| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <288844da-400f-46f8-aa12-e0309424fb14@csgroup.eu>
Date: Tue, 26 Aug 2025 09:09:08 +0200
From: Christophe Leroy <christophe.leroy@...roup.eu>
To: Thomas Gleixner <tglx@...utronix.de>, LKML <linux-kernel@...r.kernel.org>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>, x86@...nel.org,
Peter Zijlstra <peterz@...radead.org>, Darren Hart <dvhart@...radead.org>,
Davidlohr Bueso <dave@...olabs.net>, André Almeida
<andrealmeid@...lia.com>, Alexander Viro <viro@...iv.linux.org.uk>,
Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
linux-fsdevel@...r.kernel.org
Subject: Re: [patch 3/4] x86/futex: Use user_*_masked_begin()
Le 13/08/2025 à 17:57, Thomas Gleixner a écrit :
> Replace the can_do_masked_user_access() conditional with the generic macro.
>
> No functional change.
>
> Signed-off-by: Thomas Gleixner <tglx@...utronix.de>
> Cc: x86@...nel.org
> ---
> arch/x86/include/asm/futex.h | 12 ++++--------
> 1 file changed, 4 insertions(+), 8 deletions(-)
>
> --- a/arch/x86/include/asm/futex.h
> +++ b/arch/x86/include/asm/futex.h
> @@ -48,9 +48,7 @@ do { \
> static __always_inline int arch_futex_atomic_op_inuser(int op, int oparg, int *oval,
> u32 __user *uaddr)
> {
> - if (can_do_masked_user_access())
> - uaddr = masked_user_access_begin(uaddr);
> - else if (!user_access_begin(uaddr, sizeof(u32)))
> + if (!user_write_masked_begin(uaddr))
You are replacing a user_access_begin() by a macro that calls
user_write_access_begin(). I means that reads will not be allowed,
allthough arch_futex_atomic_op_inuser() performs read-then-write, so it
requires a full read-write user access.
> return -EFAULT;
>
> switch (op) {
> @@ -74,7 +72,7 @@ static __always_inline int arch_futex_at
> user_access_end();
> return -ENOSYS;
> }
> - user_access_end();
> + user_write_access_end();
Same, can't be changed to write-only, read permission is required as well.
> return 0;
> Efault:
> user_access_end();
> @@ -86,9 +84,7 @@ static inline int futex_atomic_cmpxchg_i
> {
> int ret = 0;
>
> - if (can_do_masked_user_access())
> - uaddr = masked_user_access_begin(uaddr);
> - else if (!user_access_begin(uaddr, sizeof(u32)))
> + if (!user_write_masked_begin(uaddr))
Same, read access is also needed.
> return -EFAULT;
> asm volatile("\n"
> "1:\t" LOCK_PREFIX "cmpxchgl %3, %2\n"
> @@ -98,7 +94,7 @@ static inline int futex_atomic_cmpxchg_i
> : "r" (newval), "1" (oldval)
> : "memory"
> );
> - user_access_end();
> + user_write_access_end();
Same, read access is also needed.
> *uval = oldval;
> return ret;
> }
>
>
Powered by blists - more mailing lists