lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CABVgOSmpBnHLjmkhnnBoM9OJrexTs9Lhe-bkspu+vj1NYMUNLQ@mail.gmail.com>
Date: Fri, 17 Oct 2025 13:08:32 +0800
From: David Gow <davidgow@...gle.com>
To: Florian Schmaus <florian.schmaus@...asip.com>
Cc: Brendan Higgins <brendan.higgins@...ux.dev>, Rae Moar <rmoar@...gle.com>, 
	linux-kselftest@...r.kernel.org, kunit-dev@...glegroups.com, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kunit: test_dev_action: Correctly cast 'priv' pointer to long*

On Wed, 15 Oct 2025 at 15:23, Florian Schmaus
<florian.schmaus@...asip.com> wrote:
>
> The previous implementation incorrectly assumed the original type of
> 'priv' was void**, leading to an unnecessary and misleading
> cast. Correct the cast of the 'priv' pointer in test_dev_action() to
> its actual type, long*, removing an unnecessary cast.
>
> As an additional benefit, this fixes an out-of-bounds CHERI fault on
> hardware with architectural capabilities. The original implementation
> tried to store a capability-sized pointer using the 'priv'
> pointer. However, the 'priv' pointer's capability only granted access
> to the memory region of its original long type, leading to a bounds
> violation since the size of a long is smaller than the size of a
> capability. This change ensures that the pointer usage respects the
> capabilities' bounds.
>
> Signed-off-by: Florian Schmaus <florian.schmaus@...asip.com>
> ---

Thanks for this.

One simple formatting issue below, otherwise this is fine.

Also, it'd be good to add a 'Fixes' tag:
Fixes: d03c720e03bd ("kunit: Add APIs for managing devices")

Reviewed-by: David Gow <davidgow@...gle.com>

Cheers,
-- David

>  lib/kunit/kunit-test.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/kunit/kunit-test.c b/lib/kunit/kunit-test.c
> index 8c01eabd4eaf..957b67818489 100644
> --- a/lib/kunit/kunit-test.c
> +++ b/lib/kunit/kunit-test.c
> @@ -739,7 +739,7 @@ static struct kunit_case kunit_current_test_cases[] = {
>
>  static void test_dev_action(void *priv)
>  {
> -       *(void **)priv = (void *)1;
> +       *(long*)priv = 1;

checkpatch whinges here:
ERROR: "(foo*)" should be "(foo *)"
#39: FILE: lib/kunit/kunit-test.c:742:
+       *(long*)priv = 1;


>  }
>
>  static void kunit_device_test(struct kunit *test)
> --
> 2.51.0
>

Download attachment "smime.p7s" of type "application/pkcs7-signature" (5281 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ