lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 08 Feb 2022 17:13:22 -0800 (PST)
From:   Palmer Dabbelt <palmer@...belt.com>
To:     jszhang@...nel.org
CC:     Paul Walmsley <paul.walmsley@...ive.com>, aou@...s.berkeley.edu,
        linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
        mchitale@...tanamicro.com
Subject:     Re: [PATCH] riscv: extable: fix err reg writing in dedicated uaccess handler

On Sun, 23 Jan 2022 01:04:17 PST (-0800), jszhang@...nel.org wrote:
> Mayuresh reported commit 20802d8d477d ("riscv: extable: add a dedicated
> uaccess handler") breaks the writev02 test case in LTP. This is due to
> the err reg isn't correctly set with the errno(-EFAULT in writev02
> case). First of all, the err and zero regs are reg numbers rather than
> reg offsets in struct pt_regs; Secondly, regs_set_gpr() should write
> the regs when offset isn't zero(zero means epc)
>
> Fix it by correcting regs_set_gpr() logic and passing the correct reg
> offset to it.
>
> Reported-by: Mayuresh Chitale <mchitale@...tanamicro.com>
> Fixes: 20802d8d477d ("riscv: extable: add a dedicated uaccess handler")
> Signed-off-by: Jisheng Zhang <jszhang@...nel.org>
> ---
>  arch/riscv/mm/extable.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/arch/riscv/mm/extable.c b/arch/riscv/mm/extable.c
> index 05978f78579f..35484d830fd6 100644
> --- a/arch/riscv/mm/extable.c
> +++ b/arch/riscv/mm/extable.c
> @@ -33,7 +33,7 @@ static inline void regs_set_gpr(struct pt_regs *regs, unsigned int offset,
>  	if (unlikely(offset > MAX_REG_OFFSET))
>  		return;
>
> -	if (!offset)
> +	if (offset)
>  		*(unsigned long *)((unsigned long)regs + offset) = val;
>  }
>
> @@ -43,8 +43,8 @@ static bool ex_handler_uaccess_err_zero(const struct exception_table_entry *ex,
>  	int reg_err = FIELD_GET(EX_DATA_REG_ERR, ex->data);
>  	int reg_zero = FIELD_GET(EX_DATA_REG_ZERO, ex->data);
>
> -	regs_set_gpr(regs, reg_err, -EFAULT);
> -	regs_set_gpr(regs, reg_zero, 0);
> +	regs_set_gpr(regs, reg_err * sizeof(unsigned long), -EFAULT);
> +	regs_set_gpr(regs, reg_zero * sizeof(unsigned long), 0);
>
>  	regs->epc = get_ex_fixup(ex);
>  	return true;

Thanks, this is on fixes.  I'm not sure if it's saner to have these be 
register numbers rather than offsets, but regs_get_register is this way 
so it's probably better to have them match.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ