| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 1 Jun 2020 16:37:45 -0700
From: Peter Collingbourne <pcc@...gle.com>
To: Nick Desaulniers <ndesaulniers@...gle.com>
Cc: Robert Moore <robert.moore@...el.com>,
Erik Kaneda <erik.kaneda@...el.com>,
"Rafael J. Wysocki" <rafael.j.wysocki@...el.com>,
Len Brown <lenb@...nel.org>, Ard Biesheuvel <ardb@...nel.org>,
Dmitry Vyukov <dvyukov@...gle.com>,
Alexander Potapenko <glider@...gle.com>, guohanjun@...wei.com,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
lorenzo.pieralisi@....com, Mark Rutland <mark.rutland@....com>,
rjw@...ysocki.net, Will Deacon <will@...nel.org>,
stable@...r.kernel.org, linux-acpi@...r.kernel.org,
devel@...ica.org
Subject: Re: [PATCH] ACPICA: fix UBSAN warning using __builtin_offsetof
On Mon, Jun 1, 2020 at 4:18 PM Nick Desaulniers <ndesaulniers@...gle.com> wrote:
>
> Will reported UBSAN warnings:
> UBSAN: null-ptr-deref in drivers/acpi/acpica/tbfadt.c:459:37
> UBSAN: null-ptr-deref in arch/arm64/kernel/smp.c:596:6
>
> Looks like the emulated offsetof macro ACPI_OFFSET is causing these. We
> can avoid this by using the compiler builtin, __builtin_offsetof.
Would it be better to s/ACPI_OFFSET/offsetof/g the existing users of
this macro and remove it? It looks like offsetof is already being used
pervasively in the kernel, and its definition comes from
<linux/stddef.h>.
Peter
Peter
> The non-kernel runtime of UBSAN would print:
> runtime error: member access within null pointer of type
> for this macro.
>
> Link: https://lore.kernel.org/lkml/20200521100952.GA5360@willie-the-truck/
> Cc: stable@...r.kernel.org
> Reported-by: Will Deacon <will@...nel.org>
> Suggested-by: Ard Biesheuvel <ardb@...nel.org>
> Signed-off-by: Nick Desaulniers <ndesaulniers@...gle.com>
> ---
> include/acpi/actypes.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/include/acpi/actypes.h b/include/acpi/actypes.h
> index 4defed58ea33..04359c70b198 100644
> --- a/include/acpi/actypes.h
> +++ b/include/acpi/actypes.h
> @@ -508,7 +508,7 @@ typedef u64 acpi_integer;
>
> #define ACPI_TO_POINTER(i) ACPI_CAST_PTR (void, (acpi_size) (i))
> #define ACPI_TO_INTEGER(p) ACPI_PTR_DIFF (p, (void *) 0)
> -#define ACPI_OFFSET(d, f) ACPI_PTR_DIFF (&(((d *) 0)->f), (void *) 0)
> +#define ACPI_OFFSET(d, f) __builtin_offsetof(d, f)
> #define ACPI_PHYSADDR_TO_PTR(i) ACPI_TO_POINTER(i)
> #define ACPI_PTR_TO_PHYSADDR(i) ACPI_TO_INTEGER(i)
>
> --
> 2.27.0.rc2.251.g90737beb825-goog
>
Powered by blists - more mailing lists