lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Sat, 26 Feb 2022 20:32:43 -0800
From:   Kees Cook <keescook@...omium.org>
To:     kernel test robot <lkp@...el.com>
Cc:     kbuild-all@...ts.01.org, linux-kernel@...r.kernel.org
Subject: Re: [kees:for-next/hardening 8/8] mm/usercopy.c:61:29: error:
 'current_stack_pointer' undeclared; did you mean
 'current_user_stack_pointer'?

On Sun, Feb 27, 2022 at 05:47:56AM +0800, kernel test robot wrote:
> tree:   https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git for-next/hardening
> head:   3dd3738f624d9cf94b96e023880d1ec69c21327e
> commit: 3dd3738f624d9cf94b96e023880d1ec69c21327e [8/8] m68k: Implement "current_stack_pointer"
> config: m68k-sun3x_defconfig (https://download.01.org/0day-ci/archive/20220227/202202270550.5SPauZxm-lkp@intel.com/config)
> compiler: m68k-linux-gcc (GCC) 11.2.0
> reproduce (this is a W=1 build):
>         wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
>         chmod +x ~/bin/make.cross
>         # https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?id=3dd3738f624d9cf94b96e023880d1ec69c21327e
>         git remote add kees https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git
>         git fetch --no-tags kees for-next/hardening
>         git checkout 3dd3738f624d9cf94b96e023880d1ec69c21327e
>         # save the config file to linux build tree
>         mkdir build_dir
>         COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=m68k SHELL=/bin/bash
> 
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@...el.com>

Ah! Good catch. The new macro needed to be outside the #ifdef; I missed.
Fixed now.

-Kees

> 
> All errors (new ones prefixed by >>):
> 
>    mm/usercopy.c: In function 'check_stack_object':
> >> mm/usercopy.c:61:29: error: 'current_stack_pointer' undeclared (first use in this function); did you mean 'current_user_stack_pointer'?
>       61 |                 if ((void *)current_stack_pointer < obj + len)
>          |                             ^~~~~~~~~~~~~~~~~~~~~
>          |                             current_user_stack_pointer
>    mm/usercopy.c:61:29: note: each undeclared identifier is reported only once for each function it appears in
>    mm/usercopy.c: In function '__check_object_size':
>    mm/usercopy.c:297:47: error: 'current_stack_pointer' undeclared (first use in this function); did you mean 'current_user_stack_pointer'?
>      297 |                                 ptr - (void *)current_stack_pointer :
>          |                                               ^~~~~~~~~~~~~~~~~~~~~
>          |                                               current_user_stack_pointer
> 
> 
> vim +61 mm/usercopy.c
> 
> f5509cc18daa7f Kees Cook    2016-06-07  24  
> f5509cc18daa7f Kees Cook    2016-06-07  25  /*
> f5509cc18daa7f Kees Cook    2016-06-07  26   * Checks if a given pointer and length is contained by the current
> f5509cc18daa7f Kees Cook    2016-06-07  27   * stack frame (if possible).
> f5509cc18daa7f Kees Cook    2016-06-07  28   *
> f5509cc18daa7f Kees Cook    2016-06-07  29   * Returns:
> f5509cc18daa7f Kees Cook    2016-06-07  30   *	NOT_STACK: not at all on the stack
> f5509cc18daa7f Kees Cook    2016-06-07  31   *	GOOD_FRAME: fully within a valid stack frame
> 2792d84e6da5e0 Kees Cook    2022-02-16  32   *	GOOD_STACK: within the current stack (when can't frame-check exactly)
> f5509cc18daa7f Kees Cook    2016-06-07  33   *	BAD_STACK: error condition (invalid stack position or bad stack frame)
> f5509cc18daa7f Kees Cook    2016-06-07  34   */
> f5509cc18daa7f Kees Cook    2016-06-07  35  static noinline int check_stack_object(const void *obj, unsigned long len)
> f5509cc18daa7f Kees Cook    2016-06-07  36  {
> f5509cc18daa7f Kees Cook    2016-06-07  37  	const void * const stack = task_stack_page(current);
> f5509cc18daa7f Kees Cook    2016-06-07  38  	const void * const stackend = stack + THREAD_SIZE;
> f5509cc18daa7f Kees Cook    2016-06-07  39  	int ret;
> f5509cc18daa7f Kees Cook    2016-06-07  40  
> f5509cc18daa7f Kees Cook    2016-06-07  41  	/* Object is not on the stack at all. */
> f5509cc18daa7f Kees Cook    2016-06-07  42  	if (obj + len <= stack || stackend <= obj)
> f5509cc18daa7f Kees Cook    2016-06-07  43  		return NOT_STACK;
> f5509cc18daa7f Kees Cook    2016-06-07  44  
> f5509cc18daa7f Kees Cook    2016-06-07  45  	/*
> f5509cc18daa7f Kees Cook    2016-06-07  46  	 * Reject: object partially overlaps the stack (passing the
> 5ce1be0e40fe64 Randy Dunlap 2020-08-11  47  	 * check above means at least one end is within the stack,
> f5509cc18daa7f Kees Cook    2016-06-07  48  	 * so if this check fails, the other end is outside the stack).
> f5509cc18daa7f Kees Cook    2016-06-07  49  	 */
> f5509cc18daa7f Kees Cook    2016-06-07  50  	if (obj < stack || stackend < obj + len)
> f5509cc18daa7f Kees Cook    2016-06-07  51  		return BAD_STACK;
> f5509cc18daa7f Kees Cook    2016-06-07  52  
> f5509cc18daa7f Kees Cook    2016-06-07  53  	/* Check if object is safely within a valid frame. */
> f5509cc18daa7f Kees Cook    2016-06-07  54  	ret = arch_within_stack_frames(stack, stackend, obj, len);
> f5509cc18daa7f Kees Cook    2016-06-07  55  	if (ret)
> f5509cc18daa7f Kees Cook    2016-06-07  56  		return ret;
> f5509cc18daa7f Kees Cook    2016-06-07  57  
> 2792d84e6da5e0 Kees Cook    2022-02-16  58  	/* Finally, check stack depth if possible. */
> 2792d84e6da5e0 Kees Cook    2022-02-16  59  #ifdef CONFIG_ARCH_HAS_CURRENT_STACK_POINTER
> 2792d84e6da5e0 Kees Cook    2022-02-16  60  	if (IS_ENABLED(CONFIG_STACK_GROWSUP)) {
> 2792d84e6da5e0 Kees Cook    2022-02-16 @61  		if ((void *)current_stack_pointer < obj + len)
> 2792d84e6da5e0 Kees Cook    2022-02-16  62  			return BAD_STACK;
> 2792d84e6da5e0 Kees Cook    2022-02-16  63  	} else {
> 2792d84e6da5e0 Kees Cook    2022-02-16  64  		if (obj < (void *)current_stack_pointer)
> 2792d84e6da5e0 Kees Cook    2022-02-16  65  			return BAD_STACK;
> 2792d84e6da5e0 Kees Cook    2022-02-16  66  	}
> 2792d84e6da5e0 Kees Cook    2022-02-16  67  #endif
> 2792d84e6da5e0 Kees Cook    2022-02-16  68  
> f5509cc18daa7f Kees Cook    2016-06-07  69  	return GOOD_STACK;
> f5509cc18daa7f Kees Cook    2016-06-07  70  }
> f5509cc18daa7f Kees Cook    2016-06-07  71  
> 
> :::::: The code at line 61 was first introduced by commit
> :::::: 2792d84e6da5e0fd7d3b22fd70bc69b7ee263609 usercopy: Check valid lifetime via stack depth
> 
> :::::: TO: Kees Cook <keescook@...omium.org>
> :::::: CC: Kees Cook <keescook@...omium.org>
> 
> ---
> 0-DAY CI Kernel Test Service, Intel Corporation
> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ