lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <75601e2c-6631-8a98-36a0-ef58f28e50a9@physik.fu-berlin.de>
Date:   Thu, 23 Jul 2020 01:19:46 +0200
From:   John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>
To:     Michael Karcher <kernel@...rcher.dialup.fu-berlin.de>,
        linux-sh@...r.kernel.org, linux-kernel@...r.kernel.org
Cc:     Yoshinori Sato <ysato@...rs.sourceforge.jp>,
        Rich Felker <dalias@...c.org>
Subject: Re: [PATCH 1/4] sh: Fix validation of system call number

On 7/23/20 1:13 AM, Michael Karcher wrote:
> The slow path for traced system call entries accessed a wrong memory
> location to get the number of the maximum allowed system call number.
> Renumber the numbered "local" label for the correct location to avoid
> collisions with actual local labels.
> 
> Signed-off-by: Michael Karcher <kernel@...rcher.dialup.fu-berlin.de>
> ---
>  arch/sh/kernel/entry-common.S | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/arch/sh/kernel/entry-common.S b/arch/sh/kernel/entry-common.S
> index 956a7a03b0c8..9bac5bbb67f3 100644
> --- a/arch/sh/kernel/entry-common.S
> +++ b/arch/sh/kernel/entry-common.S
> @@ -199,7 +199,7 @@ syscall_trace_entry:
>  	mov.l	@(OFF_R7,r15), r7   ! arg3
>  	mov.l	@(OFF_R3,r15), r3   ! syscall_nr
>  	!
> -	mov.l	2f, r10			! Number of syscalls
> +	mov.l	6f, r10			! Number of syscalls
>  	cmp/hs	r10, r3
>  	bf	syscall_call
>  	mov	#-ENOSYS, r0
> @@ -353,7 +353,7 @@ ENTRY(system_call)
>  	tst	r9, r8
>  	bf	syscall_trace_entry
>  	!
> -	mov.l	2f, r8			! Number of syscalls
> +	mov.l	6f, r8			! Number of syscalls
>  	cmp/hs	r8, r3
>  	bt	syscall_badsys
>  	!
> @@ -392,7 +392,7 @@ syscall_exit:
>  #if !defined(CONFIG_CPU_SH2)
>  1:	.long	TRA
>  #endif
> -2:	.long	NR_syscalls
> +6:	.long	NR_syscalls
>  3:	.long	sys_call_table
>  7:	.long	do_syscall_trace_enter
>  8:	.long	do_syscall_trace_leave
> 

Tested-by: John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@...ian.org
`. `'   Freie Universitaet Berlin - glaubitz@...sik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ