powerpc/vdso64: Use double word compare on pointers
Michael Ellerman
patch-notifications at ellerman.id.au
Thu Sep 29 23:13:16 AEST 2016
On Sun, 2016-25-09 at 07:16:53 UTC, Anton Blanchard wrote:
> From: Anton Blanchard <anton at samba.org>
>
> __kernel_get_syscall_map and __kernel_clock_getres use cmpli to
> check if the passed in pointer is non zero. cmpli maps to a 32 bit
> compare on binutils, so we ignore the top 32 bits.
>
> A simple test case can be created by passing in a bogus pointer with
> the bottom 32 bits clear. Using a clk_id that is handled by the VDSO,
> then one that is handled by the kernel shows the problem:
>
> printf("%d\n", clock_getres(CLOCK_REALTIME, (void *)0x100000000));
> printf("%d\n", clock_getres(CLOCK_BOOTTIME, (void *)0x100000000));
>
> And we get:
>
> 0
> -1
>
> The bigger issue is if we pass a valid pointer with the bottom 32 bits
> clear, in this case we will return success but won't write any data
> to the pointer.
>
> I stumbled across this issue because the LLVM integrated assembler
> doesn't accept cmpli with 3 arguments. Fix this by converting them to
> cmpldi.
>
> Cc: stable at vger.kernel.org
> Signed-off-by: Anton Blanchard <anton at samba.org>
Applied to powerpc next, thanks.
https://git.kernel.org/powerpc/c/5045ea37377ce8cca6890d32b127ad
cheers
More information about the Linuxppc-dev
mailing list