lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <50C084FC.8040104@imgtec.com> Date: Thu, 6 Dec 2012 11:43:56 +0000 From: James Hogan <james.hogan@...tec.com> To: Al Viro <viro@...IV.linux.org.uk> CC: <linux-arch@...r.kernel.org>, <linux-kernel@...r.kernel.org>, "Arnd Bergmann" <arnd@...db.de> Subject: Re: [PATCH v2 23/44] metag: Traps Hi Al, On 05/12/12 17:40, Al Viro wrote: > On Wed, Dec 05, 2012 at 04:08:41PM +0000, James Hogan wrote: >> +TBIRES tail_end(TBIRES State, unsigned long orig_syscall) >> +{ >> + struct pt_regs *regs = (struct pt_regs *)State.Sig.pCtx; >> + unsigned long flags; >> + >> + if (user_mode(regs)) { >> + local_irq_enable(); >> + /* This is actually a crucial little line - if the process >> + * needs swapping out, then this is where it happens! >> + */ >> + if (need_resched()) >> + schedule(); >> + >> + flags = current_thread_info()->flags; >> + if (flags & (_TIF_SIGPENDING | _TIF_NOTIFY_RESUME)) { >> + /* Note the passing in of the original syscall number. >> + * This is used for implementing signal restart. >> + */ >> + do_notify_resume(regs, orig_syscall != 0, >> + orig_syscall, flags); > > Owww.... So > a) you can't get there with !user_mode(regs) > b) you handle only one signal (what happens if you fail sigframe > allocation, BTW? Sure, you get SIGSEGV delivered. And don't handle it.) I see, this indeed looks wrong. If I understand correctly the second go around the loop when it asked for the next signal should either stop process (SIGSEGV), or try to invoke signal handler for SIGSEGV, and if allocation failed again it would see it's already in a SIGSEGV (in force_sigsegv), change handler to default, so that on the third go around the loop the process would get stopped. > c) you read ->flags with no protection whatsoever. It should be > done *before* you enable interrupts, and rechecked after you've done > do_notify_resume() and redisabled them. The same for schedule(). It really > should be a loop; take a look at how it's done on arm and alpha - there that > loop is in C, not in asm glue. Thanks for pointing to ARM/alpha versions. This definitely needs some work. > d) looks like your sigreturn is, indeed, broken. It should *not* have > syscall restart logics triggered at all. I presume this is related to the other email about preventing syscall restart logic for sigreturn. I can't see how any other arches prevent it though. Thanks a lot James -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists