lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 15 Jul 2022 11:20:07 +0800
From:   Huacai Chen <chenhuacai@...nel.org>
To:     Qi Hu <huqi@...ngson.cn>
Cc:     WANG Xuerui <kernel@...0n.name>, Oleg Nesterov <oleg@...hat.com>,
        Xu Li <lixu@...ngson.cn>, loongarch@...ts.linux.dev,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] LoongArch: Fix missing fcsr in ptrace's fpr_set

On Thu, Jul 14, 2022 at 10:07 PM Qi Hu <huqi@...ngson.cn> wrote:
>
>
> On 2022/7/14 21:12, Huacai Chen wrote:
> > Hi,
> >
> > On Thu, Jul 14, 2022 at 2:26 PM Qi Hu <huqi@...ngson.cn> wrote:
> >> In file ptrace.c, function fpr_set does not copy fcsr data from ubuf
> >> to kbuf. That's the reason why fcsr cannot be modified by ptrace.
> >>
> >> This patch fixs this problem and allows users using ptrace to modify
> >> the fcsr.
> >>
> >> Signed-off-by: Qi Hu <huqi@...ngson.cn>
> >> Signed-off-by: Xu Li <lixu@...ngson.cn>
> >> ---
> >>   arch/loongarch/kernel/ptrace.c | 12 +++++++-----
> >>   1 file changed, 7 insertions(+), 5 deletions(-)
> >>
> >> diff --git a/arch/loongarch/kernel/ptrace.c b/arch/loongarch/kernel/ptrace.c
> >> index e6ab87948e1d..dc2b82ea894c 100644
> >> --- a/arch/loongarch/kernel/ptrace.c
> >> +++ b/arch/loongarch/kernel/ptrace.c
> >> @@ -193,7 +193,7 @@ static int fpr_set(struct task_struct *target,
> >>                     const void *kbuf, const void __user *ubuf)
> >>   {
> >>          const int fcc_start = NUM_FPU_REGS * sizeof(elf_fpreg_t);
> >> -       const int fcc_end = fcc_start + sizeof(u64);
> >> +       const int fcsr_start = fcc_start + sizeof(u64);
> >>          int err;
> >>
> >>          BUG_ON(count % sizeof(elf_fpreg_t));
> >> @@ -209,10 +209,12 @@ static int fpr_set(struct task_struct *target,
> >>          if (err)
> >>                  return err;
> >>
> >> -       if (count > 0)
> >> -               err |= user_regset_copyin(&pos, &count, &kbuf, &ubuf,
> >> -                                         &target->thread.fpu.fcc,
> >> -                                         fcc_start, fcc_end);
> >> +       err |= user_regset_copyin(&pos, &count, &kbuf, &ubuf,
> >> +                                 &target->thread.fpu.fcc, fcc_start,
> >> +                                 fcc_start + sizeof(u64));
> >> +       err |= user_regset_copyin(&pos, &count, &kbuf, &ubuf,
> >> +                                 &target->thread.fpu.fcsr, fcsr_start,
> >> +                                 fcsr_start + sizeof(u32));
> > You shouldn't remove (count > 0) here, because  the above
> > user_regset_copyin() will modify count inside, and so "count == 0" is
> > possible.
> >
> > Huacai
>
> Yes, the "count" should be considered. But the "count" is checked at the
> beginning of the "user_regset_copyin()".
>
> So "count > 0" is useless, i think.
Yes, you are right, thanks.

Huacai
>
> Also like riscv, "count" is not checked in "riscv_fpr_set()".
>
> >>          return err;
> >>   }
> >> --
> >> 2.37.0
> >>
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ