| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <7c3bfb87-40e8-45ef-86a7-53f02053d9b3@csgroup.eu>
Date: Wed, 25 Sep 2024 09:09:00 +0200
From: Christophe Leroy <christophe.leroy@...roup.eu>
To: Vincenzo Frascino <vincenzo.frascino@....com>,
linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org, linux-mm@...ck.org
Cc: Andy Lutomirski <luto@...nel.org>, Thomas Gleixner <tglx@...utronix.de>,
"Jason A . Donenfeld" <Jason@...c4.com>,
Michael Ellerman <mpe@...erman.id.au>, Nicholas Piggin <npiggin@...il.com>,
Naveen N Rao <naveen@...nel.org>, Ingo Molnar <mingo@...hat.com>,
Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>,
"H . Peter Anvin" <hpa@...or.com>, Theodore Ts'o <tytso@....edu>,
Arnd Bergmann <arnd@...db.de>, Andrew Morton <akpm@...ux-foundation.org>,
Steven Rostedt <rostedt@...dmis.org>, Masami Hiramatsu
<mhiramat@...nel.org>, Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
Subject: Re: [PATCH v2 8/8] vdso: Modify getrandom to include the correct
namespace.
Le 23/09/2024 à 16:19, Vincenzo Frascino a écrit :
> The VDSO implementation includes headers from outside of the
> vdso/ namespace.
>
> Modify getrandom to take advantage of the refactoring done in the
> previous patches and to include only the vdso/ namespace.
>
> Cc: Andy Lutomirski <luto@...nel.org>
> Cc: Thomas Gleixner <tglx@...utronix.de>
> Cc: Jason A. Donenfeld <Jason@...c4.com>
> Signed-off-by: Vincenzo Frascino <vincenzo.frascino@....com>
> ---
> include/vdso/datapage.h | 1 +
> lib/vdso/getrandom.c | 22 +++++++++++-----------
> 2 files changed, 12 insertions(+), 11 deletions(-)
>
> diff --git a/include/vdso/datapage.h b/include/vdso/datapage.h
> index b7d6c71f20c1..127f0c51bf01 100644
> --- a/include/vdso/datapage.h
> +++ b/include/vdso/datapage.h
> @@ -5,6 +5,7 @@
> #ifndef __ASSEMBLY__
>
> #include <linux/compiler.h>
> +#include <linux/build_bug.h>
What in this datapage.h requires this build_bug header ?
> #include <uapi/linux/time.h>
> #include <uapi/linux/types.h>
> #include <uapi/asm-generic/errno-base.h>
> diff --git a/lib/vdso/getrandom.c b/lib/vdso/getrandom.c
> index 938ca539aaa6..e15d3cf768c9 100644
> --- a/lib/vdso/getrandom.c
> +++ b/lib/vdso/getrandom.c
> @@ -3,19 +3,19 @@
> * Copyright (C) 2022-2024 Jason A. Donenfeld <Jason@...c4.com>. All Rights Reserved.
> */
>
> -#include <linux/array_size.h>
> -#include <linux/minmax.h>
> #include <vdso/datapage.h>
> #include <vdso/getrandom.h>
> #include <vdso/unaligned.h>
> -#include <asm/vdso/getrandom.h>
> -#include <uapi/linux/mman.h>
> -#include <uapi/linux/random.h>
> +#include <vdso/mman.h>
This change is not needed, asm/vdso/getrandom.h is in VDSO namespace,
and the other two are UAPI headers which must be safe to include in VDSO
code as VDSO code in userland code.
> +#include <vdso/page.h>
>
> -#undef PAGE_SIZE
> -#undef PAGE_MASK
> -#define PAGE_SIZE (1UL << CONFIG_PAGE_SHIFT)
> -#define PAGE_MASK (~(PAGE_SIZE - 1))
> +#ifndef ARRAY_SIZE
> +#define ARRAY_SIZE(x) (sizeof(x) / sizeof(*x))
> +#endif
> +
> +#ifndef min_t
> +#define min_t(type,a,b) ((type)(a) < (type)(b) ? (type)(a) : (type)(b))
> +#endif
Would be better to force undefine/redefine ARRAY_SIZE and min_t instead
of defining them only when they don't exist already.
>
> #define MEMCPY_AND_ZERO_SRC(type, dst, src, len) do { \
> while (len >= sizeof(type)) { \
> @@ -79,8 +79,8 @@ __cvdso_getrandom_data(const struct vdso_rng_data *rng_info, void *buffer, size_
> if (unlikely(opaque_len == ~0UL && !buffer && !len && !flags)) {
> struct vgetrandom_opaque_params *params = opaque_state;
> params->size_of_opaque_state = sizeof(*state);
> - params->mmap_prot = PROT_READ | PROT_WRITE;
> - params->mmap_flags = MAP_DROPPABLE | MAP_ANONYMOUS;
> + params->mmap_prot = VDSO_MMAP_PROT;
> + params->mmap_flags = VDSO_MMAP_FLAGS;
At the time being the flags and prot are the same for all architectures,
there is no point in introducing VDSO_MMAP_PROT and VDSO_MMAP_FLAGS.
Maybe one day that may be needed, but until that day nothing should be
changed, unless you already have in mind and describe an architecture
that will need that.
Christophe
> for (size_t i = 0; i < ARRAY_SIZE(params->reserved); ++i)
> params->reserved[i] = 0;
> return 0;
Powered by blists - more mailing lists