lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20141112132741.GA53560@unpythonic.net>
Date:	Wed, 12 Nov 2014 07:27:42 -0600
From:	Jeff Epler <jepler@...ythonic.net>
To:	Chen Gang <gang.chen.5i5j@...il.com>
Cc:	cmetcalf@...era.com,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] arch: tile: kernel: kgdb.c: Use memcpy() instead of
 pointer copy one by one

It seems there's additional background required to understand the
diagnostic:

asm/ptrace.h has
    struct pt_regs {
        /* tp, sp, and lr must immediately follow regs[] for aliasing. */
        pt_reg_t regs[53];
        pt_reg_t tp;            /* aliases regs[TREG_TP] */
        pt_reg_t sp;            /* aliases regs[TREG_SP] */
        pt_reg_t lr;            /* aliases regs[TREG_LR] */
and the intended copy overwites all of regs[], plus tp, sp, and lr.

It's intended for thread_regs.regs[TREG_TP] to alias to thread_regs.tp,
though in C this is undefined behavior (it dereferences a pointer past
the end of the structure).
> >   arch/tile/kernel/kgdb.c:140:31: warning: iteration 53u invokes undefined behavior [-Waggressive-loop-optimizations]
> >      *(ptr++) = thread_regs->regs[reg];

If compilers are beginning to exploit the rule that indexing past the
end of an array is UB, then the way that these register aliases are
created may need to be revisited with careful attention to what the C
standard actually says; I'm just going by memory.  (I assume the
compiler could do things like replace an intended load from memory with
a constant load or even no load at all)

Jeff
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ