| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Oct 2019 11:42:01 -0000
From: "tip-bot2 for Peter Zijlstra" <tip-bot2@...utronix.de>
To: linux-tip-commits@...r.kernel.org
Cc: Randy Dunlap <rdunlap@...radead.org>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Christian Brauner <christian.brauner@...ntu.com>,
Josh Poimboeuf <jpoimboe@...hat.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Thomas Gleixner <tglx@...utronix.de>, cyphar@...har.com,
keescook@...omium.org, linux@...musvillemoes.dk,
Ingo Molnar <mingo@...nel.org>, Borislav Petkov <bp@...en8.de>,
linux-kernel@...r.kernel.org
Subject: [tip: x86/asm] ubsan, x86: Annotate and allow
__ubsan_handle_shift_out_of_bounds() in uaccess regions
The following commit has been merged into the x86/asm branch of tip:
Commit-ID: 9a50dcaf0416a43e1fe411dc61a99c8333c90119
Gitweb: https://git.kernel.org/tip/9a50dcaf0416a43e1fe411dc61a99c8333c90119
Author: Peter Zijlstra <peterz@...radead.org>
AuthorDate: Mon, 21 Oct 2019 15:11:49 +02:00
Committer: Ingo Molnar <mingo@...nel.org>
CommitterDate: Mon, 28 Oct 2019 10:43:00 +01:00
ubsan, x86: Annotate and allow __ubsan_handle_shift_out_of_bounds() in uaccess regions
The new check_zeroed_user() function uses variable shifts inside of a
user_access_begin()/user_access_end() section and that results in GCC
emitting __ubsan_handle_shift_out_of_bounds() calls, even though
through value range analysis it would be able to see that the UB in
question is impossible.
Annotate and whitelist this UBSAN function; continued use of
user_access_begin()/user_access_end() will undoubtedly result in
further uses of function.
Reported-by: Randy Dunlap <rdunlap@...radead.org>
Tested-by: Randy Dunlap <rdunlap@...radead.org>
Signed-off-by: Peter Zijlstra (Intel) <peterz@...radead.org>
Acked-by: Randy Dunlap <rdunlap@...radead.org>
Acked-by: Christian Brauner <christian.brauner@...ntu.com>
Cc: Josh Poimboeuf <jpoimboe@...hat.com>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Stephen Rothwell <sfr@...b.auug.org.au>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: cyphar@...har.com
Cc: keescook@...omium.org
Cc: linux@...musvillemoes.dk
Fixes: f5a1a536fa14 ("lib: introduce copy_struct_from_user() helper")
Link: https://lkml.kernel.org/r/20191021131149.GA19358@hirez.programming.kicks-ass.net
Signed-off-by: Ingo Molnar <mingo@...nel.org>
---
lib/ubsan.c | 5 ++++-
tools/objtool/check.c | 1 +
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/ubsan.c b/lib/ubsan.c
index e7d3173..0c46811 100644
--- a/lib/ubsan.c
+++ b/lib/ubsan.c
@@ -374,9 +374,10 @@ void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data,
struct type_descriptor *lhs_type = data->lhs_type;
char rhs_str[VALUE_LENGTH];
char lhs_str[VALUE_LENGTH];
+ unsigned long ua_flags = user_access_save();
if (suppress_report(&data->location))
- return;
+ goto out;
ubsan_prologue(&data->location, &flags);
@@ -402,6 +403,8 @@ void __ubsan_handle_shift_out_of_bounds(struct shift_out_of_bounds_data *data,
lhs_type->type_name);
ubsan_epilogue(&flags);
+out:
+ user_access_restore(ua_flags);
}
EXPORT_SYMBOL(__ubsan_handle_shift_out_of_bounds);
diff --git a/tools/objtool/check.c b/tools/objtool/check.c
index 044c9a3..f53d3c5 100644
--- a/tools/objtool/check.c
+++ b/tools/objtool/check.c
@@ -481,6 +481,7 @@ static const char *uaccess_safe_builtin[] = {
"ubsan_type_mismatch_common",
"__ubsan_handle_type_mismatch",
"__ubsan_handle_type_mismatch_v1",
+ "__ubsan_handle_shift_out_of_bounds",
/* misc */
"csum_partial_copy_generic",
"__memcpy_mcsafe",
Powered by blists - more mailing lists