Patch "futex: Remove duplicated code and fix undefined behaviour" has been added to the 4.4-stable tree
This is a note to let you know that I've just added the patch titled
futex: Remove duplicated code and fix undefined behaviour
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
futex-remove-duplicated-code-and-fix-undefined-behaviour.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 30d6e0a4190d37740e9447e4e4815f06992dd8c3 Mon Sep 17 00:00:00 2001
From: Jiri Slaby
Date: Thu, 24 Aug 2017 09:31:05 +0200
Subject: futex: Remove duplicated code and fix undefined behaviour
From: Jiri Slaby
commit 30d6e0a4190d37740e9447e4e4815f06992dd8c3 upstream.
There is code duplicated over all architecture's headers for
futex_atomic_op_inuser. Namely op decoding, access_ok check for uaddr,
and comparison of the result.
Remove this duplication and leave up to the arches only the needed
assembly which is now in arch_futex_atomic_op_inuser.
This effectively distributes the Will Deacon's arm64 fix for undefined
behaviour reported by UBSAN to all architectures. The fix was done in
commit 5f16a046f8e1 (arm64: futex: Fix undefined behaviour with
FUTEX_OP_OPARG_SHIFT usage). Look there for an example dump.
And as suggested by Thomas, check for negative oparg too, because it was
also reported to cause undefined behaviour report.
Note that s390 removed access_ok check in d12a29703 ("s390/uaccess:
remove pointless access_ok() checks") as access_ok there returns true.
We introduce it back to the helper for the sake of simplicity (it gets
optimized away anyway).
Signed-off-by: Jiri Slaby
Signed-off-by: Thomas Gleixner
Acked-by: Russell King
Acked-by: Michael Ellerman (powerpc)
Acked-by: Heiko Carstens [s390]
Acked-by: Chris Metcalf [for tile]
Reviewed-by: Darren Hart (VMware)
Reviewed-by: Will Deacon [core/arm64]
Cc: linux-m...@linux-mips.org
Cc: Rich Felker
Cc: linux-i...@vger.kernel.org
Cc: linux...@vger.kernel.org
Cc: pet...@infradead.org
Cc: Benjamin Herrenschmidt
Cc: Max Filippov
Cc: Paul Mackerras
Cc: sparcli...@vger.kernel.org
Cc: Jonas Bonn
Cc: linux-s...@vger.kernel.org
Cc: linux-a...@vger.kernel.org
Cc: Yoshinori Sato
Cc: linux-hexa...@vger.kernel.org
Cc: Helge Deller
Cc: "James E.J. Bottomley"
Cc: Catalin Marinas
Cc: Matt Turner
Cc: linux-snps-arc@lists.infradead.org
Cc: Fenghua Yu
Cc: Arnd Bergmann
Cc: linux-xte...@linux-xtensa.org
Cc: Stefan Kristiansson
Cc: openr...@lists.librecores.org
Cc: Ivan Kokshaysky
Cc: Stafford Horne
Cc: linux-arm-ker...@lists.infradead.org
Cc: Richard Henderson
Cc: Chris Zankel
Cc: Michal Simek
Cc: Tony Luck
Cc: linux-par...@vger.kernel.org
Cc: Vineet Gupta
Cc: Ralf Baechle
Cc: Richard Kuo
Cc: linux-al...@vger.kernel.org
Cc: Martin Schwidefsky
Cc: linuxppc-...@lists.ozlabs.org
Cc: "David S. Miller"
Link: http://lkml.kernel.org/r/20170824073105.3901-1-jsl...@suse.cz
Cc: Ben Hutchings
Signed-off-by: Greg Kroah-Hartman
---
arch/alpha/include/asm/futex.h | 26 +++---
arch/arc/include/asm/futex.h| 40 +++-
arch/arm/include/asm/futex.h| 26 ++
arch/arm64/include/asm/futex.h | 26 ++
arch/frv/include/asm/futex.h|3 +-
arch/frv/kernel/futex.c | 27 ++-
arch/hexagon/include/asm/futex.h| 38 ++-
arch/ia64/include/asm/futex.h | 25 ++
arch/microblaze/include/asm/futex.h | 38 ++-
arch/mips/include/asm/futex.h | 25 ++
arch/parisc/include/asm/futex.h | 25 ++
arch/powerpc/include/asm/futex.h| 26 +++---
arch/s390/include/asm/futex.h | 23 +++-
arch/sh/include/asm/futex.h | 26 ++
arch/sparc/include/asm/futex_64.h | 26 +++---
arch/tile/include/asm/futex.h | 40 +++-
arch/x86/include/asm/futex.h| 40 +++-
arch/xtensa/include/asm/futex.h | 27 +++
include/asm-generic/futex.h | 50 ++--
kernel/futex.c | 39
20 files changed, 126 insertions(+), 470 deletions(-)
--- a/arch/alpha/include/asm/futex.h
+++ b/arch/alpha/include/asm/futex.h
@@ -29,18 +29,10 @@
: "r" (uaddr), "r"(oparg) \
: "memory")
-static inline int futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr)
+static inline int arch_futex_atomic_op_inuser(int op, int oparg, int *oval,
+ u32 __user *uaddr)
{
- int op = (encoded_op >> 28) & 7;
- int cmp = (encoded_op >> 24) & 15;
- int oparg = (encoded_op << 8) >> 20;
- int cmparg = (encoded_op << 20) >> 20;
Patch "futex: Remove duplicated code and fix undefined behaviour" has been added to the 4.9-stable tree
This is a note to let you know that I've just added the patch titled
futex: Remove duplicated code and fix undefined behaviour
to the 4.9-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
futex-remove-duplicated-code-and-fix-undefined-behaviour.patch
and it can be found in the queue-4.9 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let know about it.
>From 30d6e0a4190d37740e9447e4e4815f06992dd8c3 Mon Sep 17 00:00:00 2001
From: Jiri Slaby
Date: Thu, 24 Aug 2017 09:31:05 +0200
Subject: futex: Remove duplicated code and fix undefined behaviour
From: Jiri Slaby
commit 30d6e0a4190d37740e9447e4e4815f06992dd8c3 upstream.
There is code duplicated over all architecture's headers for
futex_atomic_op_inuser. Namely op decoding, access_ok check for uaddr,
and comparison of the result.
Remove this duplication and leave up to the arches only the needed
assembly which is now in arch_futex_atomic_op_inuser.
This effectively distributes the Will Deacon's arm64 fix for undefined
behaviour reported by UBSAN to all architectures. The fix was done in
commit 5f16a046f8e1 (arm64: futex: Fix undefined behaviour with
FUTEX_OP_OPARG_SHIFT usage). Look there for an example dump.
And as suggested by Thomas, check for negative oparg too, because it was
also reported to cause undefined behaviour report.
Note that s390 removed access_ok check in d12a29703 ("s390/uaccess:
remove pointless access_ok() checks") as access_ok there returns true.
We introduce it back to the helper for the sake of simplicity (it gets
optimized away anyway).
Signed-off-by: Jiri Slaby
Signed-off-by: Thomas Gleixner
Acked-by: Russell King
Acked-by: Michael Ellerman (powerpc)
Acked-by: Heiko Carstens [s390]
Acked-by: Chris Metcalf [for tile]
Reviewed-by: Darren Hart (VMware)
Reviewed-by: Will Deacon [core/arm64]
Cc: linux-m...@linux-mips.org
Cc: Rich Felker
Cc: linux-i...@vger.kernel.org
Cc: linux...@vger.kernel.org
Cc: pet...@infradead.org
Cc: Benjamin Herrenschmidt
Cc: Max Filippov
Cc: Paul Mackerras
Cc: sparcli...@vger.kernel.org
Cc: Jonas Bonn
Cc: linux-s...@vger.kernel.org
Cc: linux-a...@vger.kernel.org
Cc: Yoshinori Sato
Cc: linux-hexa...@vger.kernel.org
Cc: Helge Deller
Cc: "James E.J. Bottomley"
Cc: Catalin Marinas
Cc: Matt Turner
Cc: linux-snps-arc@lists.infradead.org
Cc: Fenghua Yu
Cc: Arnd Bergmann
Cc: linux-xte...@linux-xtensa.org
Cc: Stefan Kristiansson
Cc: openr...@lists.librecores.org
Cc: Ivan Kokshaysky
Cc: Stafford Horne
Cc: linux-arm-ker...@lists.infradead.org
Cc: Richard Henderson
Cc: Chris Zankel
Cc: Michal Simek
Cc: Tony Luck
Cc: linux-par...@vger.kernel.org
Cc: Vineet Gupta
Cc: Ralf Baechle
Cc: Richard Kuo
Cc: linux-al...@vger.kernel.org
Cc: Martin Schwidefsky
Cc: linuxppc-...@lists.ozlabs.org
Cc: "David S. Miller"
Link: http://lkml.kernel.org/r/20170824073105.3901-1-jsl...@suse.cz
Cc: Ben Hutchings
Signed-off-by: Greg Kroah-Hartman
---
arch/alpha/include/asm/futex.h | 26 +++---
arch/arc/include/asm/futex.h| 40 +++-
arch/arm/include/asm/futex.h| 26 ++
arch/arm64/include/asm/futex.h | 27 ++-
arch/frv/include/asm/futex.h|3 +-
arch/frv/kernel/futex.c | 27 ++-
arch/hexagon/include/asm/futex.h| 38 ++-
arch/ia64/include/asm/futex.h | 25 ++
arch/microblaze/include/asm/futex.h | 38 ++-
arch/mips/include/asm/futex.h | 25 ++
arch/parisc/include/asm/futex.h | 26 ++
arch/powerpc/include/asm/futex.h| 26 +++---
arch/s390/include/asm/futex.h | 23 +++-
arch/sh/include/asm/futex.h | 26 ++
arch/sparc/include/asm/futex_64.h | 26 +++---
arch/tile/include/asm/futex.h | 40 +++-
arch/x86/include/asm/futex.h| 40 +++-
arch/xtensa/include/asm/futex.h | 27 +++
include/asm-generic/futex.h | 50 ++--
kernel/futex.c | 39
20 files changed, 126 insertions(+), 472 deletions(-)
--- a/arch/alpha/include/asm/futex.h
+++ b/arch/alpha/include/asm/futex.h
@@ -29,18 +29,10 @@
: "r" (uaddr), "r"(oparg) \
: "memory")
-static inline int futex_atomic_op_inuser (int encoded_op, u32 __user *uaddr)
+static inline int arch_futex_atomic_op_inuser(int op, int oparg, int *oval,
+ u32 __user *uaddr)
{
- int op = (encoded_op >> 28) & 7;
- int cmp = (encoded_op >> 24) & 15;
- int oparg = (encoded_op << 8) >> 20;
- int cmparg = (encoded_op << 20) >> 20;
