| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=whDtnudkbZ8-hR8HiDE7zog0dv+Gu9Sx5i6SPakrDtajQ@mail.gmail.com>
Date: Thu, 3 Sep 2020 16:25:54 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: David Laight <David.Laight@...lab.com>
Cc: Christoph Hellwig <hch@....de>, Al Viro <viro@...iv.linux.org.uk>,
Michael Ellerman <mpe@...erman.id.au>,
"x86@...nel.org" <x86@...nel.org>,
Alexey Dobriyan <adobriyan@...il.com>,
Luis Chamberlain <mcgrof@...nel.org>,
Kees Cook <keescook@...omium.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>,
"linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>
Subject: Re: [PATCH 12/14] x86: remove address space overrides using set_fs()
On Thu, Sep 3, 2020 at 2:30 PM David Laight <David.Laight@...lab.com> wrote:
>
> A non-canonical (is that the right term) address between the highest
> valid user address and the lowest valid kernel address (7ffe to fffe?)
> will fault anyway.
Yes.
But we actually warn against that fault, because it's been a good way
to catch places that didn't use the proper "access_ok()" pattern.
See ex_handler_uaccess() and the
WARN_ONCE(trapnr == X86_TRAP_GP, "General protection fault in
user access. Non-canonical address?");
warning. It's been good for randomized testing - a missing range check
on a user address will often hit this.
Of course, you should never see it in real life (and hopefully not in
testing either any more). But belt-and-suspenders..
Linus
Powered by blists - more mailing lists