| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20180117070827.GA26868@lst.de>
Date: Wed, 17 Jan 2018 08:08:27 +0100
From: Christoph Hellwig <hch@....de>
To: Al Viro <viro@...IV.linux.org.uk>
Cc: Jeff Moyer <jmoyer@...hat.com>, Christoph Hellwig <hch@....de>,
Avi Kivity <avi@...lladb.com>, linux-aio@...ck.org,
linux-fsdevel@...r.kernel.org, netdev@...r.kernel.org,
linux-api@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 32/32] aio: implement io_pgetevents
On Wed, Jan 17, 2018 at 04:27:21AM +0000, Al Viro wrote:
> On Tue, Jan 16, 2018 at 07:41:24PM -0500, Jeff Moyer wrote:
> > if (sigmask) {
> > - if (copy_from_user(&ksigmask, sigmask, sizeof(ksigmask)))
> > + if (!access_ok(VERIFY_READ, sigmask,
> > + sizeof(void *) + sizeof(size_t)) ||
> > + __get_user(up, (sigset_t __user * __user *)sigmask) ||
> > + __get_user(sigsetsize,
> > + (size_t __user *)(sigmask + sizeof(void *))))
> > return -EFAULT;
>
> How about copy_from_user() on a struct? Making eyes bleed is fun, but
> people tend to get annoyed when you do it to them...
Above is the copy & paste version from pselect. I've got both copy_from_user
and that horrible version in my tree, and if we really need this awfull
calling convention copy_from_user certainly is much better. pselect
also should be switched to explicit struct + copy_from_user while
we're at it. In fact glibc defines a struct for the userland version
to start with.
Powered by blists - more mailing lists