lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <D9A0FF66-037C-4605-BF82-3FF075776303@amazon.com>
Date:	Mon, 4 Jul 2016 15:13:56 +0000
From:	"Tautschnig, Michael" <tautschn@...zon.co.uk>
To:	Arnd Bergmann <arnd@...db.de>, Andi Kleen <ak@...ux.intel.com>
CC:	"x86@...nel.org" <x86@...nel.org>,
	"linux-api@...r.kernel.org" <linux-api@...r.kernel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	"Ingo Molnar" <mingo@...hat.com>, "H. Peter Anvin" <hpa@...or.com>,
	Jaswinder Singh <jaswinder@...radead.org>
Subject: Re: [PATCH] Syscall arguments are unsigned long (full registers)


> On 4 Jul 2016, at 16:59, Arnd Bergmann <arnd@...db.de> wrote:
> 
> On Monday, July 4, 2016 2:47:10 PM CEST Tautschnig, Michael wrote:
>> Thanks a lot for the immediate feedback.
>> 
>>> On 4 Jul 2016, at 16:28, Andi Kleen <ak@...ux.intel.com> wrote:
>>> 
>>> On Mon, Jul 04, 2016 at 01:52:58PM +0000, Tautschnig, Michael wrote:
>>>> All syscall arguments are passed in as types of the same byte size as
>>>> unsigned long (width of full registers). Using a smaller type without a
>>>> cast may result in losing bits of information. In all other instances
>>>> apart from the ones fixed by the patch the code explicitly introduces
>>>> type casts (using, e.g., SYSCALL_DEFINE1).
>>>> 
>>>> While goto-cc reported these problems at build time, it is noteworthy
>>>> that the calling conventions specified in the System V AMD64 ABI do
>>>> ensure that parameters 1-6 are passed via registers, thus there is no
>>>> implied risk of misaligned stack access.
>>> 
>>> Does this actually fix anything?
>>> 
>> 
>> It will ensure the behaviour on 32 and 64-bit systems is consistent, i.e.,
>> no truncation occurs. This is to ensure that future uses of these syscalls
   ^^^ no *hidden*

>> do not face surprises.
>> 

[...]
> This is the same truncation that we do with SYSCALL_DEFINE2(),
> clearing the top 32 bits of the 'code' parameter to ensure that
> user space doesn't pass data unexpectedly.
> 
> That change seems reasonable, but why not just use SYSCALL_DEFINE2()
> directly for consistency with the other syscalls?
> 

Happy to provide such an updated patch; Andi seemed less confident this should
be going ahead?

Best,
Michael

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ