lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 23 Oct 2020 13:28:57 +0000 From: David Laight <David.Laight@...LAB.COM> To: 'Arnd Bergmann' <arnd@...db.de> CC: Greg KH <gregkh@...uxfoundation.org>, David Hildenbrand <david@...hat.com>, Al Viro <viro@...iv.linux.org.uk>, Nick Desaulniers <ndesaulniers@...gle.com>, Christoph Hellwig <hch@....de>, "kernel-team@...roid.com" <kernel-team@...roid.com>, Andrew Morton <akpm@...ux-foundation.org>, Jens Axboe <axboe@...nel.dk>, David Howells <dhowells@...hat.com>, "linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-mips@...r.kernel.org" <linux-mips@...r.kernel.org>, "linux-parisc@...r.kernel.org" <linux-parisc@...r.kernel.org>, "linuxppc-dev@...ts.ozlabs.org" <linuxppc-dev@...ts.ozlabs.org>, "linux-s390@...r.kernel.org" <linux-s390@...r.kernel.org>, "sparclinux@...r.kernel.org" <sparclinux@...r.kernel.org>, "linux-block@...r.kernel.org" <linux-block@...r.kernel.org>, "linux-scsi@...r.kernel.org" <linux-scsi@...r.kernel.org>, "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, "linux-aio@...ck.org" <linux-aio@...ck.org>, "io-uring@...r.kernel.org" <io-uring@...r.kernel.org>, "linux-arch@...r.kernel.org" <linux-arch@...r.kernel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, "keyrings@...r.kernel.org" <keyrings@...r.kernel.org>, "linux-security-module@...r.kernel.org" <linux-security-module@...r.kernel.org> Subject: RE: Buggy commit tracked to: "Re: [PATCH 2/9] iov_iter: move rw_copy_check_uvector() into lib/iov_iter.c" From: Arnd Bergmann > Sent: 23 October 2020 14:23 > > On Fri, Oct 23, 2020 at 2:46 PM David Laight <David.Laight@...lab.com> wrote: > > > > From: Greg KH <gregkh@...uxfoundation.org> > > > Sent: 22 October 2020 14:51 > > > > I've rammed the code into godbolt. > > > > https://godbolt.org/z/9v5PPW > > > > Definitely a clang bug. > > > > Search for [wx]24 in the clang output. > > nr_segs comes in as w2 and the initial bound checks are done on w2. > > w24 is loaded from w2 - I don't believe this changes the high bits. > > You believe wrong, "mov w24, w2" is a zero-extending operation. Ah ok, but gcc uses utxw for the same task. I guess they could be the same opcode. Last time I wrote ARM thumb didn't really exist - never mind 64bit David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales)
Powered by blists - more mailing lists