From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752686AbcD2H5v (ORCPT ); Fri, 29 Apr 2016 03:57:51 -0400 Received: from mail-wm0-f67.google.com ([74.125.82.67]:36699 "EHLO mail-wm0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751045AbcD2H5t (ORCPT ); Fri, 29 Apr 2016 03:57:49 -0400 Date: Fri, 29 Apr 2016 09:57:45 +0200 From: Ingo Molnar To: Kees Cook Cc: Lasse Collin , One Thousand Gnomes , "H. Peter Anvin" , Thomas Gleixner , Ingo Molnar , "x86@kernel.org" , LKML , Yinghai Lu , Baoquan He , Borislav Petkov Subject: Re: [PATCH v4] x86/boot: Warn on future overlapping memcpy() use Message-ID: <20160429075745.GA3366@gmail.com> References: <20160429001822.GA15625@www.outflux.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20160429001822.GA15625@www.outflux.net> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org * Kees Cook wrote: > If an overlapping memcpy() is ever attempted, we should at least report > it, in case it might lead to problems, so it could be changed to a > memmove() call instead. > > Suggested-by: Ingo Molnar > Signed-off-by: Kees Cook > --- > v4: > - use __memcpy not memcpy since we've already done the check. > v3: > - call memmove in addition to doing the warning > v2: > - warn about overlapping region > --- > arch/x86/boot/compressed/string.c | 16 +++++++++++++--- > 1 file changed, 13 insertions(+), 3 deletions(-) I think you'll hate this patch some more: arch/x86/boot/compressed/string.c:68:3: warning: implicit declaration of function ‘warn’ [-Wimplicit-function-declaration] :-) Can we do the trick below? Because misc.h also includes the regular kernel memcpy functions, we can remove the decompressor specific __memcpy() - but the question is, is it safe to do? If it's not safe to do, we are playing with fire already I suspect: arch/x86/boot/compressed/cmdline.c:#include "misc.h" arch/x86/boot/compressed/early_serial_console.c:#include "misc.h" arch/x86/boot/compressed/kaslr.c:#include "misc.h" arch/x86/boot/compressed/misc.c:#include "misc.h" ? Thanks, Ingo arch/x86/boot/compressed/string.c | 31 +------------------------------ 1 file changed, 1 insertion(+), 30 deletions(-) diff --git a/arch/x86/boot/compressed/string.c b/arch/x86/boot/compressed/string.c index 952510976732..f4b95ed4e7a2 100644 --- a/arch/x86/boot/compressed/string.c +++ b/arch/x86/boot/compressed/string.c @@ -6,37 +6,8 @@ * (e.g. FPU ops) in the minimal decompression stub execution environment. */ #include "../string.c" -#include "misc.h" - -#ifdef CONFIG_X86_32 -static void *__memcpy(void *dest, const void *src, size_t n) -{ - int d0, d1, d2; - asm volatile( - "rep ; movsl\n\t" - "movl %4,%%ecx\n\t" - "rep ; movsb\n\t" - : "=&c" (d0), "=&D" (d1), "=&S" (d2) - : "0" (n >> 2), "g" (n & 3), "1" (dest), "2" (src) - : "memory"); - - return dest; -} -#else -static void *__memcpy(void *dest, const void *src, size_t n) -{ - long d0, d1, d2; - asm volatile( - "rep ; movsq\n\t" - "movq %4,%%rcx\n\t" - "rep ; movsb\n\t" - : "=&c" (d0), "=&D" (d1), "=&S" (d2) - : "0" (n >> 3), "g" (n & 7), "1" (dest), "2" (src) - : "memory"); - return dest; -} -#endif +#include "misc.h" void *memset(void *s, int c, size_t n) {