lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87iljvsmup.fsf@mpe.ellerman.id.au>
Date:   Fri, 04 Nov 2022 09:18:54 +1100
From:   Michael Ellerman <mpe@...erman.id.au>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
        schwab@...ux-m68k.org, palmer@...belt.com,
        linux-riscv@...ts.infradead.org, guoren@...nel.org, arnd@...db.de
Subject: Re: [GIT PULL] Please pull powerpc/linux.git powerpc-6.1-4 tag

Linus Torvalds <torvalds@...ux-foundation.org> writes:
> On Wed, Nov 2, 2022 at 7:09 PM Michael Ellerman <mpe@...erman.id.au> wrote:
>>
>>  - Fix an endian thinko in the asm-generic compat_arg_u64() which led to syscall arguments
>>    being swapped for some compat syscalls.
>
> Am I mis-reading this, or did this bug (introduced in this merge
> window by commit 43d5de2b67d7 "asm-generic: compat: Support BE for
> long long args in 32-bit ABIs") break *every* architecture?

No. Just RISC-V and powerpc.

> And people just didn't scream, because 32-bit code has just become so rare?

I had two systems and several VMs that booted happily with the bug
present, so there's some luck involved as to whether your userspace
trips over the bug in a way that matters.

But we did have people scream eventually :/

> Or is it just because those compat macros are effectively not used
> elsewhere, and x86 has its own versions? Looks like possibly mainly
> RISC-V?

Yeah. Although compat_arg_u64() is defined for all arches, it's only
used in places guarded by __ARCH_WANT_COMPAT_FOO macros, and those are
only selected by RISC-V and powerpc.

Full list is:

  __ARCH_WANT_COMPAT_FADVISE64_64       riscv
  __ARCH_WANT_COMPAT_FALLOCATE          riscv, powerpc
  __ARCH_WANT_COMPAT_FTRUNCATE64        riscv
  __ARCH_WANT_COMPAT_PREAD64            riscv
  __ARCH_WANT_COMPAT_PWRITE64           riscv
  __ARCH_WANT_COMPAT_READAHEAD          riscv
  __ARCH_WANT_COMPAT_SYNC_FILE_RANGE    riscv
  __ARCH_WANT_COMPAT_TRUNCATE64         riscv


> Side note: why is it doing
>
>         #ifndef compat_arg_u64
>
> at all? That macro is not actually defined anywhere else, so that
> #ifdef seems to be just confused.

That goes back to the original submission:

  59c10c52f573 ("riscv: compat: syscall: Add compat_sys_call_table implementation")

I guess it was following the example in asm-generic/compat.h where a
bunch of other things are guarded by ifndefs. But agree it's
unnecessarily flexible in this case until we have another definition.

cheers

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ