2007/8/1/474
-------->
Subject: futex: disable PI/robust on archs w/o valid implementation
From: Thomas Gleixner <tglx@...utronix.de>
We have to disable the complete PI/robust functionality for those
archs, which do not implement futex_atomic_cmpxchg_inatomic(). The
code in question relies on a valid implementation and does not expect
-ENOSYS, which is returned by the stub implementation in
asm-generic/futex.h
Pointed out by: Mikael Pettersson, Riku Voipio and Adrian Bunk
This patch is intended for easy backporting and needs to be cleaned up
further for current mainline.
Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
Acked-by: Ingo Molnar <mingo@...e.hu>
---
include/asm-generic/futex.h | 2 ++
kernel/futex.c | 13 +++++++++++++
2 files changed, 15 insertions(+)
Index: linux-2.6/include/asm-generic/futex.h
===================================================================
--- linux-2.6.orig/include/asm-generic/futex.h
+++ linux-2.6/include/asm-generic/futex.h
@@ -55,5 +55,7 @@ futex_atomic_cmpxchg_inatomic(int __user
return -ENOSYS;
}
+#define FUTEX_ATOMIC_CMPXCHG_NOT_IMPLEMENTED
+
#endif
#endif
Index: linux-2.6/kernel/futex.c
===================================================================
--- linux-2.6.orig/kernel/futex.c
+++ linux-2.6/kernel/futex.c
@@ -1870,6 +1870,9 @@ asmlinkage long
sys_set_robust_list(struct robust_list_head __user *head,
size_t len)
{
+#ifdef FUTEX_ATOMIC_CMPXCHG_NOT_IMPLEMENTED
+ return -ENOSYS;
+#else
/*
* The kernel knows only one size for now:
*/
@@ -1879,6 +1882,7 @@ sys_set_robust_list(struct robust_list_h
current->robust_list = head;
return 0;
+#endif
}
/**
@@ -1891,6 +1895,9 @@ asmlinkage long
sys_get_robust_list(int pid, struct robust_list_head __user * __user *head_ptr,
size_t __user *len_ptr)
{
+#ifdef FUTEX_ATOMIC_CMPXCHG_NOT_IMPLEMENTED
+ return -ENOSYS;
+#else
struct robust_list_head __user *head;
unsigned long ret;
@@ -1920,6 +1927,7 @@ err_unlock:
rcu_read_unlock();
return ret;
+#endif
}
/*
@@ -2082,6 +2090,9 @@ long do_futex(u32 __user *uaddr, int op,
case FUTEX_WAKE_OP:
ret = futex_wake_op(uaddr, fshared, uaddr2, val, val2, val3);
break;
+
+#ifndef FUTEX_ATOMIC_CMPXCHG_NOT_IMPLEMENTED
+
case FUTEX_LOCK_PI:
ret = futex_lock_pi(uaddr, fshared, val, timeout, 0);
break;
@@ -2091,6 +2102,8 @@ long do_futex(u32 __user *uaddr, int op,
case FUTEX_TRYLOCK_PI:
ret = futex_lock_pi(uaddr, fshared, 0, timeout, 1);
break;
+#endif
+
default:
ret = -ENOSYS;
}
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists