lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b66580447aa94593136186a4046fd350e598943a.camel@xry111.site>
Date: Mon, 20 Jan 2025 17:21:08 +0800
From: Xi Ruoyao <xry111@...111.site>
To: Florian Weimer <fweimer@...hat.com>, Christian Brauner
 <brauner@...nel.org>
Cc: Aleksa Sarai <cyphar@...har.com>, Ingo Molnar <mingo@...hat.com>, Peter
 Zijlstra <peterz@...radead.org>, Juri Lelli <juri.lelli@...hat.com>,
 Vincent Guittot	 <vincent.guittot@...aro.org>, Dietmar Eggemann
 <dietmar.eggemann@....com>,  Steven Rostedt <rostedt@...dmis.org>, Ben
 Segall <bsegall@...gle.com>, Mel Gorman <mgorman@...e.de>, Valentin
 Schneider <vschneid@...hat.com>, Alexander Viro <viro@...iv.linux.org.uk>,
 Jan Kara <jack@...e.cz>,  Arnd Bergmann	 <arnd@...db.de>, Shuah Khan
 <shuah@...nel.org>, Kees Cook <kees@...nel.org>,  Mark Rutland
 <mark.rutland@....com>, linux-kernel@...r.kernel.org,
 linux-api@...r.kernel.org, 	linux-fsdevel@...r.kernel.org,
 linux-arch@...r.kernel.org, 	linux-kselftest@...r.kernel.org,
 libc-alpha@...rceware.org
Subject: Re: [PATCH RFC v3 02/10] sched_getattr: port to copy_struct_to_user

On Mon, 2025-01-20 at 06:28 +0100, Florian Weimer wrote:
> * Xi Ruoyao:
> 
> > On Wed, 2024-12-11 at 11:23 +0100, Christian Brauner wrote:
> > > On Tue, Dec 10, 2024 at 07:14:07PM +0100, Florian Weimer wrote:
> > > > * Aleksa Sarai:
> > > > 
> > > > > sched_getattr(2) doesn't care about trailing non-zero bytes in the
> > > > > (ksize > usize) case, so just use copy_struct_to_user() without checking
> > > > > ignored_trailing.
> > > > 
> > > > I think this is what causes glibc's misc/tst-sched_setattr test to fail
> > > > on recent kernels.  The previous non-modifying behavior was documented
> > > > in the manual page:
> > > > 
> > > >        If the caller-provided attr buffer is larger than the kernel's
> > > >        sched_attr structure, the additional bytes in the user-space
> > > >        structure are not touched.
> > > > 
> > > > I can just drop this part of the test if the kernel deems both behaviors
> > > > valid.
> > 
> > > I think in general both behaviors are valid but I would consider zeroing
> > > the unknown parts of the provided buffer to be the safer option. And all
> > > newer extensible struct system calls do that.
> > 
> > Florian,
> > 
> > So should we drop the test before Glibc-2.41 release?  I'm seeing the
> > failure during my machine test.
> I was waiting for a verdict from the kernel developers.  I didn't expect
> such a change to happen given the alleged UAPI policy.

But 6.13 is already released without reverting the behavior change
now...  So is this the "final" verdict?

-- 
Xi Ruoyao <xry111@...111.site>
School of Aerospace Science and Technology, Xidian University

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ