| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20260130-arm64_cgs-v1-1-c9b6942b6b70@debian.org>
Date: Fri, 30 Jan 2026 01:43:09 -0800
From: Breno Leitao <leitao@...ian.org>
To: Catalin Marinas <catalin.marinas@....com>,
Will Deacon <will@...nel.org>,
Thiago Jung Bauermann <thiago.bauermann@...aro.org>,
Mark Brown <broonie@...nel.org>
Cc: linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
Breno Leitao <leitao@...ian.org>
Subject: [PATCH] arm64/gcs: Fix error handling in
arch_set_shadow_stack_status()
alloc_gcs() returns an error-encoded pointer on failure, which comes
from do_mmap(), not NULL.
The current NULL check fails to detect errors, which could lead to using
an invalid GCS address.
Use IS_ERR_VALUE() to properly detect errors, consistent with the
check in gcs_alloc_thread_stack().
Fixes: b57180c75c7eb ("arm64/gcs: Implement shadow stack prctl() interface")
Signed-off-by: Breno Leitao <leitao@...ian.org>
---
PS: This was compiled-tested only, given I unfortunately don't have
a hardware to test on _yet_.
---
arch/arm64/mm/gcs.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/arm64/mm/gcs.c b/arch/arm64/mm/gcs.c
index 6e93f78de79b1..efce7642b1d7b 100644
--- a/arch/arm64/mm/gcs.c
+++ b/arch/arm64/mm/gcs.c
@@ -199,8 +199,8 @@ int arch_set_shadow_stack_status(struct task_struct *task, unsigned long arg)
size = gcs_size(0);
gcs = alloc_gcs(0, size);
- if (!gcs)
- return -ENOMEM;
+ if (IS_ERR_VALUE(gcs))
+ return PTR_ERR((void *)gcs);
task->thread.gcspr_el0 = gcs + size - sizeof(u64);
task->thread.gcs_base = gcs;
---
base-commit: 8dfce8991b95d8625d0a1d2896e42f93b9d7f68d
change-id: 20260129-arm64_cgs-496817025d1e
Best regards,
--
Breno Leitao <leitao@...ian.org>
Powered by blists - more mailing lists