lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1420558883-10131-1-git-send-email-mst@redhat.com>
Date:	Tue, 6 Jan 2015 17:43:28 +0200
From:	"Michael S. Tsirkin" <mst@...hat.com>
To:	linux-kernel@...r.kernel.org
Cc:	Arnd Bergmann <arnd@...db.de>, linux-arch@...r.kernel.org
Subject: [PATCH v2 00/40] uaccess: fix sparse warning on get/put_user for
 bitwise types

changes from v1:

- xtensa and powerpc patches have been merged by maintainers, drop them
- added patches to fix put_user on a bunch of architectures
- add acks received since v1
- a bunch of whitespace tweaks


At the moment, if p and x are both tagged as bitwise types,
some of get_user(x, p), put_user(x, p), __get_user(x, p), __put_user(x, p)
produce a sparse warning on many architectures.
This is a false positive: *p on these architectures is loaded into long
(typically using asm), then cast back to typeof(*p).

When typeof(*p) is a bitwise type (which is uncommon), such a cast needs
__force, otherwise sparse produces a warning.

Some architectures already have the __force tag, add it
where it's missing.

I verified that adding these __force casts does not supress any useful warnings.

Specifically, vhost wants to read/write bitwise types in userspace memory
using get_user/put_user.
At the moment this triggers sparse errors, since the value is passed through an
integer.

For example:
    __le32 __user *p;
    __u32 x;

both
    put_user(x, p);
and
    get_user(x, p);
should be safe, but produce warnings on some architectures.


While there, I noticed that a bunch of architectures violated
coding style rules within uaccess macros.
Added patches to fix them up.


I tested this on x86 only. Since it's just adding __force, should be
trivially safe everywhere?


Arnd, did you merge v1 already? If yes, can you please replace with
this version?

Michael S. Tsirkin (40):
  x86/uaccess: fix sparse errors
  alpha/uaccess: fix sparse errors
  arm64/uaccess: fix sparse errors
  avr32/uaccess: fix sparse errors
  blackfin/uaccess: fix sparse errors
  cris/uaccess: fix sparse errors
  ia64/uaccess: fix sparse errors
  m32r/uaccess: fix sparse errors
  metag/uaccess: fix sparse errors
  microblaze/uaccess: fix sparse errors
  openrisc/uaccess: fix sparse errors
  parisc/uaccess: fix sparse errors
  sh/uaccess: fix sparse errors
  sparc32/uaccess: fix sparse errors
  sparc64/uaccess: fix sparse errors
  m68k/uaccess: fix sparse errors
  arm: fix put_user sparse errors
  blackfin: fix put_user sparse errors
  ia64: fix put_user sparse errors
  metag: fix put_user sparse errors
  sh: fix put_user sparse errors
  tile: fix put_user sparse errors
  tile: enable sparse checks for get/put_user
  avr32: whitespace fix
  arch/sparc: uaccess_32 macro whitespace fixes
  arch/sparc: uaccess_64 macro whitespace fixes
  blackfin: macro whitespace fixes
  microblaze: whitespace fix
  alpha: macro whitespace fixes
  arm: macro whitespace fixes
  arm64: macro whitespace fixes
  avr32: macro whitespace fixes
  cris: macro whitespace fixes
  frv: macro whitespace fixes
  m32r: macro whitespace fixes
  m68k: macro whitespace fixes
  parisc: macro whitespace fixes
  s390: macro whitespace fixes
  sh: macro whitespace fixes
  xtensa: macro whitespace fixes

 arch/alpha/include/asm/uaccess.h      |  86 ++++----
 arch/arm/include/asm/uaccess.h        |  96 ++++-----
 arch/arm64/include/asm/uaccess.h      |   4 +-
 arch/avr32/include/asm/uaccess.h      |  24 +--
 arch/blackfin/include/asm/uaccess.h   |  32 +--
 arch/cris/include/asm/uaccess.h       | 117 +++++------
 arch/frv/include/asm/segment.h        |   2 +-
 arch/ia64/include/asm/uaccess.h       |  11 +-
 arch/m32r/include/asm/uaccess.h       |  88 ++++----
 arch/m68k/include/asm/segment.h       |   2 +-
 arch/m68k/include/asm/uaccess_mm.h    |  40 ++--
 arch/metag/include/asm/uaccess.h      |  25 ++-
 arch/microblaze/include/asm/uaccess.h |   6 +-
 arch/openrisc/include/asm/uaccess.h   |   4 +-
 arch/parisc/include/asm/uaccess.h     | 116 +++++------
 arch/s390/include/asm/uaccess.h       |   4 +-
 arch/sh/include/asm/segment.h         |   2 +-
 arch/sh/include/asm/uaccess.h         |   4 +-
 arch/sh/include/asm/uaccess_64.h      |   8 +-
 arch/sparc/include/asm/uaccess_32.h   | 364 +++++++++++++++++++++-------------
 arch/sparc/include/asm/uaccess_64.h   | 246 +++++++++++++----------
 arch/tile/include/asm/uaccess.h       |   6 +-
 arch/x86/include/asm/uaccess.h        |   2 +-
 arch/xtensa/include/asm/uaccess.h     |  90 ++++-----
 24 files changed, 759 insertions(+), 620 deletions(-)

-- 
MST

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ