| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <4FAA4E85.6020305@mev.co.uk> Date: Wed, 9 May 2012 12:01:25 +0100 From: Ian Abbott <abbotti@....co.uk> To: Dan Carpenter <dan.carpenter@...cle.com> CC: Ian Abbott <ian.abbott@....co.uk>, H Hartley Sweeten <hartleys@...ionengravers.com>, "devel@...verdev.osuosl.org" <devel@...verdev.osuosl.org>, "fmhess@...rs.sourceforge.net" <fmhess@...rs.sourceforge.net>, Linux Kernel <linux-kernel@...r.kernel.org>, "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org> Subject: Re: [PATCH] staging: comedi: remove __user annotation inside of struct's On 2012-05-09 11:31, Dan Carpenter wrote: > On Wed, May 09, 2012 at 11:20:07AM +0100, Ian Abbott wrote: >> On 2012-05-09 00:55, H Hartley Sweeten wrote: >>> On Tuesday, May 08, 2012 4:41 PM, H Hartley Sweeten wrote: >>>> >>>> The structs' comedi_insn, coomedi_insnlist, comedi_cmd, >>>> comedi_chaninfo, and comedi_rangeinfo are all passed to >>>> the kernel from user space using ioctl commands. They >>>> are then copied to kernel space using copy_from_user() >>>> before the data is passed to the drivers. >>>> >>>> The __user annotation should not be used with variables >>>> inside the struct. This produces a lot of sparse warnings >>>> like: >>>> >>>> warning: dereference of noderef expression >>>> >>>> Note: This patch exposes some new warnings about different >>>> address space. These will be addressed. >>> >>> Please ignore this patch. >>> >>> It appears the annotations in the struct definitions are correct. >> >> Personally, I think you were on the mark with the patch. It's >> better to avoid using __user in comedi.h so it can be used as-is in >> user-space. > > Sparse is useful so we shouldn't break it. I always run sparse over > my patches before submission and look at the warnings. Except if > they scroll off the page. In that case, I just figure that the > author deserves the bugs. > > We could just do some ifdeferry to fix it for userspace. That doesn't help in cases such as 'struct comedi_insn' where the 'data' pointer is a user-space pointer in the user-space copy of the object and a kernel-space pointer in the kernel-space copy of the object. The only fix for that is to have separate "k" versions of the struct or to do a load of casting, which is slightly error-prone and makes the code less readable. Are there any handy macros for casting pointers to __user pointers, something like #define _user(p) ((typeof(*(p)) __user *)(p)) but preferably without the repeated expansion of 'p' in case of side-effects? -- -=( Ian Abbott @ MEV Ltd. E-mail: <abbotti@....co.uk> )=- -=( Tel: +44 (0)161 477 1898 FAX: +44 (0)161 718 3587 )=- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists