| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Oct 2009 00:25:05 +0200
From: Arnd Bergmann <arndbergmann@...glemail.com>
To: Frederic Weisbecker <fweisbec@...il.com>
Cc: Thomas Gleixner <tglx@...utronix.de>,
LKML <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...e.hu>,
John Kacur <jkacur@...hat.com>,
"Sven-Thorsten Dietrich" <sven@...bigcorporation.com>,
Jonathan Corbet <corbet@....net>,
Alessio Igor Bogani <abogani@...ware.it>,
Arnd Bergmann <arndbergmann@...glemail.com>,
Alan Cox <alan@...rguk.ukuu.org.uk>
Subject: Re: [PATCH] generic_nvram: Turn nvram_ioctl into an unlocked ioctl
On Monday 12 October 2009, Frederic Weisbecker wrote:
> nvram_ioctl is a bkl locked ioctl, but it can be an unlocked ioctl.
>
> - part is provided by the user
> - offset is provided by pmac_get_partition() which is safe as it only
> touches nvram_partitions, an array inistialized on __init time and
> read-only the rest of the time.
> - nvram_sync() only relies on core99_nvram_sync() which checks
> is_core_99, nvram_data, nvram_image. Those are variables initialized
> on __init time only and their direct values are not touched further.
> The rest modifies the nvram image header, protected by nv_lock
> already.
>
> So it's safe to call nvram_ioctl without the big kernel lock held.
>
> Reported-by: Arnd Bergmann <arndbergmann@...glemail.com>
> Signed-off-by: Frederic Weisbecker <fweisbec@...il.com>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Ingo Molnar <mingo@...e.hu>
> Cc: John Kacur <jkacur@...hat.com>
> Cc: Sven-Thorsten Dietrich <sven@...bigcorporation.com>
> Cc: Jonathan Corbet <corbet@....net>
> Cc: Alessio Igor Bogani <abogani@...ware.it>
> Cc: Arnd Bergmann <arndbergmann@...glemail.com>
> Cc: Alan Cox <alan@...rguk.ukuu.org.uk>
Hmm, I wish I had not started using the gmail MTA for sending out
mail, not that address is public forever.
> drivers/char/generic_nvram.c | 10 +++++-----
> 1 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/char/generic_nvram.c b/drivers/char/generic_nvram.c
> index c49200e..fd448aa 100644
> --- a/drivers/char/generic_nvram.c
> +++ b/drivers/char/generic_nvram.c
> @@ -118,11 +118,11 @@ static int nvram_ioctl(struct inode *inode, struct file *file,
> }
>
> const struct file_operations nvram_fops = {
> - .owner = THIS_MODULE,
> - .llseek = nvram_llseek,
> - .read = read_nvram,
> - .write = write_nvram,
> - .ioctl = nvram_ioctl,
> + .owner = THIS_MODULE,
> + .llseek = nvram_llseek,
> + .read = read_nvram,
> + .write = write_nvram,
> + .unlocked_ioctl = nvram_ioctl,
> };
>
> static struct miscdevice nvram_dev = {
The ioctl and unlocked_ioctl functions have a different signature, so you
need to adapt that, not just rename it.
Not sure if we should do it in the same patch, but this driver should also
have a compat_ioctl method pointing to the same function. The ioctl numbers
in this driver are all 32/64 bit clean, but are not listed in fs/compat_ioctl.c,
so adding a .compat_ioctl pointer is the easiest way to fix 32 bit userland
accessing the device.
Arnd <><
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists