| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250207210614.nks6bxad4jhdulwg@jpoimboe>
Date: Fri, 7 Feb 2025 13:06:14 -0800
From: Josh Poimboeuf <jpoimboe@...nel.org>
To: Jens Remus <jremus@...ux.ibm.com>
Cc: x86@...nel.org, Peter Zijlstra <peterz@...radead.org>,
Steven Rostedt <rostedt@...dmis.org>,
Ingo Molnar <mingo@...nel.org>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
linux-kernel@...r.kernel.org, Indu Bhagat <indu.bhagat@...cle.com>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...nel.org>, Namhyung Kim <namhyung@...nel.org>,
Ian Rogers <irogers@...gle.com>,
Adrian Hunter <adrian.hunter@...el.com>,
linux-perf-users@...r.kernel.org, Mark Brown <broonie@...nel.org>,
linux-toolchains@...r.kernel.org, Jordan Rome <jordalgo@...a.com>,
Sam James <sam@...too.org>, linux-trace-kernel@...r.kernel.org,
Andrii Nakryiko <andrii.nakryiko@...il.com>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Florian Weimer <fweimer@...hat.com>,
Andy Lutomirski <luto@...nel.org>,
Masami Hiramatsu <mhiramat@...nel.org>,
Weinan Liu <wnliu@...gle.com>, Heiko Carstens <hca@...ux.ibm.com>,
Vasily Gorbik <gor@...ux.ibm.com>
Subject: Re: [PATCH v4 19/39] unwind_user/sframe: Add support for reading
.sframe contents
On Wed, Feb 05, 2025 at 10:47:58AM +0100, Jens Remus wrote:
> UNSAFE_GET_USER_INC(ra_off, cur, offset_size, Efault);
>
> With offset_size=1 expands into:
>
> __UNSAFE_GET_USER_INC(/*to=*/ra_off, /*from=*cur, /*type=*/u8, /*label=*/Efault);
>
> Expands into:
>
> {
> u8 __to;
> unsafe_get_user(__to, (u8 __user *)cur, Efault);
> cur += sizeof(__to);
> ra_off = (typeof(ra_off))__to;
> }
>
> The issue is that on the last line __to is u8 instead of s8 and thus
> u8 gets casted to s32, which is performed without sign extension. __to
> would need to be s8 or get casted to s8 for sign extension to take
> place.
Ah, I get it now, thanks for spelling that out for me.
Here's what I have at the moment:
#define __UNSAFE_GET_USER_INC(to, from, type, label) \
({ \
type __to; \
unsafe_get_user(__to, (type __user *)from, label); \
from += sizeof(__to); \
to = __to; \
})
#define __UNSAFE_GET_USER_INC(to, from, size, label, u_or_s) \
({ \
switch (size) { \
case 1: \
__UNSAFE_GET_USER_INC(to, from, u_or_s##8, label); \
break; \
case 2: \
__UNSAFE_GET_USER_INC(to, from, u_or_s##16, label); \
break; \
case 4: \
__UNSAFE_GET_USER_INC(to, from, u_or_s##32, label); \
break; \
default: \
dbg_sec_uaccess("%d: bad unsafe_get_user() size %u\n", \
__LINE__, size); \
return -EFAULT; \
} \
})
#define UNSAFE_GET_USER_UNSIGNED_INC(to, from, size, label) \
__UNSAFE_GET_USER_INC(to, from, size, label, u)
#define UNSAFE_GET_USER_SIGNED_INC(to, from, size, label) \
__UNSAFE_GET_USER_INC(to, from, size, label, s)
#define UNSAFE_GET_USER_INC(to, from, size, label) \
_Generic(to, \
u8: UNSAFE_GET_USER_UNSIGNED_INC(to, from, size, label), \
u16: UNSAFE_GET_USER_UNSIGNED_INC(to, from, size, label), \
u32: UNSAFE_GET_USER_UNSIGNED_INC(to, from, size, label), \
s8: UNSAFE_GET_USER_SIGNED_INC(to, from, size, label), \
s16: UNSAFE_GET_USER_SIGNED_INC(to, from, size, label), \
s32: UNSAFE_GET_USER_SIGNED_INC(to, from, size, label))
Powered by blists - more mailing lists