lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <412b612bd05f4ccca9326554697b6b6b@AcuMS.aculab.com>
Date:   Mon, 14 Aug 2023 16:06:27 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Linus Torvalds' <torvalds@...ux-foundation.org>,
        Takashi Iwai <tiwai@...e.de>
CC:     Christoph Hellwig <hch@....de>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Andy Shevchenko <andriy.shevchenko@...ux.intel.com>,
        Mark Brown <broonie@...nel.org>,
        "netdev@...r.kernel.org" <netdev@...r.kernel.org>
Subject: RE: [PATCH RFC] Introduce uniptr_t as a generic "universal" pointer

From: Linus Torvalds 
> Sent: 09 August 2023 16:59
> 
> On Wed, 9 Aug 2023 at 07:44, Takashi Iwai <tiwai@...e.de> wrote:
> >
> > The remaining question is whether the use of sockptr_t for other
> > subsystems as a generic pointer is a recommended / acceptable move...
> 
> Very much not recommended. sockptr_t is horrible too, but it was (part
> of) what made it possible to fix an even worse horrible historical
> mistake (ie getting rid of set_fs()).
> 
> So I detest sockptr_t. It's garbage. At the very minimum it should
> have had the length associated with it, not passed separately.

FWIW I've thought you'd want something like:
struct ptr_arg {
	void          *kernel;
	void __user   *user;
	unsigned int  kernel_len;
	unsigned int  user_len;
};

Then [gs]etsockopt() could copy short user buffers into
kernel space (eg on stack) while allowing code that needs
very large buffers (eg some sctp options) to directly
access a userspace buffer.

There certainly used to be sockopt calls where the user
didn't pass the correct/any length.
They might all have been in decnet.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ