From: Tyler Hicks <code@tyhicks.com>
To: Jann Horn <jannh@google.com>
Cc: Kees Cook <keescook@chromium.org>,
Andy Lutomirski <luto@amacapital.net>,
Will Drewry <wad@chromium.org>,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] seccomp: Remove bogus __user annotations
Date: Fri, 20 Nov 2020 09:35:59 -0600 [thread overview]
Message-ID: <20201120153559.GA4119@sequoia> (raw)
In-Reply-To: <20201120015913.1375667-1-jannh@google.com>
Hey Jann - Thanks for cleaning this up!
On 2020-11-20 02:59:13, Jann Horn wrote:
> Buffers that are passed to read_actions_logged() and write_actions_logged()
> are in kernel memory; the sysctl core takes care of copying from/to
> userspace.
>
> Fixes: 0ddec0fc8900 ("seccomp: Sysctl to configure actions that are allowed to be logged")
After tracing back through the code, I was struggling to understand why
I thought the __user annotation was needed back then. It turns out that
__user was correct when I wrote 0ddec0fc8900 and that the Fixes tag
should be changed to this:
Fixes: 32927393dc1c ("sysctl: pass kernel pointers to ->proc_handler")
If you agree, please adjust and resubmit with:
Reviewed-by: Tyler Hicks <code@tyhicks.com>
Thank you!
Tyler
> Signed-off-by: Jann Horn <jannh@google.com>
> ---
> kernel/seccomp.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/seccomp.c b/kernel/seccomp.c
> index 8ad7a293255a..c2bff3561846 100644
> --- a/kernel/seccomp.c
> +++ b/kernel/seccomp.c
> @@ -1968,7 +1968,7 @@ static bool seccomp_actions_logged_from_names(u32 *actions_logged, char *names)
> return true;
> }
>
> -static int read_actions_logged(struct ctl_table *ro_table, void __user *buffer,
> +static int read_actions_logged(struct ctl_table *ro_table, void *buffer,
> size_t *lenp, loff_t *ppos)
> {
> char names[sizeof(seccomp_actions_avail)];
> @@ -1986,7 +1986,7 @@ static int read_actions_logged(struct ctl_table *ro_table, void __user *buffer,
> return proc_dostring(&table, 0, buffer, lenp, ppos);
> }
>
> -static int write_actions_logged(struct ctl_table *ro_table, void __user *buffer,
> +static int write_actions_logged(struct ctl_table *ro_table, void *buffer,
> size_t *lenp, loff_t *ppos, u32 *actions_logged)
> {
> char names[sizeof(seccomp_actions_avail)];
>
> base-commit: 4d02da974ea85a62074efedf354e82778f910d82
> --
> 2.29.2.454.gaff20da3a2-goog
>
next prev parent reply other threads:[~2020-11-20 15:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-20 1:59 [PATCH] seccomp: Remove bogus __user annotations Jann Horn
2020-11-20 15:35 ` Tyler Hicks [this message]
2020-11-20 15:45 ` Jann Horn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201120153559.GA4119@sequoia \
--to=code@tyhicks.com \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@amacapital.net \
--cc=wad@chromium.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.