| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 27 Feb 2022 05:47:56 +0800
From: kernel test robot <lkp@...el.com>
To: Kees Cook <keescook@...omium.org>
Cc: kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org
Subject: [kees:for-next/hardening 8/8] mm/usercopy.c:61:29: error:
'current_stack_pointer' undeclared; did you mean
'current_user_stack_pointer'?
tree: https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
head: 3dd3738f624d9cf94b96e023880d1ec69c21327e
commit: 3dd3738f624d9cf94b96e023880d1ec69c21327e [8/8] m68k: Implement "current_stack_pointer"
config: m68k-sun3x_defconfig (https://download.01.org/0day-ci/archive/20220227/202202270550.5SPauZxm-lkp@intel.com/config)
compiler: m68k-linux-gcc (GCC) 11.2.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?id=3dd3738f624d9cf94b96e023880d1ec69c21327e
git remote add kees https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git
git fetch --no-tags kees for-next/hardening
git checkout 3dd3738f624d9cf94b96e023880d1ec69c21327e
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=m68k SHELL=/bin/bash
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>
All errors (new ones prefixed by >>):
mm/usercopy.c: In function 'check_stack_object':
>> mm/usercopy.c:61:29: error: 'current_stack_pointer' undeclared (first use in this function); did you mean 'current_user_stack_pointer'?
61 | if ((void *)current_stack_pointer < obj + len)
| ^~~~~~~~~~~~~~~~~~~~~
| current_user_stack_pointer
mm/usercopy.c:61:29: note: each undeclared identifier is reported only once for each function it appears in
mm/usercopy.c: In function '__check_object_size':
mm/usercopy.c:297:47: error: 'current_stack_pointer' undeclared (first use in this function); did you mean 'current_user_stack_pointer'?
297 | ptr - (void *)current_stack_pointer :
| ^~~~~~~~~~~~~~~~~~~~~
| current_user_stack_pointer
vim +61 mm/usercopy.c
f5509cc18daa7f Kees Cook 2016-06-07 24
f5509cc18daa7f Kees Cook 2016-06-07 25 /*
f5509cc18daa7f Kees Cook 2016-06-07 26 * Checks if a given pointer and length is contained by the current
f5509cc18daa7f Kees Cook 2016-06-07 27 * stack frame (if possible).
f5509cc18daa7f Kees Cook 2016-06-07 28 *
f5509cc18daa7f Kees Cook 2016-06-07 29 * Returns:
f5509cc18daa7f Kees Cook 2016-06-07 30 * NOT_STACK: not at all on the stack
f5509cc18daa7f Kees Cook 2016-06-07 31 * GOOD_FRAME: fully within a valid stack frame
2792d84e6da5e0 Kees Cook 2022-02-16 32 * GOOD_STACK: within the current stack (when can't frame-check exactly)
f5509cc18daa7f Kees Cook 2016-06-07 33 * BAD_STACK: error condition (invalid stack position or bad stack frame)
f5509cc18daa7f Kees Cook 2016-06-07 34 */
f5509cc18daa7f Kees Cook 2016-06-07 35 static noinline int check_stack_object(const void *obj, unsigned long len)
f5509cc18daa7f Kees Cook 2016-06-07 36 {
f5509cc18daa7f Kees Cook 2016-06-07 37 const void * const stack = task_stack_page(current);
f5509cc18daa7f Kees Cook 2016-06-07 38 const void * const stackend = stack + THREAD_SIZE;
f5509cc18daa7f Kees Cook 2016-06-07 39 int ret;
f5509cc18daa7f Kees Cook 2016-06-07 40
f5509cc18daa7f Kees Cook 2016-06-07 41 /* Object is not on the stack at all. */
f5509cc18daa7f Kees Cook 2016-06-07 42 if (obj + len <= stack || stackend <= obj)
f5509cc18daa7f Kees Cook 2016-06-07 43 return NOT_STACK;
f5509cc18daa7f Kees Cook 2016-06-07 44
f5509cc18daa7f Kees Cook 2016-06-07 45 /*
f5509cc18daa7f Kees Cook 2016-06-07 46 * Reject: object partially overlaps the stack (passing the
5ce1be0e40fe64 Randy Dunlap 2020-08-11 47 * check above means at least one end is within the stack,
f5509cc18daa7f Kees Cook 2016-06-07 48 * so if this check fails, the other end is outside the stack).
f5509cc18daa7f Kees Cook 2016-06-07 49 */
f5509cc18daa7f Kees Cook 2016-06-07 50 if (obj < stack || stackend < obj + len)
f5509cc18daa7f Kees Cook 2016-06-07 51 return BAD_STACK;
f5509cc18daa7f Kees Cook 2016-06-07 52
f5509cc18daa7f Kees Cook 2016-06-07 53 /* Check if object is safely within a valid frame. */
f5509cc18daa7f Kees Cook 2016-06-07 54 ret = arch_within_stack_frames(stack, stackend, obj, len);
f5509cc18daa7f Kees Cook 2016-06-07 55 if (ret)
f5509cc18daa7f Kees Cook 2016-06-07 56 return ret;
f5509cc18daa7f Kees Cook 2016-06-07 57
2792d84e6da5e0 Kees Cook 2022-02-16 58 /* Finally, check stack depth if possible. */
2792d84e6da5e0 Kees Cook 2022-02-16 59 #ifdef CONFIG_ARCH_HAS_CURRENT_STACK_POINTER
2792d84e6da5e0 Kees Cook 2022-02-16 60 if (IS_ENABLED(CONFIG_STACK_GROWSUP)) {
2792d84e6da5e0 Kees Cook 2022-02-16 @61 if ((void *)current_stack_pointer < obj + len)
2792d84e6da5e0 Kees Cook 2022-02-16 62 return BAD_STACK;
2792d84e6da5e0 Kees Cook 2022-02-16 63 } else {
2792d84e6da5e0 Kees Cook 2022-02-16 64 if (obj < (void *)current_stack_pointer)
2792d84e6da5e0 Kees Cook 2022-02-16 65 return BAD_STACK;
2792d84e6da5e0 Kees Cook 2022-02-16 66 }
2792d84e6da5e0 Kees Cook 2022-02-16 67 #endif
2792d84e6da5e0 Kees Cook 2022-02-16 68
f5509cc18daa7f Kees Cook 2016-06-07 69 return GOOD_STACK;
f5509cc18daa7f Kees Cook 2016-06-07 70 }
f5509cc18daa7f Kees Cook 2016-06-07 71
:::::: The code at line 61 was first introduced by commit
:::::: 2792d84e6da5e0fd7d3b22fd70bc69b7ee263609 usercopy: Check valid lifetime via stack depth
:::::: TO: Kees Cook <keescook@...omium.org>
:::::: CC: Kees Cook <keescook@...omium.org>
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
Powered by blists - more mailing lists