[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <47DFxk6wMPz9sRs@ozlabs.org>
Date: Thu, 14 Nov 2019 20:07:54 +1100 (AEDT)
From: Michael Ellerman <patch-notifications@...erman.id.au>
To: Geert Uytterhoeven <geert+renesas@...der.be>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Paul Mackerras <paulus@...ba.org>
Cc: linuxppc-dev@...ts.ozlabs.org, Joel Stanley <joel@....id.au>,
Geert Uytterhoeven <geert+renesas@...der.be>,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] powerpc/security: Fix debugfs data leak on 32-bit
On Mon, 2019-10-21 at 14:23:09 UTC, Geert Uytterhoeven wrote:
> "powerpc_security_features" is "unsigned long", i.e. 32-bit or 64-bit,
> depending on the platform (PPC_FSL_BOOK3E or PPC_BOOK3S_64). Hence
> casting its address to "u64 *", and calling debugfs_create_x64() is
> wrong, and leaks 32-bit of nearby data to userspace on 32-bit platforms.
>
> While all currently defined SEC_FTR_* security feature flags fit in
> 32-bit, they all have "ULL" suffixes to make them 64-bit constants.
> Hence fix the leak by changing the type of "powerpc_security_features"
> (and the parameter types of its accessors) to "u64". This also allows
> to drop the cast.
>
> Fixes: 398af571128fe75f ("powerpc/security: Show powerpc_security_features in debugfs")
> Signed-off-by: Geert Uytterhoeven <geert+renesas@...der.be>
Applied to powerpc next, thanks.
https://git.kernel.org/powerpc/c/3b05a1e517e1a8cfda4866ec31d28b2bc4fee4c4
cheers
Powered by blists - more mailing lists