lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 09 Apr 2009 17:52:03 +0530
From:	Jaswinder Singh Rajput <jaswinder@...nel.org>
To:	mingo@...hat.com, hpa@...or.com, h-shimamoto@...jp.nec.com,
	linux-kernel@...r.kernel.org, roland@...hat.com,
	tglx@...utronix.de, mingo@...e.hu
Cc:	linux-tip-commits@...r.kernel.org
Subject: Re: [tip:x86/signal] x86: signal: check signal stack overflow
 properly

Hiroshi-san,

I am getting few sparse warnings from your commited lines.
If possible, please run sparse before sending patch.

On Fri, 2009-03-20 at 18:03 +0000, Hiroshi Shimamoto wrote:
> Commit-ID:  14fc9fbc700dc95b4f46ebd588169324fe6deff8
> Gitweb:     http://git.kernel.org/tip/14fc9fbc700dc95b4f46ebd588169324fe6deff8
> Author:     Hiroshi Shimamoto <h-shimamoto@...jp.nec.com>
> AuthorDate: Thu, 19 Mar 2009 10:56:29 -0700
> Committer:  Ingo Molnar <mingo@...e.hu>
> CommitDate: Fri, 20 Mar 2009 19:01:31 +0100
> 
> x86: signal: check signal stack overflow properly
> 
> Impact: cleanup
> 
> Check alternate signal stack overflow with proper stack pointer.
> The stack pointer of the next signal frame is different if that
> task has i387 state.
> 
> On x86_64, redzone would be included.
> 
> No need to check SA_ONSTACK if we're already using alternate signal stack.
> 
> Signed-off-by: Hiroshi Shimamoto <h-shimamoto@...jp.nec.com>
> Cc: Roland McGrath <roland@...hat.com>
> LKML-Reference: <49C2874D.3080002@...jp.nec.com>
> Signed-off-by: Ingo Molnar <mingo@...e.hu>
> 
> 
> ---
>  arch/x86/kernel/signal.c |   48 +++++++++++++++++++++++++--------------------
>  1 files changed, 27 insertions(+), 21 deletions(-)
> 
> diff --git a/arch/x86/kernel/signal.c b/arch/x86/kernel/signal.c
> index d2cc642..dfcc74a 100644
> --- a/arch/x86/kernel/signal.c
> +++ b/arch/x86/kernel/signal.c
> @@ -244,12 +240,22 @@ get_sigframe(struct k_sigaction *ka, struct pt_regs *regs, size_t frame_size,
>  		sp = round_down(sp, 64);
>  #endif /* CONFIG_X86_64 */
>  		*fpstate = (void __user *)sp;
> -
> -		if (save_i387_xstate(*fpstate) < 0)
> -			return (void __user *)-1L;
>  	}
>  
> -	return (void __user *)align_sigframe(sp - frame_size);
> +	sp = align_sigframe(sp - frame_size);
> +
> +	/*
> +	 * If we are on the alternate signal stack and would overflow it, don't.
> +	 * Return an always-bogus address instead so we will die with SIGSEGV.
> +	 */
> +	if (onsigstack && !likely(on_sig_stack(sp)))
> +		return (void __user *)-1L;

arch/x86/kernel/signal.c:251:11: warning: cast adds address space to expression (<asn:1>)

> +
> +	/* save i387 state */
> +	if (used_math() && save_i387_xstate(*fpstate) < 0)
> +		return (void __user *)-1L;

arch/x86/kernel/signal.c:255:11: warning: cast adds address space to expression (<asn:1>)
> +
> +	return (void __user *)sp;
>  }
>  
>  #ifdef CONFIG_X86_32


4a612048 arch/x86/kernel/signal_32.c (Hiroshi Shimamoto 2008-11-11 19:09:29 -0800 326)  err |= __put_user(*((u64 *)&retcode), (u64 *)frame->retcode);

arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: incorrect type in argument 1 (different address spaces)
arch/x86/kernel/signal.c:326:9:    expected void const volatile [noderef] <asn:1>*<noident>
arch/x86/kernel/signal.c:326:9:    got unsigned long long [usertype] *<noident>
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast adds address space to expression (<asn:1>)
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast adds address space to expression (<asn:1>)
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast adds address space to expression (<asn:1>)
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression
arch/x86/kernel/signal.c:326:9: warning: cast removes address space of expression

98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 359)  put_user_try {
98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 360)          put_user_ex(sig, &frame->sig);
98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 361)          put_user_ex(&frame->info, &frame->pinfo);

arch/x86/kernel/signal.c:361:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:361:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:361:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:361:3: warning: cast removes address space of expression

98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 362)          put_user_ex(&frame->uc, &frame->puc);

arch/x86/kernel/signal.c:362:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:362:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:362:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:362:3: warning: cast removes address space of expression

98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 363)          err |= copy_siginfo_to_user(&frame->info, info);
98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 364) 

98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 379)          /* Set up to return from userspace.  */
98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 380)          restorer = VDSO32_SYMBOL(current->mm->context.vdso, rt_si

arch/x86/kernel/signal.c:380:12: warning: incorrect type in assignment (different address spaces)
arch/x86/kernel/signal.c:380:12:    expected void [noderef] <asn:1>*restorer
arch/x86/kernel/signal.c:380:12:    got void *<noident>


98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 381)          if (ka->sa.sa_flags & SA_RESTORER)
98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 382)                  restorer = ka->sa.sa_restorer;
98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 383)          put_user_ex(restorer, &frame->pretcode);

arch/x86/kernel/signal.c:383:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:383:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:383:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:383:3: warning: cast removes address space of expression

98e3d45e arch/x86/kernel/signal.c    (Hiroshi Shimamoto 2009-01-23 15:50:10 -0800 392)          put_user_ex(*((u64 *)&rt_retcode), (u64 *)frame->retcode)

arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: incorrect type in argument 1 (different address spaces)
arch/x86/kernel/signal.c:392:3:    expected void const volatile [noderef] <asn:1>*<noident>
arch/x86/kernel/signal.c:392:3:    got unsigned long long [usertype] *<noident>
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast adds address space to expression (<asn:1>)
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast adds address space to expression (<asn:1>)
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast adds address space to expression (<asn:1>)
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression
arch/x86/kernel/signal.c:392:3: warning: cast removes address space of expression

--
JSR

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ