| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <4387EFE3-55AB-433B-83E1-2AFC413C7B9A@online.nl> Date: Fri, 9 Oct 2015 11:49:45 +0200 From: Hans Zuidam <h.zuidam@...ine.nl> To: Thomas Gleixner <tglx@...utronix.de> Cc: Jaccon Bastiaansen <jaccon.bastiaansen@...il.com>, x86@...nel.org, mingo@...hat.com, "H. Peter Anvin" <hpa@...or.com>, Peter Zijlstra <peterz@...radead.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, stable@...r.kernel.org Subject: Re: [RFC]: Possible race condition in kernel futex code Hi Thomas, On 9 okt. 2015, at 11:06, Thomas Gleixner <tglx@...utronix.de> wrote: On Mon, 5 Oct 2015, Jaccon Bastiaansen wrote: >> We did some tests with different compilers, kernel versions and kernel >> configs, with the following results: > You cannot use an explicit 32bit read. We need an access which handles the fault gracefully. The reason for the explicit read suggestion is to avoid the _builtin_constant_p() in __copy_from_user_nocheck(). The GCC manual says that there may be situations where it returns 0 even though the argument is a constant. Although none of the compiler/kernel combinations we have tried showed this happening, we think it is probably better to be safe than sorry. With kind regards, Hans Zuidam -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists