From patchwork Sun Dec 29 17:22:27 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Greg Kroah-Hartman X-Patchwork-Id: 182553 Delivered-To: patch@linaro.org Received: by 2002:a92:815a:0:0:0:0:0 with SMTP id e87csp5459211ild; Sun, 29 Dec 2019 09:45:14 -0800 (PST) X-Google-Smtp-Source: APXvYqzbcF9iMFvEpzE9m82Tdav2kZTRlgWqnjS2lQRp6bV6bP56npt1lowgHPN8nAgsg/xsVinu X-Received: by 2002:a9d:ed5:: with SMTP id 79mr70409722otj.72.1577641514123; Sun, 29 Dec 2019 09:45:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1577641514; cv=none; d=google.com; s=arc-20160816; b=AwmfAa9m8ylwNrPNBsC/+sQTesZZ3EkXln8MmWS3HKJaY5Xz9LS0/47j1QVgCk3e9a hS3ScJuioxFbOdMIL/ALLG7XGn5WUcqH6bFkaXwLhqiSEdif0QT0Z7Il2pHnJkHCVZ3t 3fLsxneLUwTzp3KPNdmBWxbxbpDmA9PF5J48dY8yNxjtmSTe/txbDnivhKZb/Et48CyF xtvsxmV1fwFx3poBYY+D1GNQEYjOGNSzuvu5hex/XfNEq8ryDcorgGfrDrJV48Bud2xt eYxG6RPGzy7O289+NnQehCmCLj5KI/WtH/NbbULuXea1spII3tvqIEoFWaQIcNmK9NYA rKRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=qVFm7Njw+DtIWdbl9hrRldto+Oumtpr3c8sSsQCOANA=; b=BeVW/GSz6EnAhSWzfNunfqNIQZGOv0I5pSU0hh4WWK4/yOv8S4TuADszz3PeIai3Ip ZnNdDrjJ0IEsNcL6AwJAVHjUx/DIQdfYRwUZZL9vIhbDOFuds0zQqFxk+BhFESic+lj5 c7/Gk/F1WG5YDYoF3vppkZmr/RxVkv53W+LCkP5r1X3qk7LqLTfjy1aGuDFFMzGq2M/5 WcF5CytAl/5N+v6/TcSa8N3yoew1DycsuAU4kEuK+V2szgbCcfV4b4YTsc52ROQL1US8 j13S3Rl3Ga5qHDknRtRFGWvxFxKoc98VuC7S28G5QQcIHoKHCMP7Ot/1VRU/PSNgxLNJ obAA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="GI/Dqzph"; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p5si22018137oto.116.2019.12.29.09.45.13; Sun, 29 Dec 2019 09:45:14 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b="GI/Dqzph"; spf=pass (google.com: best guess record for domain of stable-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=stable-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730852AbfL2RpN (ORCPT + 14 others); Sun, 29 Dec 2019 12:45:13 -0500 Received: from mail.kernel.org ([198.145.29.99]:53950 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730844AbfL2RpJ (ORCPT ); Sun, 29 Dec 2019 12:45:09 -0500 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 8223B207FD; Sun, 29 Dec 2019 17:45:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1577641509; bh=qwBSQ4mPR8y2C+OqTwzQ7Ingo8tM8DD5G2X5Hxi3gfA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=GI/DqzphNPPWoBwdi3YBsNdL0tGpnmb8YPAmSs6nUhCOYRTnEkYfJ87coLozde1Zt akF2QsfXvE8o1kLA9/kEkyJnbAqpLhmXn576euzIMNtdnW8y25bjEh8j+OVZcYfL19 Rtfl5QfIsmi4qnEm6CK2lHJiBIfC5fzxN8bt5nx8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Arnd Bergmann , Borislav Petkov , Kees Cook , "H. Peter Anvin" , Bill Metzenthen , Ingo Molnar , Thomas Gleixner , x86-ml , Sasha Levin Subject: [PATCH 5.4 094/434] x86/math-emu: Check __copy_from_user() result Date: Sun, 29 Dec 2019 18:22:27 +0100 Message-Id: <20191229172707.810344347@linuxfoundation.org> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20191229172702.393141737@linuxfoundation.org> References: <20191229172702.393141737@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Sender: stable-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Arnd Bergmann [ Upstream commit e6b44ce1925a8329a937c57f0d60ba0d9bb5d226 ] The new __must_check annotation on __copy_from_user() successfully identified some code that has lacked the check since at least linux-2.1.73: arch/x86/math-emu/reg_ld_str.c:88:2: error: ignoring return value of \ function declared with 'warn_unused_result' attribute [-Werror,-Wunused-result]         __copy_from_user(sti_ptr, s, 10);         ^~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~ arch/x86/math-emu/reg_ld_str.c:1129:2: error: ignoring return value of \ function declared with 'warn_unused_result' attribute [-Werror,-Wunused-result]         __copy_from_user(register_base + offset, s, other);         ^~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ arch/x86/math-emu/reg_ld_str.c:1131:3: error: ignoring return value of \ function declared with 'warn_unused_result' attribute [-Werror,-Wunused-result]                 __copy_from_user(register_base, s + other, offset);                 ^~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In addition, the get_user()/put_user() helpers do not enforce a return value check, but actually still require one. These have been missing for even longer. Change the internal wrappers around get_user()/put_user() to force a signal and add a corresponding wrapper around __copy_from_user() to check all such cases. [ bp: Break long lines. ] Fixes: 257e458057e5 ("Import 2.1.73") Fixes: 9dd819a15162 ("uaccess: add missing __must_check attributes") Signed-off-by: Arnd Bergmann Signed-off-by: Borislav Petkov Reviewed-by: Kees Cook Cc: "H. Peter Anvin" Cc: Bill Metzenthen Cc: Ingo Molnar Cc: Thomas Gleixner Cc: x86-ml Link: https://lkml.kernel.org/r/20191001142344.1274185-1-arnd@arndb.de Signed-off-by: Sasha Levin --- arch/x86/math-emu/fpu_system.h | 6 ++++-- arch/x86/math-emu/reg_ld_str.c | 6 +++--- 2 files changed, 7 insertions(+), 5 deletions(-) -- 2.20.1 diff --git a/arch/x86/math-emu/fpu_system.h b/arch/x86/math-emu/fpu_system.h index f98a0c956764..9b41391867dc 100644 --- a/arch/x86/math-emu/fpu_system.h +++ b/arch/x86/math-emu/fpu_system.h @@ -107,6 +107,8 @@ static inline bool seg_writable(struct desc_struct *d) #define FPU_access_ok(y,z) if ( !access_ok(y,z) ) \ math_abort(FPU_info,SIGSEGV) #define FPU_abort math_abort(FPU_info, SIGSEGV) +#define FPU_copy_from_user(to, from, n) \ + do { if (copy_from_user(to, from, n)) FPU_abort; } while (0) #undef FPU_IGNORE_CODE_SEGV #ifdef FPU_IGNORE_CODE_SEGV @@ -122,7 +124,7 @@ static inline bool seg_writable(struct desc_struct *d) #define FPU_code_access_ok(z) FPU_access_ok((void __user *)FPU_EIP,z) #endif -#define FPU_get_user(x,y) get_user((x),(y)) -#define FPU_put_user(x,y) put_user((x),(y)) +#define FPU_get_user(x,y) do { if (get_user((x),(y))) FPU_abort; } while (0) +#define FPU_put_user(x,y) do { if (put_user((x),(y))) FPU_abort; } while (0) #endif diff --git a/arch/x86/math-emu/reg_ld_str.c b/arch/x86/math-emu/reg_ld_str.c index f3779743d15e..fe6246ff9887 100644 --- a/arch/x86/math-emu/reg_ld_str.c +++ b/arch/x86/math-emu/reg_ld_str.c @@ -85,7 +85,7 @@ int FPU_load_extended(long double __user *s, int stnr) RE_ENTRANT_CHECK_OFF; FPU_access_ok(s, 10); - __copy_from_user(sti_ptr, s, 10); + FPU_copy_from_user(sti_ptr, s, 10); RE_ENTRANT_CHECK_ON; return FPU_tagof(sti_ptr); @@ -1126,9 +1126,9 @@ void frstor(fpu_addr_modes addr_modes, u_char __user *data_address) /* Copy all registers in stack order. */ RE_ENTRANT_CHECK_OFF; FPU_access_ok(s, 80); - __copy_from_user(register_base + offset, s, other); + FPU_copy_from_user(register_base + offset, s, other); if (offset) - __copy_from_user(register_base, s + other, offset); + FPU_copy_from_user(register_base, s + other, offset); RE_ENTRANT_CHECK_ON; for (i = 0; i < 8; i++) {