Hi Catalin, On 3/17/20 2:38 PM, Catalin Marinas wrote: > On Tue, Mar 17, 2020 at 12:22:12PM +0000, Vincenzo Frascino wrote: >> diff --git a/arch/arm64/kernel/vdso32/vgettimeofday.c b/arch/arm64/kernel/vdso32/vgettimeofday.c >> index 54fc1c2ce93f..91138077b073 100644 >> --- a/arch/arm64/kernel/vdso32/vgettimeofday.c >> +++ b/arch/arm64/kernel/vdso32/vgettimeofday.c >> @@ -8,11 +8,14 @@ >> #include <linux/time.h> >> #include <linux/types.h> >> >> +#define VALID_CLOCK_ID(x) \ >> + ((x >= 0) && (x < VDSO_BASES)) >> + >> int __vdso_clock_gettime(clockid_t clock, >> struct old_timespec32 *ts) >> { >> /* The checks below are required for ABI consistency with arm */ >> - if ((u32)ts >= TASK_SIZE_32) >> + if ((u32)ts > UINTPTR_MAX - sizeof(*ts) + 1) >> return -EFAULT; >> >> return __cvdso_clock_gettime32(clock, ts); > > I probably miss something but I can't find the TASK_SIZE check in the > arch/arm/vdso/vgettimeofday.c code. Is this done elsewhere? Can TASK_SIZE > UINTPTR_MAX on an arm64 system? > >> @@ -22,7 +25,7 @@ int __vdso_clock_gettime64(clockid_t clock, >> struct __kernel_timespec *ts) >> { >> /* The checks below are required for ABI consistency with arm */ >> - if ((u32)ts >= TASK_SIZE_32) >> + if ((u32)ts > UINTPTR_MAX - sizeof(*ts) + 1) >> return -EFAULT; >> >> return __cvdso_clock_gettime(clock, ts); >> @@ -38,9 +41,12 @@ int __vdso_clock_getres(clockid_t clock_id, >> struct old_timespec32 *res) >> { >> /* The checks below are required for ABI consistency with arm */ >> - if ((u32)res >= TASK_SIZE_32) >> + if ((u32)res > UINTPTR_MAX - sizeof(res) + 1) >> return -EFAULT; >> >> + if (!VALID_CLOCK_ID(clock_id) && res == NULL) >> + return -EINVAL; > > This last check needs an explanation. If the clock_id is invalid but res > is not NULL, we allow it. I don't see where the compatibility issue is, > arm32 doesn't have such check. > The case that you are describing has to return -EPERM per ABI spec. This case has to return -EINVAL. The first case is taken care from the generic code. But if we don't do this check before on arm64 compat we end up returning the wrong error code. For the non compat case the same is taken care from the syscall fallback [1]. [1] lib/vdso/gettimeofday.c -- Regards, Vincenzo