Re: [PATCH] Fix Warnining in arch/x86/kernel/signal.c
From: Hiroshi Shimamoto
Date: Wed May 13 2009 - 20:34:18 EST
H. Peter Anvin wrote:
Ingo Molnar wrote:
if (!access_ok(VERIFY_READ, frame, sizeof(*frame)))
goto badframe;
- if (__get_user(set.sig[0], &frame->sc.oldmask) || (_NSIG_WORDS > 1
- && __copy_from_user(&set.sig[1], &frame->extramask,
- sizeof(frame->extramask))))
+
+ if ( (__copy_from_user(&set.sig[1], &frame->extramask,
+ sizeof(frame->extramask)) && _NSIG_WORDS > 1) ||
+ __get_user(set.sig[0], &frame->sc.oldmask))
goto badframe;
I'm not sure why this eliminates that warning.
set.sig[0] may not be initialized too, if __copy_from_user() failed.
True, but only when either or both of __copy_from_user() and
(_NSIG_WORDS > 1) fails. But in all instances set.sig[1] gets
initialized.
I don't have enough time to look at this right now, sorry.
Another question, __copy_from_user() will be called even if
_NSIG_WORDS is less than 2, perhaps it never occurs.
I think, to check _NSIG_WORDS > 1 before calling __copy_from_user()
is better.
Fine. Let Ingo/Thomas/Peter decide whether they would like this fix or
drop it.
If you get the Acked-by from Hiroshi-san it looks good to me. He
modified this code last.
This seriously looks wrong to me. If _NSIG_WORDS == 1, then calling
__copy_from_user here is a serious error.
Right. If _NSIG_WORDS is 1, sigset_t set has only sig[0], writing to
set.sig[1] means stack corruption.
Subrata, could you try like this?
if ((_NSIG_WORDS > 1 && __copy_from_user(&set.sig[1], ...) ||
__get_user(set.sig[0], ...))
I wonder whether gcc really complains about the case of
__get_user(set.sig[0], ...) failure.
Why, the case which sig[0] initialized and sig[1] uninitialized is NG
and the case which sig[0] uninitialized and sig[1] initialized is OK.
Thanks,
Hiroshi
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/