Date: Mon, 22 May 2017 14:38:03 +1000 From: Andrew Donnellan <andrew.donnellan@....ibm.com> To: Daniel Axtens <dja@...ens.net>, kernel-hardening@...ts.openwall.com, linuxppc-dev@...ts.ozlabs.org Cc: Daniel Micay <danielmicay@...il.com>, Kees Cook <keescook@...omium.org> Subject: Re: [PATCH 2/2] powerpc: Make feature-fixup tests fortify-safe On 22/05/17 11:32, Daniel Axtens wrote: > Testing the fortified string functions would cause a kernel > panic on boot in test_feature_fixups() due to a buffer overflow > in memcmp. > > This boils down to things like this: > > extern unsigned int ftr_fixup_test1; > extern unsigned int ftr_fixup_test1_orig; > > check(memcmp(&ftr_fixup_test1, &ftr_fixup_test1_orig, size) == 0); > > We know that these are asm labels so it is safe to read up to > 'size' bytes at those addresses. > > However, because we have passed the address of a single unsigned > int to memcmp, the compiler believes the underlying object is in > fact a single unsigned int. So if size > sizeof(unsigned int), > there will be a panic at runtime. > > We can fix this by changing the types: instead of calling the asm > labels unsigned ints, call them unsigned ints. Therefore the > size isn't incorrectly determined at compile time and we get a > regular unsafe memcmp and no panic. > >  http://openwall.com/lists/kernel-hardening/2017/05/09/2 > > Suggested-by: Michael Ellerman <mpe@...erman.id.au> > Cc: Kees Cook <keescook@...omium.org> > Cc: Daniel Micay <danielmicay@...il.com> > Signed-off-by: Daniel Axtens <dja@...ens.net> With this patch on top of Kees' fortify branch, my Tuleta boots powernv_defconfig baremetal with no obvious regressions. Tested-by: Andrew Donnellan <andrew.donnellan@....ibm.com> Patch looks sane enough too. Reviewed-by: Andrew Donnellan <andrew.donnellan@....ibm.com> -- Andrew Donnellan OzLabs, ADL Canberra andrew.donnellan@....ibm.com IBM Australia Limited
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.