From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Andrew Jeffery <andrew@aj.id.au>,
Zev Weiss <zev@bewilderbeest.net>, Arnd Bergmann <arnd@arndb.de>,
Russell King <rmk+kernel@armlinux.org.uk>,
Sasha Levin <sashal@kernel.org>,
linux@armlinux.org.uk, anshuman.khandual@arm.com,
linux-arm-kernel@lists.infradead.org
Subject: [PATCH AUTOSEL 6.2 01/25] ARM: 9290/1: uaccess: Fix KASAN false-positives
Date: Fri, 31 Mar 2023 21:40:59 -0400 [thread overview]
Message-ID: <20230401014126.3356410-1-sashal@kernel.org> (raw)
From: Andrew Jeffery <andrew@aj.id.au>
[ Upstream commit ceac10c83b330680cc01ceaaab86cd49f4f30d81 ]
__copy_to_user_memcpy() and __clear_user_memset() had been calling
memcpy() and memset() respectively, leading to false-positive KASAN
reports when starting userspace:
[ 10.707901] Run /init as init process
[ 10.731892] process '/bin/busybox' started with executable stack
[ 10.745234] ==================================================================
[ 10.745796] BUG: KASAN: user-memory-access in __clear_user_memset+0x258/0x3ac
[ 10.747260] Write of size 2687 at addr 000de581 by task init/1
Use __memcpy() and __memset() instead to allow userspace access, which
is of course the intent of these functions.
Signed-off-by: Andrew Jeffery <andrew@aj.id.au>
Signed-off-by: Zev Weiss <zev@bewilderbeest.net>
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
arch/arm/lib/uaccess_with_memcpy.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/arm/lib/uaccess_with_memcpy.c b/arch/arm/lib/uaccess_with_memcpy.c
index 14eecaaf295fa..e4c2677cc1e9e 100644
--- a/arch/arm/lib/uaccess_with_memcpy.c
+++ b/arch/arm/lib/uaccess_with_memcpy.c
@@ -116,7 +116,7 @@ __copy_to_user_memcpy(void __user *to, const void *from, unsigned long n)
tocopy = n;
ua_flags = uaccess_save_and_enable();
- memcpy((void *)to, from, tocopy);
+ __memcpy((void *)to, from, tocopy);
uaccess_restore(ua_flags);
to += tocopy;
from += tocopy;
@@ -178,7 +178,7 @@ __clear_user_memset(void __user *addr, unsigned long n)
tocopy = n;
ua_flags = uaccess_save_and_enable();
- memset((void *)addr, 0, tocopy);
+ __memset((void *)addr, 0, tocopy);
uaccess_restore(ua_flags);
addr += tocopy;
n -= tocopy;
--
2.39.2
next reply other threads:[~2023-04-01 1:41 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-01 1:40 Sasha Levin [this message]
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 02/25] ARM: dts: qcom: apq8026-lg-lenok: add missing reserved memory Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 03/25] arm64: dts: qcom: sa8540p-ride: correct name of remoteproc_nsp0 firmware Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 04/25] power: supply: rk817: Fix unsigned comparison with less than zero Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 05/25] power: supply: cros_usbpd: reclassify "default case!" as debug Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 06/25] power: supply: axp288_fuel_gauge: Added check for negative values Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 07/25] selftests/bpf: Fix progs/find_vma_fail1.c build error Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 08/25] wifi: mwifiex: mark OF related data as maybe unused Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 09/25] i2c: imx-lpi2c: clean rx/tx buffers upon new message Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 10/25] i2c: hisi: Avoid redundant interrupts Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 11/25] efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 12/25] block: ublk_drv: mark device as LIVE before adding disk Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 13/25] ACPI: video: Add backlight=native DMI quirk for Acer Aspire 3830TG Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 14/25] drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 15/25] hwmon: (peci/cputemp) Fix miscalculated DTS for SKX Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 16/25] hwmon: (xgene) Fix ioremap and memremap leak Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 17/25] verify_pefile: relax wrapper length check Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 18/25] asymmetric_keys: log on fatal failures in PE/pkcs7 Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 19/25] nvme: send Identify with CNS 06h only to I/O controllers Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 20/25] wifi: iwlwifi: mvm: fix mvmtxq->stopped handling Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 21/25] wifi: iwlwifi: mvm: protect TXQ list manipulation Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 22/25] drm/amdgpu: add mes resume when do gfx post soft reset Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 23/25] drm/amdgpu: Force signal hw_fences that are embedded in non-sched jobs Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 24/25] drm/amdgpu/gfx: set cg flags to enter/exit safe mode Sasha Levin
2023-04-01 1:41 ` [PATCH AUTOSEL 6.2 25/25] ACPI: resource: Add Medion S17413 to IRQ override quirk Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230401014126.3356410-1-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=andrew@aj.id.au \
--cc=anshuman.khandual@arm.com \
--cc=arnd@arndb.de \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=rmk+kernel@armlinux.org.uk \
--cc=stable@vger.kernel.org \
--cc=zev@bewilderbeest.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).