lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAG48ez1wKqyCKZX7J2eJekTuzRshVE2btPEWQEm2hW9Ri46Uuw@mail.gmail.com>
Date: Tue, 5 Aug 2025 20:38:59 +0200
From: Jann Horn <jannh@...gle.com>
To: Zi Yan <ziy@...dia.com>
Cc: wang lian <lianux.mm@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org, 
	Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, David Hildenbrand <david@...hat.com>, 
	Wei Yang <richard.weiyang@...il.com>, Christian Brauner <brauner@...nel.org>, 
	Kairui Song <ryncsn@...il.com>, Liam Howlett <liam.howlett@...cle.com>, 
	Mark Brown <broonie@...nel.org>, SeongJae Park <sj@...nel.org>, Shuah Khan <shuah@...nel.org>, 
	Vlastimil Babka <vbabka@...e.cz>, linux-kernel@...r.kernel.org, 
	linux-kselftest@...r.kernel.org
Subject: Re: [PATCH] selftests/mm: fix FORCE_READ to read input value correctly.

On Tue, Aug 5, 2025 at 7:51 PM Zi Yan <ziy@...dia.com> wrote:
> FORCE_READ() converts input value x to its pointer type then reads from
> address x. This is wrong. If x is a non-pointer, it would be caught it
> easily. But all FORCE_READ() callers are trying to read from a pointer and
> FORCE_READ() basically reads a pointer to a pointer instead of the original
> typed pointer. Almost no access violation was found, except the one from
> split_huge_page_test.
[...]
> diff --git a/tools/testing/selftests/mm/vm_util.h b/tools/testing/selftests/mm/vm_util.h
> index c20298ae98ea..b55d1809debc 100644
> --- a/tools/testing/selftests/mm/vm_util.h
> +++ b/tools/testing/selftests/mm/vm_util.h
> @@ -23,7 +23,7 @@
>   * anything with it in order to trigger a read page fault. We therefore must use
>   * volatile to stop the compiler from optimising this away.
>   */
> -#define FORCE_READ(x) (*(volatile typeof(x) *)x)
> +#define FORCE_READ(x) (*(const volatile typeof(x) *)&(x))

So is the problem with the old code basically that it should have been
something like

#define FORCE_READ(x) (*(volatile typeof(*(x)) *)(x))

to actually cast the normal pointer to a volatile pointer?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ