lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 12 Dec 2017 11:31:02 +0100
From:   Ingo Molnar <mingo@...nel.org>
To:     Thomas Gleixner <tglx@...utronix.de>
Cc:     Darren Hart <dvhart@...radead.org>,
        LKML <linux-kernel@...r.kernel.org>,
        Ingo Molnar <mingo@...hat.com>,
        Peter Zijlstra <peterz@...radead.org>
Subject: Re: [PATCH] futex: Check for uaddr alignment as early as possible


* Thomas Gleixner <tglx@...utronix.de> wrote:

> On Fri, 8 Dec 2017, Darren Hart wrote:
> 
> > From: "Darren Hart (VMware)" <dvhart@...radead.org>
> > 
> > uaddr alignment is currently tested by get_futex_key(). We can catch
> > misalignment earlier in sys_futex and return -EINVAL sooner. This
> > simplifies get_futex_key() a little, but more importantly exits the
> > kernel as soon as an invalid parameter is detected.
> > 
> > Passes all selftests/futex testcases on a dual socket Xeon E5-2670, 16
> > physical cores total, 32 threads total.
> > 
> > Signed-off-by: Darren Hart (VMware) <dvhart@...radead.org>
> > Cc: Thomas Gleixner <tglx@...utronix.de>
> > Cc: Ingo Molnar <mingo@...hat.com>
> > Cc: Peter Zijlstra <peterz@...radead.org>
> > Cc: Darren Hart <dvhart@...radead.org>
> > ---
> >  kernel/futex.c | 7 +++++--
> >  1 file changed, 5 insertions(+), 2 deletions(-)
> > 
> > diff --git a/kernel/futex.c b/kernel/futex.c
> > index 76ed592..c3ee6c4 100644
> > --- a/kernel/futex.c
> > +++ b/kernel/futex.c
> > @@ -509,8 +509,6 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
> >  	 * The futex address must be "naturally" aligned.
> >  	 */
> >  	key->both.offset = address % PAGE_SIZE;
> > -	if (unlikely((address % sizeof(u32)) != 0))
> > -		return -EINVAL;
> >  	address -= key->both.offset;
> >  
> >  	if (unlikely(!access_ok(rw, uaddr, sizeof(u32))))
> > @@ -3525,6 +3523,11 @@ SYSCALL_DEFINE6(futex, u32 __user *, uaddr, int, op, u32, val,
> >  	u32 val2 = 0;
> >  	int cmd = op & FUTEX_CMD_MASK;
> >  
> > +	/* Only allow for aligned uaddr variables */
> > +	if (unlikely((unsigned long)uaddr % sizeof(u32) != 0 ||
> > +		     (unsigned long)uaddr2 % sizeof(u32) != 0))
> 
> Errm. How is that supposed to work? uaddr2 is not used by all opcodes.....

So to explain the curious timing of the mails from Thomas and me: I told Thomas 
about the breakage over IRC and he found the likely bug! ;-)

Thanks,

	Ingo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ