lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20230706-truthahn-knecht-c0902bf61ae5@brauner>
Date:   Thu, 6 Jul 2023 10:30:10 +0200
From:   Christian Brauner <brauner@...nel.org>
To:     Luca Vizzarro <Luca.Vizzarro@....com>
Cc:     linux-kernel@...r.kernel.org,
        Alexander Viro <viro@...iv.linux.org.uk>,
        Jeff Layton <jlayton@...nel.org>,
        Chuck Lever <chuck.lever@...cle.com>,
        Kevin Brodsky <Kevin.Brodsky@....com>,
        Vincenzo Frascino <Vincenzo.Frascino@....com>,
        Szabolcs Nagy <Szabolcs.Nagy@....com>,
        Theodore Ts'o <tytso@....edu>,
        David Laight <David.Laight@...LAB.com>,
        Mark Rutland <Mark.Rutland@....com>,
        linux-fsdevel@...r.kernel.org, linux-morello@...lists.linaro.org
Subject: Re: [PATCH v2 0/5] Alter fcntl to handle int arguments correctly

On Fri, Apr 14, 2023 at 04:24:54PM +0100, Luca Vizzarro wrote:
> According to the documentation of fcntl, some commands take an int as
> argument. In practice not all of them enforce this behaviour, as they
> instead accept a more permissive long and in most cases not even a
> range check is performed.
> 
> An issue could possibly arise from a combination of the handling of the
> varargs in user space and the ABI rules of the target, which may result
> in the top bits of an int argument being non-zero.
> 
> This issue was originally raised and detailed in the following thread:
>   https://lore.kernel.org/linux-api/Y1%2FDS6uoWP7OSkmd@arm.com/
> And was discovered during the porting of Linux to Morello [1].
> 
> This series modifies the interested commands so that they explicitly
> take an int argument. It also propagates this change down to helper and
> related functions as necessary.
> 
> This series is also available on my fork at:
>   https://git.morello-project.org/Sevenarth/linux/-/commits/fcntl-int-handling-v2
> 
> Best regards,
> Luca Vizzarro
> 
> [1] https://git.morello-project.org/morello/kernel/linux
> 
> Luca Vizzarro (5):
>   fcntl: Cast commands with int args explicitly
>   fs: Pass argument to fcntl_setlease as int
>   pipe: Pass argument of pipe_fcntl as int
>   memfd: Pass argument of memfd_fcntl as int
>   dnotify: Pass argument of fcntl_dirnotify as int

Applied, minus the already upstreamed memfd patch.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ