Subject: [folded-merged] test-check-copy_to-from_user-boundary-validation-fix.patch removed from -mm tree
To: keescook@xxxxxxxxxxxx,joe@xxxxxxxxxxx,rusty@xxxxxxxxxxxxxxx,mm-commits@xxxxxxxxxxxxxxx
From: akpm@xxxxxxxxxxxxxxxxxxxx
Date: Thu, 23 Jan 2014 15:23:14 -0800
The patch titled
Subject: test: fix sparse warnings in user_copy tests
has been removed from the -mm tree. Its filename was
test-check-copy_to-from_user-boundary-validation-fix.patch
This patch was dropped because it was folded into test-check-copy_to-from_user-boundary-validation.patch
------------------------------------------------------
From: Kees Cook <keescook@xxxxxxxxxxxx>
Subject: test: fix sparse warnings in user_copy tests
Sparse fix for "test: check copy_to/from_user boundary validation":
To keep sparse happy with the horrible things being done with the user
memory pointers, declare both __user and non-__user cases ahead of time to
avoid needing to do the casts later.
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Cc: Rusty Russell <rusty@xxxxxxxxxxxxxxx>
Cc: Joe Perches <joe@xxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---
lib/test_user_copy.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff -puN lib/test_user_copy.c~test-check-copy_to-from_user-boundary-validation-fix lib/test_user_copy.c
--- a/lib/test_user_copy.c~test-check-copy_to-from_user-boundary-validation-fix
+++ a/lib/test_user_copy.c
@@ -38,6 +38,7 @@ static int __init test_user_copy_init(vo
int ret = 0;
char *kmem;
char __user *usermem;
+ char *bad_usermem;
unsigned long user_addr;
unsigned long value = 0x5A;
@@ -55,6 +56,7 @@ static int __init test_user_copy_init(vo
}
usermem = (char __user *)user_addr;
+ bad_usermem = (char *)user_addr;
/* Legitimate usage: none of these should fail. */
ret |= test(copy_from_user(kmem, usermem, PAGE_SIZE),
@@ -70,13 +72,13 @@ static int __init test_user_copy_init(vo
ret |= test(!copy_from_user(kmem, (char __user *)(kmem + PAGE_SIZE),
PAGE_SIZE),
"illegal all-kernel copy_from_user passed");
- ret |= test(!copy_from_user((char *)usermem, (char __user *)kmem,
+ ret |= test(!copy_from_user(bad_usermem, (char __user *)kmem,
PAGE_SIZE),
"illegal reversed copy_from_user passed");
ret |= test(!copy_to_user((char __user *)kmem, kmem + PAGE_SIZE,
PAGE_SIZE),
"illegal all-kernel copy_to_user passed");
- ret |= test(!copy_to_user((char __user *)kmem, (char *)usermem,
+ ret |= test(!copy_to_user((char __user *)kmem, bad_usermem,
PAGE_SIZE),
"illegal reversed copy_to_user passed");
ret |= test(!get_user(value, (unsigned long __user *)kmem),
_
Patches currently in -mm which might be from keescook@xxxxxxxxxxxx are
origin.patch
test-add-minimal-module-for-verification-testing.patch
test-check-copy_to-from_user-boundary-validation.patch
coredump-set_dumpable-fix-the-theoretical-race-with-itself.patch
coredump-kill-mmf_dumpable-and-mmf_dump_securely.patch
coredump-make-__get_dumpable-get_dumpable-inline-kill-fs-coredumph.patch
exec-check_unsafe_exec-use-while_each_thread-rather-than-next_thread.patch
exec-check_unsafe_exec-kill-the-dead-eagain-and-clear_in_exec-logic.patch
exec-move-the-final-allow_write_access-fput-into-free_bprm.patch
exec-kill-task_struct-did_exec.patch
fs-proc-arrayc-change-do_task_stat-to-use-while_each_thread.patch
kernel-sysc-k_getrusage-can-use-while_each_thread.patch
kernel-signalc-change-do_signal_stop-do_sigaction-to-use-while_each_thread.patch
kexec-add-sysctl-to-disable-kexec_load.patch
--
To unsubscribe from this list: send the line "unsubscribe mm-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
