lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 05 Oct 2021 14:30:57 +0200
From:   Thomas Gleixner <tglx@...utronix.de>
To:     "Chang S. Bae" <chang.seok.bae@...el.com>, bp@...e.de,
        luto@...nel.org, mingo@...nel.org, x86@...nel.org
Cc:     len.brown@...el.com, lenb@...nel.org, dave.hansen@...el.com,
        thiago.macieira@...el.com, jing2.liu@...el.com,
        ravi.v.shankar@...el.com, linux-kernel@...r.kernel.org,
        chang.seok.bae@...el.com
Subject: Re: [PATCH v11 16/29] x86/fpu/xstate: Support both legacy and
 expanded signal XSTATE size

On Fri, Oct 01 2021 at 15:37, Chang S. Bae wrote:
>  static int
>  do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp,
>  		size_t min_ss_size)
> @@ -4187,6 +4192,9 @@ do_sigaltstack (const stack_t *ss, stack_t *oss, unsigned long sp,
>  				return -ENOMEM;
>  		}
>  
> +		if (!arch_enough_sigaltstack(t, ss_size))
> +			return -EINVAL;
> +

How is this even remotely correct?

sigaltstack(2):

  To disable an existing stack, specify ss.ss_flags as SS_DISABLE.  In
  this case, the kernel ignores any other flags in ss.ss_flags and the
  remaining fields in ss.

So for SS_DISABLE ss_size can be legitimately 0 or any other random
number smaller than the required stack.

The min_ss_minsize check is conditional for this very reason.

Thanks,

        tglx


Powered by blists - more mailing lists