lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 14 Aug 2019 10:30:22 +0200
From:   David Rheinsberg <david.rheinsberg@...il.com>
To:     Benjamin Tissoires <benjamin.tissoires@...hat.com>
Cc:     Jiri Kosina <jikos@...nel.org>,
        "open list:HID CORE LAYER" <linux-input@...r.kernel.org>,
        lkml <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] HID: uhid: actually use the err number from userspace

Hey

> > 2) I think you have to filter some of the error codes. For instance,
> > if you return one of the -ERESTARTSYS codes, this might cause the
> > syscall to restart (if auto-restart is enabled on this context). At
> > the same time, this is not *that* bad. It might even be useful for the
> > userspace driver to trigger an EINTR. At least we should be aware of
> > this. So maybe filters are not necessary.. Mhhh. Comments?
>
> I haven't thought at all of the side effects of letting the user
> return a random error code.
> I have the impression that anything below EHWPOISON (133) is
> relatively safe. So maybe we should just make sure the error code is
> below 134?
>
> The ERESTARTSYS has a few warnings in the include file, so I guess the
> side effects might be too much for what we want to deal with.

How about `err < ERESTARTSYS`? That is, we grant user-space the entire
range [1-511]. This seems to be the range reserved for uapi.

I think the ERESTART* codes would be fine as well, but I also don't
believe there to be any actual use-case for them. Anyway, I am fine
with either range.

Thanks
David

Powered by blists - more mailing lists