lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Apr 2019 18:40:12 +0200 From: Andrey Konovalov <andreyknvl@...gle.com> To: Catalin Marinas <catalin.marinas@....com> Cc: Steven Rostedt <rostedt@...dmis.org>, Will Deacon <will.deacon@....com>, Mark Rutland <mark.rutland@....com>, Kees Cook <keescook@...omium.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Andrew Morton <akpm@...ux-foundation.org>, Ingo Molnar <mingo@...nel.org>, "Kirill A . Shutemov" <kirill.shutemov@...ux.intel.com>, Vincenzo Frascino <vincenzo.frascino@....com>, Eric Dumazet <edumazet@...gle.com>, "David S. Miller" <davem@...emloft.net>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Peter Zijlstra <peterz@...radead.org>, Arnaldo Carvalho de Melo <acme@...nel.org>, Mauro Carvalho Chehab <mchehab@...nel.org>, Jens Wiklander <jens.wiklander@...aro.org>, Alex Williamson <alex.williamson@...hat.com>, Linux ARM <linux-arm-kernel@...ts.infradead.org>, Linux Memory Management List <linux-mm@...ck.org>, linux-arch <linux-arch@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, Dmitry Vyukov <dvyukov@...gle.com>, Kostya Serebryany <kcc@...gle.com>, Evgeniy Stepanov <eugenis@...gle.com>, Lee Smith <Lee.Smith@....com>, Ramana Radhakrishnan <Ramana.Radhakrishnan@....com>, Ruben Ayrapetyan <Ruben.Ayrapetyan@....com>, Luc Van Oostenryck <luc.vanoostenryck@...il.com>, Dave Martin <Dave.Martin@....com>, Kevin Brodsky <kevin.brodsky@....com>, Szabolcs Nagy <Szabolcs.Nagy@....com> Subject: Re: [PATCH v13 04/20] mm, arm64: untag user pointers passed to memory syscalls On Tue, Apr 2, 2019 at 2:47 PM Andrey Konovalov <andreyknvl@...gle.com> wrote: > > On Fri, Mar 29, 2019 at 11:30 AM Catalin Marinas > <catalin.marinas@....com> wrote: > > > > (I trimmed down the cc list a bit since it's always bouncing) > > > > On Thu, Mar 28, 2019 at 02:19:34PM -0400, Steven Rostedt wrote: > > > On Thu, 28 Mar 2019 19:10:07 +0100 > > > Andrey Konovalov <andreyknvl@...gle.com> wrote: > > > > > > > > > Signed-off-by: Andrey Konovalov <andreyknvl@...gle.com> > > > > > > --- > > > > > > ipc/shm.c | 2 ++ > > > > > > mm/madvise.c | 2 ++ > > > > > > mm/mempolicy.c | 5 +++++ > > > > > > mm/migrate.c | 1 + > > > > > > mm/mincore.c | 2 ++ > > > > > > mm/mlock.c | 5 +++++ > > > > > > mm/mmap.c | 7 +++++++ > > > > > > mm/mprotect.c | 1 + > > > > > > mm/mremap.c | 2 ++ > > > > > > mm/msync.c | 2 ++ > > > > > > 10 files changed, 29 insertions(+) > > > > > > > > > > I wonder whether it's better to keep these as wrappers in the arm64 > > > > > code. > > > > > > > > I don't think I understand what you propose, could you elaborate? > > > > > > I believe Catalin is saying that instead of placing things like: > > > > > > @@ -1593,6 +1593,7 @@ SYSCALL_DEFINE3(shmat, int, shmid, char __user *, shmaddr, int, shmflg) > > > unsigned long ret; > > > long err; > > > > > > + shmaddr = untagged_addr(shmaddr); > > > > > > To instead have the shmaddr set to the untagged_addr() before calling > > > the system call, and passing the untagged addr to the system call, as > > > that goes through the arm64 architecture specific code first. > > > > Indeed. For example, we already have a SYSCALL_DEFINE6(mmap, ...) in > > arch/arm64/kernel/sys.c, just add the untagging there. We could do > > something similar for the other syscalls. I don't mind doing this in the > > generic code but if it's only needed for arm64, I'd rather keep the > > generic changes to a minimum. > > Do I understand correctly, that I'll need to add ksys_ wrappers for > each of the memory syscalls, and then redefine them in > arch/arm64/kernel/sys.c with arm64_ prefix, like it is done for the > personality syscall right now? This will require generic changes as > well. ping > > > > > (I had a hack overriding __SC_CAST to do this automatically for pointer > > arguments but this wouldn't work on mmap() and friends as the argument > > is unsigned long) > > > > -- > > Catalin
Powered by blists - more mailing lists