All of lore.kernel.org
 help / color / mirror / Atom feed
* [Patch 3/5] Problems with upstream SPECTRE mitigation found in sendmsg/recvmsg  syscalls
@ 2020-12-07 11:00 François Legal
  2020-12-07 14:36 ` Philippe Gerum
  0 siblings, 1 reply; 3+ messages in thread
From: François Legal @ 2020-12-07 11:00 UTC (permalink / raw)
  To: xenomai

From: François LEGAL <devel@thom.fr.eu.org>

Add rtipc_get_arg (copy_from_ser) call on struct user_msghdr.

Signed-off-by: François LEGAL <devel@thom.fr.eu.org>
---
 kernel/drivers/ipc/bufp.c         | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/kernel/drivers/ipc/bufp.c b/kernel/drivers/ipc/bufp.c
index 45c917e..c09524c 100644
--- a/kernel/drivers/ipc/bufp.c
+++ b/kernel/drivers/ipc/bufp.c
@@ -352,12 +352,17 @@ static ssize_t __bufp_recvmsg(struct rtdm_fd *fd,
 }

 static ssize_t bufp_recvmsg(struct rtdm_fd *fd,
-			    struct user_msghdr *msg, int flags)
+			    struct user_msghdr *u_msg, int flags)
 {
 	struct iovec iov_fast[RTDM_IOV_FASTMAX], *iov;
 	struct sockaddr_ipc saddr;
+	struct user_msghdr _msg, *msg = & _msg;
 	ssize_t ret;

+	ret = rtipc_get_arg(fd, &_msg, u_msg, sizeof(_msg));
+	if (ret)
+		return -ret;
+
 	if (flags & ~MSG_DONTWAIT)
 		return -EINVAL;

@@ -598,14 +603,19 @@ fail:
 }

 static ssize_t bufp_sendmsg(struct rtdm_fd *fd,
-			    const struct user_msghdr *msg, int flags)
+			    const struct user_msghdr *u_msg, int flags)
 {
 	struct rtipc_private *priv = rtdm_fd_to_private(fd);
 	struct iovec iov_fast[RTDM_IOV_FASTMAX], *iov;
 	struct bufp_socket *sk = priv->state;
 	struct sockaddr_ipc daddr;
+	struct user_msghdr _msg, *msg = & _msg;
 	ssize_t ret;

+	ret = rtipc_get_arg(fd, &_msg, u_msg, sizeof(_msg));
+	if (ret)
+		return -ret;
+
 	if (flags & ~MSG_DONTWAIT)
 		return -EINVAL;



^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [Patch 3/5] Problems with upstream SPECTRE mitigation found in sendmsg/recvmsg  syscalls
  2020-12-07 11:00 [Patch 3/5] Problems with upstream SPECTRE mitigation found in sendmsg/recvmsg syscalls François Legal
@ 2020-12-07 14:36 ` Philippe Gerum
  2020-12-07 15:40   ` François Legal
  0 siblings, 1 reply; 3+ messages in thread
From: Philippe Gerum @ 2020-12-07 14:36 UTC (permalink / raw)
  To: François Legal; +Cc: xenomai


François Legal via Xenomai <xenomai@xenomai.org> writes:

> From: François LEGAL <devel@thom.fr.eu.org>
>
> Add rtipc_get_arg (copy_from_ser) call on struct user_msghdr.
>
> Signed-off-by: François LEGAL <devel@thom.fr.eu.org>
> ---
>  kernel/drivers/ipc/bufp.c         | 14 ++++++++++++--
>  1 file changed, 12 insertions(+), 2 deletions(-)
>  
> diff --git a/kernel/drivers/ipc/bufp.c b/kernel/drivers/ipc/bufp.c
> index 45c917e..c09524c 100644
> --- a/kernel/drivers/ipc/bufp.c
> +++ b/kernel/drivers/ipc/bufp.c
> @@ -352,12 +352,17 @@ static ssize_t __bufp_recvmsg(struct rtdm_fd *fd,
>  }
>  
>  static ssize_t bufp_recvmsg(struct rtdm_fd *fd,
> -			    struct user_msghdr *msg, int flags)
> +			    struct user_msghdr *u_msg, int flags)
>  {
>  	struct iovec iov_fast[RTDM_IOV_FASTMAX], *iov;
>  	struct sockaddr_ipc saddr;
> +	struct user_msghdr _msg, *msg = & _msg;
>  	ssize_t ret;
>  
> +	ret = rtipc_get_arg(fd, &_msg, u_msg, sizeof(_msg));
> +	if (ret)
> +		return -ret;

rtipc_get_arg() returns zero on sucess, or negated error codes already
(-EFAULT typically).

> +
>  	if (flags & ~MSG_DONTWAIT)
>  		return -EINVAL;
>  
> @@ -598,14 +603,19 @@ fail:
>  }
>  
>  static ssize_t bufp_sendmsg(struct rtdm_fd *fd,
> -			    const struct user_msghdr *msg, int flags)
> +			    const struct user_msghdr *u_msg, int flags)
>  {
>  	struct rtipc_private *priv = rtdm_fd_to_private(fd);
>  	struct iovec iov_fast[RTDM_IOV_FASTMAX], *iov;
>  	struct bufp_socket *sk = priv->state;
>  	struct sockaddr_ipc daddr;
> +	struct user_msghdr _msg, *msg = & _msg;
>  	ssize_t ret;
>  
> +	ret = rtipc_get_arg(fd, &_msg, u_msg, sizeof(_msg));
> +	if (ret)
> +		return -ret;
> +

ditto.

>  	if (flags & ~MSG_DONTWAIT)
>  		return -EINVAL;


-- 
Philippe.


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [Patch 3/5] Problems with  upstream SPECTRE mitigation found in sendmsg/recvmsg   syscalls
  2020-12-07 14:36 ` Philippe Gerum
@ 2020-12-07 15:40   ` François Legal
  0 siblings, 0 replies; 3+ messages in thread
From: François Legal @ 2020-12-07 15:40 UTC (permalink / raw)
  To: Philippe Gerum; +Cc: xenomai

Le Lundi, Décembre 07, 2020 15:36 CET, Philippe Gerum <rpm@xenomai.org> a écrit:

>
> François Legal via Xenomai <xenomai@xenomai.org> writes:
>
> > From: François LEGAL <devel@thom.fr.eu.org>
> >
> > Add rtipc_get_arg (copy_from_ser) call on struct user_msghdr.
> >
> > Signed-off-by: François LEGAL <devel@thom.fr.eu.org>
> > ---
> >  kernel/drivers/ipc/bufp.c         | 14 ++++++++++++--
> >  1 file changed, 12 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/drivers/ipc/bufp.c b/kernel/drivers/ipc/bufp.c
> > index 45c917e..c09524c 100644
> > --- a/kernel/drivers/ipc/bufp.c
> > +++ b/kernel/drivers/ipc/bufp.c
> > @@ -352,12 +352,17 @@ static ssize_t __bufp_recvmsg(struct rtdm_fd *fd,
> >  }
> >
> >  static ssize_t bufp_recvmsg(struct rtdm_fd *fd,
> > -			    struct user_msghdr *msg, int flags)
> > +			    struct user_msghdr *u_msg, int flags)
> >  {
> >  	struct iovec iov_fast[RTDM_IOV_FASTMAX], *iov;
> >  	struct sockaddr_ipc saddr;
> > +	struct user_msghdr _msg, *msg = & _msg;
> >  	ssize_t ret;
> >
> > +	ret = rtipc_get_arg(fd, &_msg, u_msg, sizeof(_msg));
> > +	if (ret)
> > +		return -ret;
>
> rtipc_get_arg() returns zero on sucess, or negated error codes already
> (-EFAULT typically).
>

Correct. I missed this one. Thanks.

> > +
> >  	if (flags & ~MSG_DONTWAIT)
> >  		return -EINVAL;
> >
> > @@ -598,14 +603,19 @@ fail:
> >  }
> >
> >  static ssize_t bufp_sendmsg(struct rtdm_fd *fd,
> > -			    const struct user_msghdr *msg, int flags)
> > +			    const struct user_msghdr *u_msg, int flags)
> >  {
> >  	struct rtipc_private *priv = rtdm_fd_to_private(fd);
> >  	struct iovec iov_fast[RTDM_IOV_FASTMAX], *iov;
> >  	struct bufp_socket *sk = priv->state;
> >  	struct sockaddr_ipc daddr;
> > +	struct user_msghdr _msg, *msg = & _msg;
> >  	ssize_t ret;
> >
> > +	ret = rtipc_get_arg(fd, &_msg, u_msg, sizeof(_msg));
> > +	if (ret)
> > +		return -ret;
> > +
>
> ditto.
>
> >  	if (flags & ~MSG_DONTWAIT)
> >  		return -EINVAL;
>
>
> --
> Philippe.



^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-12-07 15:40 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-12-07 11:00 [Patch 3/5] Problems with upstream SPECTRE mitigation found in sendmsg/recvmsg syscalls François Legal
2020-12-07 14:36 ` Philippe Gerum
2020-12-07 15:40   ` François Legal

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.