| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 27 Mar 2020 23:30:06 +0000
From: Al Viro <viro@...iv.linux.org.uk>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [RFC][PATCHSET] uaccess: getting csum_and_copy_..._user() into saner
shape
In that area uaccess primitives actually used by the rest of the kernel
are csum_and_copy_{to,from}_user(). Currently we have a strange mix;
* some architectures supply csum_and_copy_from_user(). That's
indicated by defining _HAVE_ARCH_COPY_AND_CSUM_FROM_USER
* the rest end up using the wrapper from net/checksum.h instead;
that (fairly thin) wrapper expects to find csum_partial_copy_from_user().
Some among those have csum_partial_copy_from_user() that tries to be smart,
some end up picking a dumb one from lib/checksum.c, some have a literal
copy of that dumb version...
* some architectures supply csum_and_copy_to_user(). Those define
HAVE_CSUM_COPY_USER.
* the rest pick the dumb (inlined) implementation from net/checksum.h
* to confuse the situation even more, there's a couple of architectures
that call their csum_and_copy_to_user() "csum_partial_copy_to_user" instead...
and have a macro defining csum_and_copy_to_user as csum_partial_copy_to_user.
The rules for access_ok() location are also messy - in principle,
csum_partial_copy_from_user() expects to have access_ok() done in the wrapper,
but e.g. i386 one does that on its own.
A saner approach would be to turn the csum_partial_copy_from_user()
instances into csum_and_copy_from_user() ones, getting rid of the wrapper
for those, then move the dumb one (also converted) into net/checksum.h.
The series below does that; it lives in
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs.git #next.uaccess-4
based at #next.uaccess-3. Individual patches in followups; please review.
Not sure which tree would that best go through, TBH...
Diffstat:
arch/alpha/include/asm/checksum.h | 3 ++-
arch/alpha/lib/csum_partial_copy.c | 6 +++---
arch/arm/include/asm/checksum.h | 14 ++++++++++++++
arch/c6x/lib/checksum.c | 22 ----------------------
arch/ia64/include/asm/checksum.h | 10 ----------
arch/ia64/lib/csum_partial_copy.c | 32 ++------------------------------
arch/m68k/include/asm/checksum.h | 3 ++-
arch/m68k/lib/checksum.c | 4 ++--
arch/nios2/include/asm/checksum.h | 2 --
arch/parisc/include/asm/checksum.h | 7 -------
arch/parisc/lib/checksum.c | 20 --------------------
arch/s390/include/asm/checksum.h | 19 -------------------
arch/sh/include/asm/checksum_32.h | 9 +++++++--
arch/sparc/include/asm/checksum.h | 1 +
arch/sparc/include/asm/checksum_32.h | 15 ++++++++++-----
arch/sparc/include/asm/checksum_64.h | 2 +-
arch/x86/include/asm/checksum.h | 2 ++
arch/x86/include/asm/checksum_32.h | 21 +++++++++++----------
arch/x86/include/asm/checksum_64.h | 12 ++----------
arch/x86/lib/csum-wrappers_64.c | 35 ++++++++++++++++++-----------------
arch/x86/um/asm/checksum.h | 20 --------------------
arch/xtensa/include/asm/checksum.h | 11 +++++++----
include/asm-generic/checksum.h | 9 ---------
include/net/checksum.h | 8 ++------
lib/checksum.c | 20 --------------------
25 files changed, 86 insertions(+), 221 deletions(-)
Shortlog:
get rid of csum_partial_copy_to_user()
x86_64: csum_..._copy_..._user(): switch to unsafe_..._user()
x86: switch both 32bit and 64bit to providing csum_and_copy_from_user()
x86: switch 32bit csum_and_copy_to_user() to user_access_{begin,end}()
ia64: csum_partial_copy_nocheck(): don't abuse csum_partial_copy_from_user()
ia64: turn csum_partial_copy_from_user() into csum_and_copy_from_user()
alpha: turn csum_partial_copy_from_user() into csum_and_copy_from_user()
parisc: turn csum_partial_copy_from_user() into csum_and_copy_from_user()
sparc: switch to providing csum_and_copy_from_user()
xtensa: switch to providing csum_and_copy_from_user()
m68k: convert to csum_and_copy_from_user()
sh32: convert to csum_and_copy_from_user()
arm: switch to csum_and_copy_from_user()
take the dummy csum_and_copy_from_user() into net/checksum.h
Powered by blists - more mailing lists