| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=whGbM1E0BbSVvxGRj5nBaNRXXD-oKcgrM40s4gvYV_C+w@mail.gmail.com>
Date: Fri, 23 Oct 2020 09:32:54 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: Rasmus Villemoes <linux@...musvillemoes.dk>
Cc: Sean Christopherson <sean.j.christopherson@...el.com>,
Daniel Díaz <daniel.diaz@...aro.org>,
Naresh Kamboju <naresh.kamboju@...aro.org>,
Stephen Rothwell <sfr@...b.auug.org.au>,
"Matthew Wilcox (Oracle)" <willy@...radead.org>,
zenglg.jy@...fujitsu.com,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
Viresh Kumar <viresh.kumar@...aro.org>,
X86 ML <x86@...nel.org>,
open list <linux-kernel@...r.kernel.org>,
lkft-triage@...ts.linaro.org,
"Eric W. Biederman" <ebiederm@...ssion.com>,
linux-mm <linux-mm@...ck.org>,
linux-m68k <linux-m68k@...ts.linux-m68k.org>,
Linux-Next Mailing List <linux-next@...r.kernel.org>,
Thomas Gleixner <tglx@...utronix.de>,
kasan-dev <kasan-dev@...glegroups.com>,
Dmitry Vyukov <dvyukov@...gle.com>,
Geert Uytterhoeven <geert@...ux-m68k.org>,
Christian Brauner <christian.brauner@...ntu.com>,
Ingo Molnar <mingo@...hat.com>, LTP List <ltp@...ts.linux.it>,
Al Viro <viro@...iv.linux.org.uk>
Subject: Re: [LTP] mmstress[1309]: segfault at 7f3d71a36ee8 ip
00007f3d77132bdf sp 00007f3d71a36ee8 error 4 in libc-2.27.so[7f3d77058000+1aa000]
On Fri, Oct 23, 2020 at 8:54 AM Linus Torvalds
<torvalds@...ux-foundation.org> wrote:
>
> On Fri, Oct 23, 2020 at 12:14 AM Rasmus Villemoes
> <linux@...musvillemoes.dk> wrote:
> >
> > That's certainly garbage. Now, I don't know if it's a sufficient fix (or
> > could break something else), but the obvious first step of rearranging
> > so that the ptr argument is evaluated before the assignment to __val_pu
>
> Ack. We could do that.
>
> I'm more inclined to just bite the bullet and go back to the ugly
> conditional on the size that I had hoped to avoid, but if that turns
> out too ugly, mind signing off on your patch and I'll have that as a
> fallback?
Actually, looking at that code, and the fact that we've used the
"register asm()" format forever for the get_user() side, I think your
approach is the right one.
I'd rename the internal ptr variable to "__ptr_pu", and make sure the
assignments happen just before the asm call (with the __val_pu
assignment being the final thing).
lso, it needs to be
void __user *__ptr_pu;
instead of
__typeof__(ptr) __ptr = (ptr);
because "ptr" may actually be an array, and we need to have the usual
C "array to pointer" conversions happen, rather than try to make
__ptr_pu be an array too.
So the patch would become something like the appended instead, but I'd
still like your sign-off (and I'd put you as author of the fix).
Narest, can you confirm that this patch fixes the issue for you?
Linus
Download attachment "patch" of type "application/octet-stream" (862 bytes)
Powered by blists - more mailing lists