lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 8 Dec 2017 11:50:04 +0100
From:   Peter Zijlstra <peterz@...radead.org>
To:     Darren Hart <dvhart@...radead.org>
Cc:     Cheng Jian <cj.chengjian@...wei.com>, tglx@...utronix.de,
        mingo@...hat.com, linux-kernel@...r.kernel.org,
        xiexiuqi@...wei.com, huawei.libin@...wei.com
Subject: Re: [PATCH] futex: use fault_in to avoid infinite loop

On Thu, Dec 07, 2017 at 09:21:36PM -0800, Darren Hart wrote:
> On Wed, Dec 06, 2017 at 10:40:08PM +0100, Peter Zijlstra wrote:
> > diff --git a/include/uapi/asm-generic/errno.h b/include/uapi/asm-generic/errno.h
> > index cf9c51ac49f9..4cb80d4ac160 100644
> > --- a/include/uapi/asm-generic/errno.h
> > +++ b/include/uapi/asm-generic/errno.h
> > @@ -119,5 +119,6 @@
> >  #define ERFKILL		132	/* Operation not possible due to RF-kill */
> >  
> >  #define EHWPOISON	133	/* Memory page has hardware error */
> > +#define EMORON		134	/* User did something particularly silly */
> 
> It's baaa-aaack...
> 

Had to try... will keep trying, we need this! :-)

> > --- a/kernel/futex.c
> > +++ b/kernel/futex.c
> > @@ -3262,6 +3262,8 @@ static int futex_wait_requeue_pi(u32 __user *uaddr, unsigned int flags,
> >  SYSCALL_DEFINE2(set_robust_list, struct robust_list_head __user *, head,
> >  		size_t, len)
> >  {
> > +	unsigned long address = (unsigned long)head;
> > +
> >  	if (!futex_cmpxchg_enabled)
> >  		return -ENOSYS;
> >  	/*
> > @@ -3270,6 +3272,9 @@ SYSCALL_DEFINE2(set_robust_list, struct robust_list_head __user *, head,
> >  	if (unlikely(len != sizeof(*head)))
> >  		return -EINVAL;
> >  
> > +	if (unlikely(address % __alignof__(*head)))
> > +		return -EMORON;
> 
> Seeing as how this is performing the test as early as possible, would it make
> sense to also catch unaligned uaddr and uaddr2 as early as possible too - in
> sys_futex?

Probably makes it clearer that we have this requirement, yes.

Powered by blists - more mailing lists