lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 8 Oct 2021 13:20:10 -0400
From:   Rich Felker <dalias@...c.org>
To:     Arnd Bergmann <arnd@...db.de>
Cc:     musl@...ts.openwall.com, Michael Forney <mforney@...rney.org>,
        ALSA Development Mailing List <alsa-devel@...a-project.org>,
        Takashi Iwai <tiwai@...e.com>,
        Baolin Wang <baolin.wang@...aro.org>,
        y2038 Mailman List <y2038@...ts.linaro.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Mark Brown <broonie@...nel.org>,
        Baolin Wang <baolin.wang7@...il.com>
Subject: Re: [musl] Re: [alsa-devel] [PATCH v7 8/9] ALSA: add new 32-bit
 layout for snd_pcm_mmap_status/control

On Fri, Oct 08, 2021 at 02:37:12PM +0200, Arnd Bergmann wrote:
> On Fri, Oct 8, 2021 at 2:06 PM Rich Felker <dalias@...c.org> wrote:
> > On Fri, Oct 08, 2021 at 11:24:39AM +0200, Arnd Bergmann wrote:
> > >
> > > I've tried to understand this part of musl's convert_ioctl_struct(), but I just
> > > can't figure out whether it does the conversion based the on the layout that
> > > is currently used in the kernel, or based on the layout we should have been
> > > using, and would use with the above fix. Rich, can you help me here?
> >
> > If the attempted 64-bit ioctl is missing (ENOTTY), it does the
> > conversion to the legacy 32-bit one and retries with that, then
> > converts the results back to the 64-bit form.
> 
> I understand that it tries to do that.
> 
> The part that I'm not sure about is which of the two possible
> 64-bit forms it's using -- the broken one we have defined in the
> kernel headers, or the one we were trying to define but failed.

It's attempting to convert the intended format, not the one that the
uapi headers defined. That is, it's taking padded-to-64-bit values at
offsets 0 and 8 in __snd_pcm_mmap_control64, putting them at offsets 0
and 4 in the 32-bit struct, and padding them back to 64-bit in the
result.

Since applications would have been compiled with the buggy
(unintended) version of the uapi headers, this will not match the
application's layout of the struct. I haven't worked through what all
the consequences of that are, but I think some fix is needed here in
musl regardless of what happens on the kernel side.

Rich

Powered by blists - more mailing lists