[PATCH] um: Fix pointer cast

linux-um.lists.infradead.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] um: Fix pointer cast
@ 2015-12-22 20:44 Mickaël Salaün
  2015-12-22 21:23 ` Richard Weinberger
  2015-12-22 22:30 ` Al Viro
  0 siblings, 2 replies; 3+ messages in thread
From: Mickaël Salaün @ 2015-12-22 20:44 UTC (permalink / raw)
  To: linux-kernel
  Cc: Mickaël Salaün, Jeff Dike, Richard Weinberger,
	Linus Torvalds, user-mode-linux-devel

Fix a pointer cast typo introduced in v4.4-rc5 especially visible for
the i386 subarchitecture where it results in a kernel crash.

Fixes: 8090bfd2bb9a ("um: Fix fpstate handling")

Signed-off-by: Mickaël Salaün <mic@digikod.net>
Cc: Jeff Dike <jdike@addtoit.com>
Cc: Richard Weinberger <richard@nod.at>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
---
 arch/x86/um/signal.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/x86/um/signal.c b/arch/x86/um/signal.c
index e5f854ce2d72..cbb541b80358 100644
--- a/arch/x86/um/signal.c
+++ b/arch/x86/um/signal.c
@@ -470,7 +470,7 @@ long sys_sigreturn(void)
 	struct sigcontext __user *sc = &frame->sc;
 	int sig_size = (_NSIG_WORDS - 1) * sizeof(unsigned long);
 
-	if (copy_from_user(&set.sig[0], (void *)sc->oldmask, sizeof(set.sig[0])) ||
+	if (copy_from_user(&set.sig[0], (void *)&sc->oldmask, sizeof(set.sig[0])) ||
 	    copy_from_user(&set.sig[1], frame->extramask, sig_size))
 		goto segfault;
 
-- 
2.6.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] um: Fix pointer cast
  2015-12-22 20:44 [PATCH] um: Fix pointer cast Mickaël Salaün
@ 2015-12-22 21:23 ` Richard Weinberger
  2015-12-22 22:30 ` Al Viro
  1 sibling, 0 replies; 3+ messages in thread
From: Richard Weinberger @ 2015-12-22 21:23 UTC (permalink / raw)
  To: Mickaël Salaün, linux-kernel
  Cc: Jeff Dike, Linus Torvalds, user-mode-linux-devel

Am 22.12.2015 um 21:44 schrieb Mickaël Salaün:
> Fix a pointer cast typo introduced in v4.4-rc5 especially visible for
> the i386 subarchitecture where it results in a kernel crash.
> 
> Fixes: 8090bfd2bb9a ("um: Fix fpstate handling")
> 
> Signed-off-by: Mickaël Salaün <mic@digikod.net>
> Cc: Jeff Dike <jdike@addtoit.com>
> Cc: Richard Weinberger <richard@nod.at>
> Cc: Linus Torvalds <torvalds@linux-foundation.org>
> ---
>  arch/x86/um/signal.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/x86/um/signal.c b/arch/x86/um/signal.c
> index e5f854ce2d72..cbb541b80358 100644
> --- a/arch/x86/um/signal.c
> +++ b/arch/x86/um/signal.c
> @@ -470,7 +470,7 @@ long sys_sigreturn(void)
>  	struct sigcontext __user *sc = &frame->sc;
>  	int sig_size = (_NSIG_WORDS - 1) * sizeof(unsigned long);
>  
> -	if (copy_from_user(&set.sig[0], (void *)sc->oldmask, sizeof(set.sig[0])) ||
> +	if (copy_from_user(&set.sig[0], (void *)&sc->oldmask, sizeof(set.sig[0])) ||
>  	    copy_from_user(&set.sig[1], frame->extramask, sig_size))
>  		goto segfault;

o_O, thanks for catching this!

Thanks,
//richard
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] um: Fix pointer cast
  2015-12-22 20:44 [PATCH] um: Fix pointer cast Mickaël Salaün
  2015-12-22 21:23 ` Richard Weinberger
@ 2015-12-22 22:30 ` Al Viro
  1 sibling, 0 replies; 3+ messages in thread
From: Al Viro @ 2015-12-22 22:30 UTC (permalink / raw)
  To: Mickaël Salaün
  Cc: linux-kernel, Jeff Dike, Richard Weinberger, Linus Torvalds,
	user-mode-linux-devel

On Tue, Dec 22, 2015 at 09:44:01PM +0100, Mickaël Salaün wrote:
> Fix a pointer cast typo introduced in v4.4-rc5 especially visible for
> the i386 subarchitecture where it results in a kernel crash.

Why the hell bother casting it at all?  _Any_ pointer will quietly convert
to void *, no typecasts needed.  The second argument of copy_from_user
is const void __user *; sc is struct sigcontext __user *sc, so
&sb->oldmask is either __u32 __user * or __u64 __user *, for 32bit and
64bit builds resp.  Either is assignment-compatible with
const void __user *.

Basically, cast is telling the typechecking logics "sod off, I know better".
And here it's not needed at all.  Moreover, the bug you are fixing here is
precisely that this code did *not* know better - if not for that cast,
compiler would've immediately pointed to the problem.

> -	if (copy_from_user(&set.sig[0], (void *)sc->oldmask, sizeof(set.sig[0])) ||
> +	if (copy_from_user(&set.sig[0], (void *)&sc->oldmask, sizeof(set.sig[0])) ||

Please, remove the cast completely.  Simply pass it &sc->oldmask and be
done with that.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2015-12-22 22:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-12-22 20:44 [PATCH] um: Fix pointer cast Mickaël Salaün
2015-12-22 21:23 ` Richard Weinberger
2015-12-22 22:30 ` Al Viro

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).