[LTP] [PATCH 1/2] clock_nanosleep01: Avoid dereferencing bad pointers in libc on 32bit

[LTP] [PATCH 1/2] clock_nanosleep01: Avoid dereferencing bad pointers in libc on 32bit

[Richard Palethorpe via ltp]

In 32-bit (regardless of kernel bits) glibc and musl will usually
dereference the timespec pointers and try to read them. In some cases
this might be avoidable, but they must do it in others.

Passing invalid pointers is undefined in POSIX. In any case, AFAICT
libc would have to catch the signal in order to guarantee EFAULT is
returned.

Signed-off-by: Richard Palethorpe <rpalethorpe@suse.com>
---

Possibly we shouldn't test things like this at all through libc
wrappers.

 .../kernel/syscalls/clock_nanosleep/clock_nanosleep01.c   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c b/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c
index 382497918..7dc5a043d 100644
--- a/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c
+++ b/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c
@@ -154,6 +154,14 @@ static void do_test(unsigned int i)
 	else
 		remain = tst_ts_get(rm);
 
+	if ((request == bad_addr || remain == bad_addr) &&
+	    tv->clock_nanosleep == libc_clock_nanosleep &&
+	    sizeof(long) < 8) {
+		tst_res(TCONF,
+			"The libc 32-bit wrapper may dereference req or rem");
+		return;
+	}
+
 	TEST(tv->clock_nanosleep(tc->clk_id, tc->flags, request, remain));
 
 	if (tv->clock_nanosleep == libc_clock_nanosleep) {
-- 
2.33.0


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

[LTP] [PATCH 2/2] clock_nanosleep01: Add space to make make-check happy

[Richard Palethorpe via ltp]

Signed-off-by: Richard Palethorpe <rpalethorpe@suse.com>
---
 testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c b/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c
index 7dc5a043d..d7b14fd94 100644
--- a/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c
+++ b/testcases/kernel/syscalls/clock_nanosleep/clock_nanosleep01.c
@@ -200,7 +200,7 @@ static void do_test(unsigned int i)
 		}
 
 		if (remain_ms > expect_ms) {
-			tst_res(TFAIL| TTERRNO,
+			tst_res(TFAIL | TTERRNO,
 				"remaining time > requested time (%lld > %lld)",
 				remain_ms, expect_ms);
 			return;
-- 
2.33.0


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

Re: [LTP] [PATCH 1/2] clock_nanosleep01: Avoid dereferencing bad pointers in libc on 32bit

[Petr Vorel]

Hi Richie,

> In 32-bit (regardless of kernel bits) glibc and musl will usually
> dereference the timespec pointers and try to read them. In some cases
> this might be avoidable, but they must do it in others.

> Passing invalid pointers is undefined in POSIX. In any case, AFAICT
> libc would have to catch the signal in order to guarantee EFAULT is
> returned.

LGTM.

Reviewed-by: Petr Vorel <pvorel@suse.cz>

> Possibly we shouldn't test things like this at all through libc
> wrappers.
Only for 32bit or also for 64 bit? Anyway, there has always been some cases
where bad addr testing was problematic (e.g. non-intel arch).

Kind regards,
Petr

-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

Re: [LTP] [PATCH 2/2] clock_nanosleep01: Add space to make make-check happy

[Petr Vorel]

Obviously correct.

Reviewed-by: Petr Vorel <pvorel@suse.cz>

Kind regards,
Petr

-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

Re: [LTP] [PATCH 1/2] clock_nanosleep01: Avoid dereferencing bad pointers in libc on 32bit

[Jan Stancek]

[-- Attachment #1.1: Type: text/plain, Size: 942 bytes --]

On Mon, Oct 4, 2021 at 8:07 AM Petr Vorel <pvorel@suse.cz> wrote:

> Hi Richie,
>
> > In 32-bit (regardless of kernel bits) glibc and musl will usually
> > dereference the timespec pointers and try to read them. In some cases
> > this might be avoidable, but they must do it in others.
>
> > Passing invalid pointers is undefined in POSIX. In any case, AFAICT
> > libc would have to catch the signal in order to guarantee EFAULT is
> > returned.
>
> LGTM.
>
> Reviewed-by: Petr Vorel <pvorel@suse.cz>
>
> > Possibly we shouldn't test things like this at all through libc
> > wrappers.
> Only for 32bit or also for 64 bit? Anyway, there has always been some cases
> where bad addr testing was problematic (e.g. non-intel arch).
>

I'd skip it for both, I recall that some implementations
were crashing.

Acked-by: Jan Stancek <jstancek@redhat.com>


>
> Kind regards,
> Petr
>
> --
> Mailing list info: https://lists.linux.it/listinfo/ltp
>
>

[-- Attachment #1.2: Type: text/html, Size: 1928 bytes --]

[-- Attachment #2: Type: text/plain, Size: 60 bytes --]


-- 
Mailing list info: https://lists.linux.it/listinfo/ltp

Re: [LTP] [PATCH 1/2] clock_nanosleep01: Avoid dereferencing bad pointers in libc on 32bit

[Richard Palethorpe]

Hello Jan,

Jan Stancek <jstancek@redhat.com> writes:

> On Mon, Oct 4, 2021 at 8:07 AM Petr Vorel <pvorel@suse.cz> wrote:
>
>  Hi Richie,
>
>  > In 32-bit (regardless of kernel bits) glibc and musl will usually
>  > dereference the timespec pointers and try to read them. In some cases
>  > this might be avoidable, but they must do it in others.
>
>  > Passing invalid pointers is undefined in POSIX. In any case, AFAICT
>  > libc would have to catch the signal in order to guarantee EFAULT is
>  > returned.
>
>  LGTM.
>
>  Reviewed-by: Petr Vorel <pvorel@suse.cz>
>
>  > Possibly we shouldn't test things like this at all through libc
>  > wrappers.
>  Only for 32bit or also for 64 bit? Anyway, there has always been some cases
>  where bad addr testing was problematic (e.g. non-intel arch).
>
> I'd skip it for both, I recall that some implementations
> were crashing.

Yes, there is not much we can do if it fails.

>
> Acked-by: Jan Stancek <jstancek@redhat.com>
>  
>  
>  Kind regards,
>  Petr
>
>  -- 
>  Mailing list info: https://lists.linux.it/listinfo/ltp


-- 
Thank you,
Richard.

-- 
Mailing list info: https://lists.linux.it/listinfo/ltp