lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <f8d7c27c16994cabb053762b3906673c@AcuMS.aculab.com>
Date: Sun, 1 Dec 2024 11:25:28 +0000
From: David Laight <David.Laight@...LAB.COM>
To: 'Linus Torvalds' <torvalds@...ux-foundation.org>, 'Andrew Cooper'
	<andrew.cooper3@...rix.com>, "'bp@...en8.de'" <bp@...en8.de>, "'Josh
 Poimboeuf'" <jpoimboe@...nel.org>, "stable@...r.kernel.org"
	<stable@...r.kernel.org>
CC: "'x86@...nel.org'" <x86@...nel.org>, "'linux-kernel@...r.kernel.org'"
	<linux-kernel@...r.kernel.org>, 'Arnd Bergmann' <arnd@...nel.org>, "'Mikel
 Rychliski'" <mikel@...elr.com>, 'Thomas Gleixner' <tglx@...utronix.de>,
	"'Ingo Molnar'" <mingo@...hat.com>, 'Borislav Petkov' <bp@...en8.de>, 'Dave
 Hansen' <dave.hansen@...ux.intel.com>, "'H. Peter Anvin'" <hpa@...or.com>
Subject: RE: [PATCH v2] x86: Allow user accesses to the base of the guard page

CC stable.

This needs picking up for 6.12

Head commit 573f45a9f9a47 applied by Linus with a modified commit message.

	David

> -----Original Message-----
> From: David Laight
> Sent: 24 November 2024 15:39
> To: 'Linus Torvalds' <torvalds@...ux-foundation.org>; 'Andrew Cooper' <andrew.cooper3@...rix.com>;
> 'bp@...en8.de' <bp@...en8.de>; 'Josh Poimboeuf' <jpoimboe@...nel.org>
> Cc: 'x86@...nel.org' <x86@...nel.org>; 'linux-kernel@...r.kernel.org' <linux-kernel@...r.kernel.org>;
> 'Arnd Bergmann' <arnd@...nel.org>; 'Mikel Rychliski' <mikel@...elr.com>; 'Thomas Gleixner'
> <tglx@...utronix.de>; 'Ingo Molnar' <mingo@...hat.com>; 'Borislav Petkov' <bp@...en8.de>; 'Dave
> Hansen' <dave.hansen@...ux.intel.com>; 'H. Peter Anvin' <hpa@...or.com>
> Subject: [PATCH v2] x86: Allow user accesses to the base of the guard page
> 
> __access_ok() calls valid_user_address() with the address after
> the last byte of the user buffer.
> It is valid for a buffer to end with the last valid user address
> so valid_user_address() must allow accesses to the base of the
> guard page.
> 
> Fixes: 86e6b1547b3d0 ("x86: fix user address masking non-canonical speculation issue")
> Signed-off-by: David Laight <david.laight@...lab.com>
> ---
> 
> v2: Rewritten commit message.
> 
>  arch/x86/kernel/cpu/common.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
> index 06a516f6795b..ca327cfa42ae 100644
> --- a/arch/x86/kernel/cpu/common.c
> +++ b/arch/x86/kernel/cpu/common.c
> @@ -2389,12 +2389,12 @@ void __init arch_cpu_finalize_init(void)
>  	alternative_instructions();
> 
>  	if (IS_ENABLED(CONFIG_X86_64)) {
> -		unsigned long USER_PTR_MAX = TASK_SIZE_MAX-1;
> +		unsigned long USER_PTR_MAX = TASK_SIZE_MAX;
> 
>  		/*
>  		 * Enable this when LAM is gated on LASS support
>  		if (cpu_feature_enabled(X86_FEATURE_LAM))
> -			USER_PTR_MAX = (1ul << 63) - PAGE_SIZE - 1;
> +			USER_PTR_MAX = (1ul << 63) - PAGE_SIZE;
>  		 */
>  		runtime_const_init(ptr, USER_PTR_MAX);
> 
> --
> 2.17.1

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ