lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 8 May 2012 18:55:59 -0500
From:	H Hartley Sweeten <hartleys@...ionengravers.com>
To:	Linux Kernel <linux-kernel@...r.kernel.org>
CC:	"devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>,
	"fmhess@...rs.sourceforge.net" <fmhess@...rs.sourceforge.net>,
	"abbotti@....co.uk" <abbotti@....co.uk>,
	"gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>
Subject: RE: [PATCH] staging: comedi: remove __user annotation inside of
 struct's

On Tuesday, May 08, 2012 4:41 PM, H Hartley Sweeten wrote:
>
> The structs' comedi_insn, coomedi_insnlist, comedi_cmd,
> comedi_chaninfo, and comedi_rangeinfo are all passed to
> the kernel from user space using ioctl commands. They
> are then copied to kernel space using copy_from_user()
> before the data is passed to the drivers.
>
> The __user annotation should not be used with variables
> inside the struct. This produces a lot of sparse warnings
> like:
>
> warning: dereference of noderef expression 
>
> Signed-off-by: H Hartley Sweeten <hsweeten@...ionengravers.com>
> Cc: Ian Abbott <abbotti@....co.uk>
> Cc: Mori Hess <fmhess@...rs.sourceforge.net>
> Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
>
> ---
>
> Note: This patch exposes some new warnings about different
> address space. These will be addressed.

Please ignore this patch.

It appears the annotations in the struct definitions are correct.

The initial copy_from_user will only copy the data  from the
struct __user *arg to the kernel's struct * it doesn't copy the
data that the struct variable points to, just the pointer. To get
that data another copy_from_user needs to be done.

The sparse warnings above will need to be addressed a
different way.

Sorry for the noise.

Regards,
Hartley
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ