| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20221020032024.1804535-2-yury.norov@gmail.com>
Date: Wed, 19 Oct 2022 20:20:23 -0700
From: Yury Norov <yury.norov@...il.com>
To: "Russell King (Oracle)" <linux@...linux.org.uk>,
Catalin Marinas <catalin.marinas@....com>,
Mark Rutland <mark.rutland@....com>,
Will Deacon <will@...nel.org>,
linux-arm-kernel@...ts.infradead.org
Cc: Yury Norov <yury.norov@...il.com>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Alexey Klimov <klimov.linux@...il.com>,
Andy Shevchenko <andy.shevchenko@...il.com>,
Andy Whitcroft <apw@...onical.com>,
Dennis Zhou <dennis@...nel.org>,
Geert Uytterhoeven <geert@...ux-m68k.org>,
Guenter Roeck <linux@...ck-us.net>,
Kees Cook <keescook@...omium.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Rasmus Villemoes <linux@...musvillemoes.dk>
Subject: [PATCH 1/2] bitmap: add sanity check function for find_bit()
find_bit() requires a pointer aligned to it's size. However some
subsystems (fs, for example) cast char* variables to unsigned long*
before passing them to find_bit(). Many architectures allow unaligned
pointers with the cost of performance degradation.
This patch adds runtime check for the pointers to be aligned.
Signed-off-by: Yury Norov <yury.norov@...il.com>
---
include/linux/find.h | 35 +++++++++++++++++++++++++++++++++++
lib/Kconfig.debug | 7 +++++++
2 files changed, 42 insertions(+)
diff --git a/include/linux/find.h b/include/linux/find.h
index ccaf61a0f5fd..2d8f5419d787 100644
--- a/include/linux/find.h
+++ b/include/linux/find.h
@@ -7,6 +7,7 @@
#endif
#include <linux/bitops.h>
+#include <linux/bug.h>
unsigned long _find_next_bit(const unsigned long *addr1, unsigned long nbits,
unsigned long start);
@@ -35,6 +36,14 @@ unsigned long _find_next_bit_le(const unsigned long *addr, unsigned
long size, unsigned long offset);
#endif
+static __always_inline
+void check_find_bit(const unsigned long *addr)
+{
+#ifdef CONFIG_DEBUG_BITMAP
+ WARN_ON_ONCE(!IS_ALIGNED((unsigned long)addr, sizeof(unsigned long)));
+#endif
+}
+
#ifndef find_next_bit
/**
* find_next_bit - find the next set bit in a memory region
@@ -49,6 +58,8 @@ static inline
unsigned long find_next_bit(const unsigned long *addr, unsigned long size,
unsigned long offset)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val;
@@ -79,6 +90,9 @@ unsigned long find_next_and_bit(const unsigned long *addr1,
const unsigned long *addr2, unsigned long size,
unsigned long offset)
{
+ check_find_bit(addr1);
+ check_find_bit(addr2);
+
if (small_const_nbits(size)) {
unsigned long val;
@@ -138,6 +152,8 @@ static inline
unsigned long find_next_zero_bit(const unsigned long *addr, unsigned long size,
unsigned long offset)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val;
@@ -164,6 +180,8 @@ unsigned long find_next_zero_bit(const unsigned long *addr, unsigned long size,
static inline
unsigned long find_first_bit(const unsigned long *addr, unsigned long size)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val = *addr & GENMASK(size - 1, 0);
@@ -270,6 +288,9 @@ unsigned long find_first_and_bit(const unsigned long *addr1,
const unsigned long *addr2,
unsigned long size)
{
+ check_find_bit(addr1);
+ check_find_bit(addr2);
+
if (small_const_nbits(size)) {
unsigned long val = *addr1 & *addr2 & GENMASK(size - 1, 0);
@@ -292,6 +313,8 @@ unsigned long find_first_and_bit(const unsigned long *addr1,
static inline
unsigned long find_first_zero_bit(const unsigned long *addr, unsigned long size)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val = *addr | ~GENMASK(size - 1, 0);
@@ -313,6 +336,8 @@ unsigned long find_first_zero_bit(const unsigned long *addr, unsigned long size)
static inline
unsigned long find_last_bit(const unsigned long *addr, unsigned long size)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val = *addr & GENMASK(size - 1, 0);
@@ -417,18 +442,24 @@ extern unsigned long find_next_clump8(unsigned long *clump,
static inline unsigned long find_next_zero_bit_le(const void *addr,
unsigned long size, unsigned long offset)
{
+ check_find_bit(addr);
+
return find_next_zero_bit(addr, size, offset);
}
static inline unsigned long find_next_bit_le(const void *addr,
unsigned long size, unsigned long offset)
{
+ check_find_bit(addr);
+
return find_next_bit(addr, size, offset);
}
static inline unsigned long find_first_zero_bit_le(const void *addr,
unsigned long size)
{
+ check_find_bit(addr);
+
return find_first_zero_bit(addr, size);
}
@@ -439,6 +470,8 @@ static inline
unsigned long find_next_zero_bit_le(const void *addr, unsigned
long size, unsigned long offset)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val = *(const unsigned long *)addr;
@@ -472,6 +505,8 @@ static inline
unsigned long find_next_bit_le(const void *addr, unsigned
long size, unsigned long offset)
{
+ check_find_bit(addr);
+
if (small_const_nbits(size)) {
unsigned long val = *(const unsigned long *)addr;
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 3fc7abffc7aa..1c7dcd33fc2a 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -543,6 +543,13 @@ endmenu # "Compiler options"
menu "Generic Kernel Debugging Instruments"
+config DEBUG_BITMAP
+ bool "Debug bitmaps"
+ help
+ Say Y here if you want to check bitmap functions parameters at
+ the runtime. Enable CONFIG_DEBUG_BITMAP only for debugging because
+ it may affect performance.
+
config MAGIC_SYSRQ
bool "Magic SysRq key"
depends on !UML
--
2.34.1
Powered by blists - more mailing lists