[PATCH v2 14/18] lib/test_lockup: fix kernel pointer check for separate... | linuxppc-dev

[PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
[PATCH v2 01/18] uaccess: fix integer overflow on access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
[PATCH v2 02/18] uaccess: fix nios2 and microblaze get_user_8() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
RE: [PATCH v2 02/18] uaccess: fix nios2 and microblaze get_user_8() · David Laight <hidden> · 2022-02-16
Re: [PATCH v2 02/18] uaccess: fix nios2 and microblaze get_user_8() · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 02/18] uaccess: fix nios2 and microblaze get_user_8() · Dinh Nguyen <dinguyen@kernel.org> · 2022-02-25
[PATCH v2 03/18] nds32: fix access_ok() checks in get/put_user · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 03/18] nds32: fix access_ok() checks in get/put_user · Christoph Hellwig <hch@lst.de> · 2022-02-18
[PATCH v2 04/18] sparc64: add __{get,put}_kernel_nocheck() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
[PATCH v2 05/18] x86: remove __range_not_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 05/18] x86: remove __range_not_ok() · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 05/18] x86: remove __range_not_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
RE: [PATCH v2 05/18] x86: remove __range_not_ok() · David Laight <hidden> · 2022-02-18
[PATCH v2 07/18] nios2: drop access_ok() check from __put_user() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 07/18] nios2: drop access_ok() check from __put_user() · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 07/18] nios2: drop access_ok() check from __put_user() · Dinh Nguyen <dinguyen@kernel.org> · 2022-02-23
Re: [PATCH v2 07/18] nios2: drop access_ok() check from __put_user() · Arnd Bergmann <arnd@kernel.org> · 2022-02-24
[PATCH v2 06/18] x86: use more conventional access_ok() definition · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 06/18] x86: use more conventional access_ok() definition · Christoph Hellwig <hch@lst.de> · 2022-02-18
[PATCH v2 08/18] uaccess: add generic __{get,put}_kernel_nofault · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 08/18] uaccess: add generic __{get,put}_kernel_nofault · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 08/18] uaccess: add generic __{get,put}_kernel_nofault · Geert Uytterhoeven <geert@linux-m68k.org> · 2022-02-18
[PATCH v2 09/18] mips: use simpler access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Thomas Bogendoerfer <tsbogend@alpha.franken.de> · 2022-02-21
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-21
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Thomas Bogendoerfer <tsbogend@alpha.franken.de> · 2022-02-21
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Thomas Bogendoerfer <tsbogend@alpha.franken.de> · 2022-02-22
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Linus Torvalds <torvalds@linux-foundation.org> · 2022-02-23
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Thomas Bogendoerfer <tsbogend@alpha.franken.de> · 2022-02-23
Re: [PATCH v2 09/18] mips: use simpler access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-23
[PATCH v2 10/18] m68k: fix access_ok for coldfire · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 10/18] m68k: fix access_ok for coldfire · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 10/18] m68k: fix access_ok for coldfire · Geert Uytterhoeven <geert@linux-m68k.org> · 2022-02-18
Re: [PATCH v2 10/18] m68k: fix access_ok for coldfire · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
[PATCH v2 11/18] arm64: simplify access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
[PATCH v2 12/18] uaccess: fix type mismatch warnings from access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 12/18] uaccess: fix type mismatch warnings from access_ok() · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 12/18] uaccess: fix type mismatch warnings from access_ok() · Dinh Nguyen <dinguyen@kernel.org> · 2022-02-25
[PATCH v2 13/18] uaccess: generalize access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Arnd Bergmann <arnd@arndb.de> · 2022-02-17
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Andy Lutomirski <luto@amacapital.net> · 2022-02-17
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
RE: [PATCH v2 13/18] uaccess: generalize access_ok() · David Laight <hidden> · 2022-02-18
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Andy Lutomirski <luto@amacapital.net> · 2022-02-18
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Geert Uytterhoeven <geert@linux-m68k.org> · 2022-02-18
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Stafford Horne <shorne@gmail.com> · 2022-02-24
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Arnd Bergmann <arnd@kernel.org> · 2022-02-24
Re: [PATCH v2 13/18] uaccess: generalize access_ok() · Dinh Nguyen <dinguyen@kernel.org> · 2022-02-25
[PATCH v2 15/18] sparc64: remove CONFIG_SET_FS support · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 15/18] sparc64: remove CONFIG_SET_FS support · Sam Ravnborg <hidden> · 2022-02-16
Re: [PATCH v2 15/18] sparc64: remove CONFIG_SET_FS support · Sam Ravnborg <hidden> · 2022-02-16
Re: [PATCH v2 15/18] sparc64: remove CONFIG_SET_FS support · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
[PATCH v2 14/18] lib/test_lockup: fix kernel pointer check for separate address spaces · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 14/18] lib/test_lockup: fix kernel pointer check for separate address spaces · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 14/18] lib/test_lockup: fix kernel pointer check for separate address spaces · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
[PATCH v2 16/18] sh: remove CONFIG_SET_FS support · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 16/18] sh: remove CONFIG_SET_FS support · Christoph Hellwig <hch@lst.de> · 2022-02-18
[PATCH v2 17/18] ia64: remove CONFIG_SET_FS support · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
[PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Sam Ravnborg <hidden> · 2022-02-16
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Arnd Bergmann <arnd@kernel.org> · 2022-02-16
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Christoph Hellwig <hch@lst.de> · 2022-02-18
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Sergey Matyukevich <geomatsi@gmail.com> · 2022-02-18
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Stafford Horne <shorne@gmail.com> · 2022-02-24
Re: [PATCH v2 18/18] uaccess: drop maining CONFIG_SET_FS users · Dinh Nguyen <dinguyen@kernel.org> · 2022-02-25
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Christophe Leroy <hidden> · 2022-02-17
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Arnd Bergmann <arnd@kernel.org> · 2022-02-17
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Al Viro <viro@zeniv.linux.org.uk> · 2022-02-18
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Arnd Bergmann <arnd@kernel.org> · 2022-02-18
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Al Viro <viro@zeniv.linux.org.uk> · 2022-02-18
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Christophe Leroy <hidden> · 2022-02-18
Re: [PATCH v2 00/18] clean up asm/uaccess.h, kill set_fs for good · Arnd Bergmann <arnd@arndb.de> · 2022-02-17

[PATCH v2 14/18] lib/test_lockup: fix kernel pointer check for separate address spaces

From: Arnd Bergmann <arnd@kernel.org>
Date: 2022-02-16 13:19:30
Also in: linux-alpha, linux-api, linux-arch, linux-m68k, linux-mips, linux-mm, linux-riscv, linux-s390, linux-sh, linux-um, lkml, sparclinux
Subsystem: library code, the rest · Maintainers: Andrew Morton, Linus Torvalds

From: Arnd Bergmann <arnd@arndb.de>

test_kernel_ptr() uses access_ok() to figure out if a given address
points to user space instead of kernel space. However on architectures
that set CONFIG_ALTERNATE_USER_ADDRESS_SPACE, a pointer can be valid
for both, and the check always fails because access_ok() returns true.

Make the check for user space pointers conditional on the type of
address space layout.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
---
 lib/test_lockup.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/lib/test_lockup.c b/lib/test_lockup.c
index 6a0f329a794a..c3fd87d6c2dd 100644
--- a/lib/test_lockup.c
+++ b/lib/test_lockup.c

@@ -417,9 +417,14 @@ static bool test_kernel_ptr(unsigned long addr, int size)
 		return false;
 
 	/* should be at least readable kernel address */
-	if (access_ok((void __user *)ptr, 1) ||
-	    access_ok((void __user *)ptr + size - 1, 1) ||
-	    get_kernel_nofault(buf, ptr) ||
+	if (!IS_ENABLED(CONFIG_ALTERNATE_USER_ADDRESS_SPACE) &&
+	    (access_ok((void __user *)ptr, 1) ||
+	     access_ok((void __user *)ptr + size - 1, 1))) {
+		pr_err("user space ptr invalid in kernel: %#lx\n", addr);
+		return true;
+	}
+
+	if (get_kernel_nofault(buf, ptr) ||
 	    get_kernel_nofault(buf, ptr + size - 1)) {
 		pr_err("invalid kernel ptr: %#lx\n", addr);
 		return true;

-- 
2.29.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help