| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 23 Mar 2020 18:50:57 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Thomas Gleixner <tglx@...utronix.de>, linux-kernel@...r.kernel.org
Subject: [RFC][PATCHSET] futex uaccess cleanups
As it is, arch_futex_atomic_op_inuser() has access_ok() done by
the (only) caller. It would be better off closer to the actual user
memory access, as it is already done for futex_atomic_cmpxchg_inatomic().
And just as for futex_atomic_cmpxchg_inatomic() we can take
pagefault_{disable,enable}() into the caller. Doing that brings
access_ok() and whatever an architecture needs to do to enable
the actual userland memory access into the same level; e.g. for x86
we can immediately convert them to user_access_begin/user_access_end
pair.
Also in this series: removal of user_atomic_cmpxchg_inatomic().
The only remaining user had been futex_atomic_cmpxchg_inatomic() and
it doesn't require that kind of polymorphism. It used to have callers
in MPX (and had been introduced for the sake of those), but MPX is
gone now and nobody else has ever made use of that primitive.
Please, review. This stuff lives in vfs.git#next.uaccess-3,
individual patches in followups. The branch is based at #next.uaccess-2,
diffstat is
arch/alpha/include/asm/futex.h | 5 +-
arch/arc/include/asm/futex.h | 5 +-
arch/arm/include/asm/futex.h | 5 +-
arch/arm64/include/asm/futex.h | 5 +-
arch/hexagon/include/asm/futex.h | 5 +-
arch/ia64/include/asm/futex.h | 5 +-
arch/microblaze/include/asm/futex.h | 5 +-
arch/mips/include/asm/futex.h | 5 +-
arch/nds32/include/asm/futex.h | 6 +--
arch/openrisc/include/asm/futex.h | 5 +-
arch/parisc/include/asm/futex.h | 2 -
arch/powerpc/include/asm/futex.h | 5 +-
arch/riscv/include/asm/futex.h | 5 +-
arch/s390/include/asm/futex.h | 2 -
arch/sh/include/asm/futex.h | 4 --
arch/sparc/include/asm/futex_64.h | 4 --
arch/x86/include/asm/futex.h | 38 ++++++++++-----
arch/x86/include/asm/uaccess.h | 93 -------------------------------------
arch/xtensa/include/asm/futex.h | 5 +-
include/asm-generic/futex.h | 2 -
kernel/futex.c | 5 +-
tools/objtool/check.c | 1 +
22 files changed, 58 insertions(+), 159 deletions(-)
Shortlog:
futex: arch_futex_atomic_op_inuser() calling conventions change
sh: no need of access_ok() in arch_futex_atomic_op_inuser()
[parisc, s390, sparc64] no need for access_ok() in futex handling
objtool: whitelist __sanitizer_cov_trace_switch()
x86: convert arch_futex_atomic_op_inuser() to user_access_begin/user_access_end()
generic arch_futex_atomic_op_inuser() doesn't need access_ok()
x86: get rid of user_atomic_cmpxchg_inatomic()
Powered by blists - more mailing lists