Re: [PATCH v3 1/2] linux-user: rt_sigprocmask, check read perms first
Le 26/01/2022 à 22:25, Patrick Venture a écrit : From: Shu-Chun Weng Linux kernel does it this way (checks read permission before validating `how`) and the latest version of ABSL's `AddressIsReadable()` depends on this behavior. c.f. https://github.com/torvalds/linux/blob/9539ba4308ad5bdca6cb41c7b73cbb9f796dcdd7/kernel/signal.c#L3147 Reviewed-by: Patrick Venture Signed-off-by: Shu-Chun Weng Reviewed-by: Laurent Vivier Signed-off-by: Patrick Venture --- linux-user/syscall.c | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 5950222a77..34bd819e38 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -9508,6 +9508,13 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, } if (arg2) { +p = lock_user(VERIFY_READ, arg2, sizeof(target_sigset_t), 1); +if (!p) { +return -TARGET_EFAULT; +} +target_to_host_sigset(, p); +unlock_user(p, arg2, 0); +set_ptr = switch(how) { case TARGET_SIG_BLOCK: how = SIG_BLOCK; @@ -9521,11 +9528,6 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, default: return -TARGET_EINVAL; } -if (!(p = lock_user(VERIFY_READ, arg2, sizeof(target_sigset_t), 1))) -return -TARGET_EFAULT; -target_to_host_sigset(, p); -unlock_user(p, arg2, 0); -set_ptr = } else { how = 0; set_ptr = NULL; Applied to my linux-user-for-7.0 branch. Thanks, Laurent
[PATCH v3 1/2] linux-user: rt_sigprocmask, check read perms first
From: Shu-Chun Weng Linux kernel does it this way (checks read permission before validating `how`) and the latest version of ABSL's `AddressIsReadable()` depends on this behavior. c.f. https://github.com/torvalds/linux/blob/9539ba4308ad5bdca6cb41c7b73cbb9f796dcdd7/kernel/signal.c#L3147 Reviewed-by: Patrick Venture Signed-off-by: Shu-Chun Weng Reviewed-by: Laurent Vivier Signed-off-by: Patrick Venture --- linux-user/syscall.c | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 5950222a77..34bd819e38 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -9508,6 +9508,13 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, } if (arg2) { +p = lock_user(VERIFY_READ, arg2, sizeof(target_sigset_t), 1); +if (!p) { +return -TARGET_EFAULT; +} +target_to_host_sigset(, p); +unlock_user(p, arg2, 0); +set_ptr = switch(how) { case TARGET_SIG_BLOCK: how = SIG_BLOCK; @@ -9521,11 +9528,6 @@ static abi_long do_syscall1(void *cpu_env, int num, abi_long arg1, default: return -TARGET_EINVAL; } -if (!(p = lock_user(VERIFY_READ, arg2, sizeof(target_sigset_t), 1))) -return -TARGET_EFAULT; -target_to_host_sigset(, p); -unlock_user(p, arg2, 0); -set_ptr = } else { how = 0; set_ptr = NULL; -- 2.35.0.rc0.227.g00780c9af4-goog