| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 02 Jun 2023 11:41:13 +0200
From: Björn Töpel <bjorn@...nel.org>
To: Ruan Jinjie <ruanjinjie@...wei.com>, paul.walmsley@...ive.com,
palmer@...belt.com, aou@...s.berkeley.edu,
linux-riscv@...ts.infradead.org, linux-kernel@...r.kernel.org,
palmer@...osinc.com
Subject: Re: [PATCH v3] riscv: fix kprobe __user string arg print fault issue
Ruan Jinjie <ruanjinjie@...wei.com> writes:
> Ping.
Maybe it's not clear *why* we need
ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE on RISC-V?
ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE is used in the kernel to
determine what "memory access" function to use, e.g.
| #ifdef CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE
| if ((unsigned long)str_val < TASK_SIZE)
| ret = strncpy_from_user_nofault(str_field, str_val, STR_VAR_LEN_MAX);
| else
| #endif
| ret = strncpy_from_kernel_nofault(str_field, str_val, STR_VAR_LEN_MAX);
RISC-V makes use of the SUM bit [1], which requires the kernel flips a
bit explicitly to touch user memory, so it's important to use the
correct access function.
What this means, is that if
CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE is *not* defined for RV
kernels, the copy_from_kernel will fault (as Jinjie points out in the
commit message).
The fixes tag should be when Daniel Borkmann introduced the config -- or
that makes sense from a backport perspective.
Maybe Palmer can add a lore link to this post, and the following
fixes-tag
Fixes: 0ebeea8ca8a4 ("bpf: Restrict bpf_probe_read{, str}() only to archs where they work")
when applying?
Björn
[1] https://github.com/riscv/riscv-isa-manual/blob/main/src/supervisor.adoc?plain=1#L118
Powered by blists - more mailing lists