From: Hans-Christian Egtvedt <egtvedt@samfundet.no>
To: Andrey Ryabinin <a.ryabinin@samsung.com>
Cc: Haavard Skinnemoen <hskinnemoen@gmail.com>,
linux-kernel@vger.kernel.org, Kees Cook <keescook@chromium.org>,
Yury Gribov <y.gribov@samsung.com>
Subject: Re: [PATCH] avr32: fix integer overflow in ELF_ET_DYN_BASE
Date: Wed, 25 Mar 2015 07:29:33 +0100 [thread overview]
Message-ID: <20150325062933.GC3771@samfundet.no> (raw)
In-Reply-To: <1427211084-24839-1-git-send-email-a.ryabinin@samsung.com>
Around Tue 24 Mar 2015 18:31:22 +0300 or thereabout, Andrey Ryabinin wrote:
> Almost all arches define ELF_ET_DYN_BASE as 2/3 of TASK_SIZE.
> Though it seems that some architectures do this in a wrong way.
> The problem is that 2*TASK_SIZE may overflow 32-bits so
> the real ELF_ET_DYN_BASE becomes wrong.
> Fix this overflow by dividing TASK_SIZE prior to multiplying:
> (TASK_SIZE / 3 * 2)
Thank you for fixing (-:
> Signed-off-by: Andrey Ryabinin <a.ryabinin@samsung.com>
>
Acked-by: Hans-Christian Egtvedt <egtvedt@samfundet.no>
Added to for-linus branch in
git://git.kernel.org/pub/scm/linux/kernel/git/egtvedt/linux-avr32.git
queued for Linux 4.1.
> ---
> arch/avr32/include/asm/elf.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/arch/avr32/include/asm/elf.h b/arch/avr32/include/asm/elf.h
> index d232888..0388ece 100644
> --- a/arch/avr32/include/asm/elf.h
> +++ b/arch/avr32/include/asm/elf.h
> @@ -84,7 +84,7 @@ typedef struct user_fpu_struct elf_fpregset_t;
> the loader. We need to make sure that it is out of the way of the program
> that it will "exec", and that there is sufficient room for the brk. */
>
> -#define ELF_ET_DYN_BASE (2 * TASK_SIZE / 3)
> +#define ELF_ET_DYN_BASE (TASK_SIZE / 3 * 2)
>
>
> /* This yields a mask that user programs can use to figure out what
--
Best regards,
Hans-Christian Egtvedt
prev parent reply other threads:[~2015-03-25 6:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-03-24 15:31 [PATCH] avr32: fix integer overflow in ELF_ET_DYN_BASE Andrey Ryabinin
2015-03-24 15:31 ` [PATCH] cris: " Andrey Ryabinin
2015-03-25 10:37 ` Jesper Nilsson
2015-03-24 15:31 ` [PATCH] x86, UML: " Andrey Ryabinin
2015-03-25 6:29 ` Hans-Christian Egtvedt [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150325062933.GC3771@samfundet.no \
--to=egtvedt@samfundet.no \
--cc=a.ryabinin@samsung.com \
--cc=hskinnemoen@gmail.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=y.gribov@samsung.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.