| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEn-LTpY6Tto1N9irXJeOb4iB=qSYhb=jM0E=Z9ppumbPX6GSw@mail.gmail.com>
Date: Fri, 29 Mar 2019 18:52:18 +0100
From: David Abdurachmanov <david.abdurachmanov@...il.com>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: "Dmitry V. Levin" <ldv@...linux.org>,
Will Drewry <wad@...omium.org>,
Kees Cook <keescook@...omium.org>,
Palmer Dabbelt <palmer@...ive.com>,
linux-kernel@...r.kernel.org,
Andy Lutomirski <luto@...capital.net>,
Ingo Molnar <mingo@...hat.com>, linux-riscv@...ts.infradead.org
Subject: Re: [PATCH] riscv: fix syscall_get_arguments() and syscall_set_arguments()
On Fri, Mar 29, 2019 at 6:15 PM Steven Rostedt <rostedt@...dmis.org> wrote:
>
> On Fri, 29 Mar 2019 20:12:21 +0300
> "Dmitry V. Levin" <ldv@...linux.org> wrote:
>
> > RISC-V syscall arguments are located in orig_a0,a1..a5 fields
> > of struct pt_regs.
> >
> > Due to an off-by-one bug and a bug in pointer arithmetic
> > syscall_get_arguments() was reading s3..s7 fields instead of a1..a5.
> > Likewise, syscall_set_arguments() was writing s3..s7 fields
> > instead of a1..a5.
>
> Should I add this to my series? And then rebase on top of it?
I have alternative version posted in December part of SECCOMP
patchset which is based on arm64 implementation.
http://lists.infradead.org/pipermail/linux-riscv/2018-December/002450.html
I noticed that SECCOMP wasn't working properly if filters were
checking syscall arguments, because populated arguments were wrong.
Btw, I plan to send v2 of SECCOMP patchset soonish.
david
>
> -- Steve
>
> >
> > Fixes: e2c0cdfba7f69 ("RISC-V: User-facing API")
> > Cc: Steven Rostedt <rostedt@...dmis.org>
> > Cc: Ingo Molnar <mingo@...hat.com>
> > Cc: Kees Cook <keescook@...omium.org>
> > Cc: Andy Lutomirski <luto@...capital.net>
> > Cc: Will Drewry <wad@...omium.org>
> > Cc: linux-riscv@...ts.infradead.org
> > Cc: stable@...r.kernel.org # v4.15+
> > Signed-off-by: Dmitry V. Levin <ldv@...linux.org>
> > ---
> > arch/riscv/include/asm/syscall.h | 12 +++++++-----
> > 1 file changed, 7 insertions(+), 5 deletions(-)
> >
> > diff --git a/arch/riscv/include/asm/syscall.h b/arch/riscv/include/asm/syscall.h
> > index bba3da6ef157..6ea9e1804233 100644
> > --- a/arch/riscv/include/asm/syscall.h
> > +++ b/arch/riscv/include/asm/syscall.h
> > @@ -79,10 +79,11 @@ static inline void syscall_get_arguments(struct task_struct *task,
> > if (i == 0) {
> > args[0] = regs->orig_a0;
> > args++;
> > - i++;
> > n--;
> > + } else {
> > + i--;
> > }
> > - memcpy(args, ®s->a1 + i * sizeof(regs->a1), n * sizeof(args[0]));
> > + memcpy(args, ®s->a1 + i, n * sizeof(args[0]));
> > }
> >
> > static inline void syscall_set_arguments(struct task_struct *task,
> > @@ -94,10 +95,11 @@ static inline void syscall_set_arguments(struct task_struct *task,
> > if (i == 0) {
> > regs->orig_a0 = args[0];
> > args++;
> > - i++;
> > n--;
> > - }
> > - memcpy(®s->a1 + i * sizeof(regs->a1), args, n * sizeof(regs->a0));
> > + } else {
> > + i--;
> > + }
> > + memcpy(®s->a1 + i, args, n * sizeof(regs->a1));
> > }
> >
> > static inline int syscall_get_arch(void)
>
>
> _______________________________________________
> linux-riscv mailing list
> linux-riscv@...ts.infradead.org
> http://lists.infradead.org/mailman/listinfo/linux-riscv
Powered by blists - more mailing lists