| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 May 2021 14:29:07 +0200
From: Krzysztof Hałasa <khalasa@...p.pl>
To: "Russell King (Oracle)" <linux@...linux.org.uk>
Cc: linux-arm-kernel <linux-arm-kernel@...ts.infradead.org>,
lkml <linux-kernel@...r.kernel.org>
Subject: Re: Data corruption on i.MX6 IPU in arm_copy_from_user()
"Russell King (Oracle)" <linux@...linux.org.uk> writes:
> Surely someone is not using copy_*_user() to copy data from userspace
> direct to MMIO space... that would be crazy.
No, it's the other way around: reading MMIO mapped to userspace (mmap
on /dev/mem) and copying it to simple kernel buffer (e.g. pipe buffer).
I.e., the MMIO is the userspace here (thus copy_from_user()).
--
Krzysztof Hałasa
Sieć Badawcza Łukasiewicz
Przemysłowy Instytut Automatyki i Pomiarów PIAP
Al. Jerozolimskie 202, 02-486 Warszawa
Powered by blists - more mailing lists