| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YKNhXQ883lRbqQGA@infradead.org>
Date: Tue, 18 May 2021 07:40:29 +0100
From: Christoph Hellwig <hch@...radead.org>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Arnd Bergmann <arnd@...nel.org>, linux-arch@...r.kernel.org,
Arnd Bergmann <arnd@...db.de>,
Christoph Hellwig <hch@...radead.org>,
Alexander Viro <viro@...iv.linux.org.uk>,
Andrew Morton <akpm@...ux-foundation.org>,
Borislav Petkov <bp@...en8.de>,
Brian Gerst <brgerst@...il.com>,
Ingo Molnar <mingo@...nel.org>,
"H. Peter Anvin" <hpa@...or.com>,
Thomas Gleixner <tglx@...utronix.de>,
Linux ARM <linux-arm-kernel@...ts.infradead.org>,
linux-kernel@...r.kernel.org, Linux-MM <linux-mm@...ck.org>,
kexec@...ts.infradead.org
Subject: Re: [PATCH v3 1/4] kexec: simplify compat_sys_kexec_load
On Mon, May 17, 2021 at 10:57:24PM -0500, Eric W. Biederman wrote:
> We open ourselves up to bugs whenever we lie to the type system.
>
> Skimming through the code it looks like it should be possible
> to not need the in_compat_syscall and the casts to the wrong
> type by changing the order of the code a little bit.
What kind of bug do you expect? We must only copy from user addresses
once anyway. I've never seen bugs due the use of in_compat_syscall,
but plenty due to cruft code trying to avoid it.
Powered by blists - more mailing lists