lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 19 Sep 2016 16:26:27 +0200 From: Jonas Bonn <jonas@...thpole.se> To: Stafford Horne <shorne@...il.com>, Stefan Kristiansson <stefan.kristiansson@...nalahti.fi>, Andrew Morton <akpm@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org Subject: Re: [PATCH 1/7] Apply transparent_union attribute to union semun NAK... this breaks other architectures. The OpenRISC toolchain is broken with regard to this issue. Five years ago (last I looked) nobody seemed interesting in fixing it. Has anything changed here? /Jonas On 09/16/2016 04:42 PM, Stafford Horne wrote: > ..From: Jonas Bonn <jonas@...thpole.se> > > The syscall handler for semctl is written under the assumption that the > toolchain will pass "small" unions as function parameters directly instead > of by reference. The union semun is "small" and thus fits this description. > > Since it is assumed that the union will be passed directly and not by > reference, it is safe to access the union members without going via > get_user. > > The OpenRISC architecture, however, passes all unions by reference, thus > breaking the above assumption. > > The technically correct fix here is to mark the union as being transparent > so that the ABI of the union's first element determines the parameter > passing method and thus make explicit what's already implied in the function > definition. > > Signed-off-by: Jonas Bonn <jonas@...thpole.se> > Signed-off-by: Stafford Horne <shorne@...il.com> > --- > include/uapi/linux/sem.h | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/include/uapi/linux/sem.h b/include/uapi/linux/sem.h > index dd73b90..aabe50f 100644 > --- a/include/uapi/linux/sem.h > +++ b/include/uapi/linux/sem.h > @@ -48,7 +48,7 @@ union semun { > unsigned short __user *array; /* array for GETALL & SETALL */ > struct seminfo __user *__buf; /* buffer for IPC_INFO */ > void __user *__pad; > -}; > +} __attribute__ ((transparent_union)); > > struct seminfo { > int semmap;
Powered by blists - more mailing lists