lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Fri, 1 Jan 2021 01:14:41 +0100
From:   John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>
To:     Al Viro <viro@...iv.linux.org.uk>, Rich Felker <dalias@...c.org>
Cc:     linux-sh@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] [sh] fix trivial misannotations

On 1/1/21 12:23 AM, Al Viro wrote:
> 	Trivial misannotations in
> * get_user() (__gu_addr is a userland pointer there)
> * ip_fast_csum() (sum is __wsum, not unsigned int)
> * csum_and_copy_to_user() (destination is void *, not const void * - mea culpa)
> * __clear_user() (to is a userland pointer)
> * several places in kernel/traps_32.c (regs->pc is a userland pointer when regs is a
> userland pt_regs)
> * math-emu/math.c: READ() and WRITE() casts of address should be to userland pointer.
> 
> No changes in code generation and those take care of the majority of noise from sparse
> on sh builds.
> 
> Signed-off-by: Al Viro <viro@...iv.linux.org.uk>
> ---
> diff --git a/arch/sh/include/asm/checksum_32.h b/arch/sh/include/asm/checksum_32.h
> index 1a391e3a7659..a6501b856f3e 100644
> --- a/arch/sh/include/asm/checksum_32.h
> +++ b/arch/sh/include/asm/checksum_32.h
> @@ -84,7 +84,8 @@ static inline __sum16 csum_fold(__wsum sum)
>   */
>  static inline __sum16 ip_fast_csum(const void *iph, unsigned int ihl)
>  {
> -	unsigned int sum, __dummy0, __dummy1;
> +	__wsum sum;
> +	unsigned int __dummy0, __dummy1;
>  
>  	__asm__ __volatile__(
>  		"mov.l	@%1+, %0\n\t"
> @@ -197,6 +198,6 @@ static inline __wsum csum_and_copy_to_user(const void *src,
>  {
>  	if (!access_ok(dst, len))
>  		return 0;
> -	return csum_partial_copy_generic((__force const void *)src, dst, len);
> +	return csum_partial_copy_generic(src, (__force void *)dst, len);
>  }
>  #endif /* __ASM_SH_CHECKSUM_H */
> diff --git a/arch/sh/include/asm/uaccess.h b/arch/sh/include/asm/uaccess.h
> index 73f3b48d4a34..8867bb04b00e 100644
> --- a/arch/sh/include/asm/uaccess.h
> +++ b/arch/sh/include/asm/uaccess.h
> @@ -68,7 +68,7 @@ struct __large_struct { unsigned long buf[100]; };
>  ({									\
>  	long __gu_err = -EFAULT;					\
>  	unsigned long __gu_val = 0;					\
> -	const __typeof__(*(ptr)) *__gu_addr = (ptr);			\
> +	const __typeof__(*(ptr)) __user *__gu_addr = (ptr);			\
>  	if (likely(access_ok(__gu_addr, (size))))		\
>  		__get_user_size(__gu_val, __gu_addr, (size), __gu_err);	\
>  	(x) = (__force __typeof__(*(ptr)))__gu_val;			\
> @@ -124,7 +124,7 @@ raw_copy_to_user(void __user *to, const void *from, unsigned long n)
>   * Clear the area and return remaining number of bytes
>   * (on failure.  Usually it's 0.)
>   */
> -__kernel_size_t __clear_user(void *addr, __kernel_size_t size);
> +__kernel_size_t __clear_user(void __user *addr, __kernel_size_t size);
>  
>  #define clear_user(addr,n)						\
>  ({									\
> diff --git a/arch/sh/kernel/traps_32.c b/arch/sh/kernel/traps_32.c
> index b62ad0ba2395..b3c715bc254b 100644
> --- a/arch/sh/kernel/traps_32.c
> +++ b/arch/sh/kernel/traps_32.c
> @@ -490,7 +490,7 @@ asmlinkage void do_address_error(struct pt_regs *regs,
>  		inc_unaligned_user_access();
>  
>  		oldfs = force_uaccess_begin();
> -		if (copy_from_user(&instruction, (insn_size_t *)(regs->pc & ~1),
> +		if (copy_from_user(&instruction, (insn_size_t __user *)(regs->pc & ~1),
>  				   sizeof(instruction))) {
>  			force_uaccess_end(oldfs);
>  			goto uspace_segv;
> @@ -614,7 +614,7 @@ asmlinkage void do_reserved_inst(void)
>  	unsigned short inst = 0;
>  	int err;
>  
> -	get_user(inst, (unsigned short*)regs->pc);
> +	get_user(inst, (unsigned short __user *)regs->pc);
>  
>  	err = do_fpu_inst(inst, regs);
>  	if (!err) {
> @@ -699,9 +699,9 @@ asmlinkage void do_illegal_slot_inst(void)
>  		return;
>  
>  #ifdef CONFIG_SH_FPU_EMU
> -	get_user(inst, (unsigned short *)regs->pc + 1);
> +	get_user(inst, (unsigned short __user *)regs->pc + 1);
>  	if (!do_fpu_inst(inst, regs)) {
> -		get_user(inst, (unsigned short *)regs->pc);
> +		get_user(inst, (unsigned short __user *)regs->pc);
>  		if (!emulate_branch(inst, regs))
>  			return;
>  		/* fault in branch.*/
> diff --git a/arch/sh/math-emu/math.c b/arch/sh/math-emu/math.c
> index e8be0eca0444..3495a48b7713 100644
> --- a/arch/sh/math-emu/math.c
> +++ b/arch/sh/math-emu/math.c
> @@ -51,8 +51,8 @@
>  #define Rn	(regs->regs[n])
>  #define Rm	(regs->regs[m])
>  
> -#define WRITE(d,a)	({if(put_user(d, (typeof (d)*)a)) return -EFAULT;})
> -#define READ(d,a)	({if(get_user(d, (typeof (d)*)a)) return -EFAULT;})
> +#define WRITE(d,a)	({if(put_user(d, (typeof (d) __user *)a)) return -EFAULT;})
> +#define READ(d,a)	({if(get_user(d, (typeof (d) __user *)a)) return -EFAULT;})
>  
>  #define PACK_S(r,f)	FP_PACK_SP(&r,f)
>  #define UNPACK_S(f,r)	FP_UNPACK_SP(f,&r)
> diff --git a/arch/sh/mm/nommu.c b/arch/sh/mm/nommu.c
> index 8b4504413c5f..78c4b6e6d33b 100644
> --- a/arch/sh/mm/nommu.c
> +++ b/arch/sh/mm/nommu.c
> @@ -28,9 +28,9 @@ __kernel_size_t __copy_user(void *to, const void *from, __kernel_size_t n)
>  	return 0;
>  }
>  
> -__kernel_size_t __clear_user(void *to, __kernel_size_t n)
> +__kernel_size_t __clear_user(void __user *to, __kernel_size_t n)
>  {
> -	memset(to, 0, n);
> +	memset((__force void *)to, 0, n);
>  	return 0;
>  }
>  
> 

Verified on my SH-7785LCR board. Boots fine.

Tested-by: John Paul Adrian Glaubitz <glaubitz@...sik.fu-berlin.de>

-- 
 .''`.  John Paul Adrian Glaubitz
: :' :  Debian Developer - glaubitz@...ian.org
`. `'   Freie Universitaet Berlin - glaubitz@...sik.fu-berlin.de
  `-    GPG: 62FF 8A75 84E0 2956 9546  0006 7426 3B37 F5B5 F913

Powered by blists - more mailing lists