From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-il1-x142.google.com (mail-il1-x142.google.com [IPv6:2607:f8b0:4864:20::142]) by sourceware.org (Postfix) with ESMTPS id 6800C383E835 for ; Thu, 16 Jul 2020 12:47:06 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 6800C383E835 Received: by mail-il1-x142.google.com with SMTP id e18so4908597ilr.7 for ; Thu, 16 Jul 2020 05:47:06 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=4kXrGCo/7oPpPgLKGAFuRg13RQKynMWSWYnIJScLUNM=; b=lJoTcnh41n61cXXxFRh+xircrlm+mztVU0eZGXwuHx/ZSXAge9Sy3er17ZjgdksL2S FsB8BpD+cjgVjrk1ogvVUrIePSN1Cj49QoTljVFNDuXHbw/uVvQPd4Sp3bNVR6Qp34aK /ek6l1fXYTr8R130K2ZKsJuAW0ZcdBpsOerkhVN9a+LQdnDpmgbw1CPW4ozjwwHfathB UVr/s9RltklRNt93xkfAwyLozDHwZKDcuSSlh1knMajmFirQBWYOHyywDjes3sJh/kN3 uIsocNLZuvzGhW+i/e4hN1hj+ofBqaGuBO/bvoEKVbDDb9uoe91F+kVpNAme/2481AqB wvvw== X-Gm-Message-State: AOAM533DUvXGIEWbXJBw1rGGViuCOYfYswMuILMwfq1FcXEup3+qfE3N d7uSRXHdr2L21gP3yxSolCirFnMa1hcBsTqrvB0= X-Google-Smtp-Source: ABdhPJxfLNrD3Lntt5Q7+BPg/LNNbCMrGiV9N1GQ18egL6uyOWEUa6qHHpNdt+XSBSNSoI6JOUcGd2X7B8O/dP3aCro= X-Received: by 2002:a92:874a:: with SMTP id d10mr4479229ilm.273.1594903625873; Thu, 16 Jul 2020 05:47:05 -0700 (PDT) MIME-Version: 1.0 References: <20200716112651.2257283-1-hjl.tools@gmail.com> <87o8ofy8e7.fsf@oldenburg2.str.redhat.com> In-Reply-To: <87o8ofy8e7.fsf@oldenburg2.str.redhat.com> From: "H.J. Lu" Date: Thu, 16 Jul 2020 05:46:30 -0700 Message-ID: Subject: [PATCH] nptl: Zero-extend arguments to SETXID syscalls [BZ #26248] To: Florian Weimer Cc: "H.J. Lu via Libc-alpha" Content-Type: multipart/mixed; boundary="00000000000012727205aa8e7003" X-Spam-Status: No, score=-9.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Jul 2020 12:47:08 -0000 --00000000000012727205aa8e7003 Content-Type: text/plain; charset="UTF-8" On Thu, Jul 16, 2020 at 5:03 AM Florian Weimer wrote: > > * H. J. Lu via Libc-alpha: > > > nptl has > > > > /* Opcodes and data types for communication with the signal handler to > > change user/group IDs. */ > > struct xid_command > > { > > int syscall_no; > > long int id[3]; > > volatile int cntr; > > volatile int error; > > }; > > > > /* This must be last, otherwise the current thread might not have > > permissions to send SIGSETXID syscall to the other threads. */ > > result = INTERNAL_SYSCALL_NCS (cmdp->syscall_no, 3, > > cmdp->id[0], cmdp->id[1], cmdp->id[2]); > > > > But the second argument of setgroups syscal is a pointer: > > > > int setgroups(size_t size, const gid_t *list); > > > > But on x32, pointers passed to syscall must have pointer type so that they > > will be zero-extended. > > > > Add to define INTERNAL_SETXID_SYSCALL_NCS and use it, > > instead of INTERNAL_SYSCALL_NCS, for SETXID syscalls. X32 override it > > with pointer type for setgroups. A testcase is added and setgroups > > returned with EFAULT when running as root without the fix. > > Isn't it sufficient to change the type of id to unsigned long int[3]? > The UID arguments are unsigned on the kernel side, so no sign extension > is required. > It works. Here is the updated patch. OK for master? Thanks. -- H.J. --00000000000012727205aa8e7003 Content-Type: text/x-patch; charset="US-ASCII"; name="0001-nptl-Zero-extend-arguments-to-SETXID-syscalls-BZ-262.patch" Content-Disposition: attachment; filename="0001-nptl-Zero-extend-arguments-to-SETXID-syscalls-BZ-262.patch" Content-Transfer-Encoding: base64 Content-ID: X-Attachment-Id: f_kcosdv490 RnJvbSAyYWY5ZTU2YzIzMDZkYzlkODBhNDQ3NmZhNWIxNTRhMjZhOTM1NTU3IE1vbiBTZXAgMTcg MDA6MDA6MDAgMjAwMQpGcm9tOiAiSC5KLiBMdSIgPGhqbC50b29sc0BnbWFpbC5jb20+CkRhdGU6 IFRodSwgMTYgSnVsIDIwMjAgMDM6Mzc6MTAgLTA3MDAKU3ViamVjdDogW1BBVENIXSBucHRsOiBa ZXJvLWV4dGVuZCBhcmd1bWVudHMgdG8gU0VUWElEIHN5c2NhbGxzIFtCWiAjMjYyNDhdCgpucHRs IGhhcwoKLyogT3Bjb2RlcyBhbmQgZGF0YSB0eXBlcyBmb3IgY29tbXVuaWNhdGlvbiB3aXRoIHRo ZSBzaWduYWwgaGFuZGxlciB0bwogICBjaGFuZ2UgdXNlci9ncm91cCBJRHMuICAqLwpzdHJ1Y3Qg eGlkX2NvbW1hbmQKewogIGludCBzeXNjYWxsX25vOwogIGxvbmcgaW50IGlkWzNdOwogIHZvbGF0 aWxlIGludCBjbnRyOwogIHZvbGF0aWxlIGludCBlcnJvcjsKfTsKCiAvKiBUaGlzIG11c3QgYmUg bGFzdCwgb3RoZXJ3aXNlIHRoZSBjdXJyZW50IHRocmVhZCBtaWdodCBub3QgaGF2ZQogICAgIHBl cm1pc3Npb25zIHRvIHNlbmQgU0lHU0VUWElEIHN5c2NhbGwgdG8gdGhlIG90aGVyIHRocmVhZHMu ICAqLwogIHJlc3VsdCA9IElOVEVSTkFMX1NZU0NBTExfTkNTIChjbWRwLT5zeXNjYWxsX25vLCAz LAogICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjbWRwLT5pZFswXSwgY21kcC0+aWRb MV0sIGNtZHAtPmlkWzJdKTsKCkJ1dCB0aGUgc2Vjb25kIGFyZ3VtZW50IG9mIHNldGdyb3VwcyBz eXNjYWwgaXMgYSBwb2ludGVyOgoKICAgICAgIGludCBzZXRncm91cHMoc2l6ZV90IHNpemUsIGNv bnN0IGdpZF90ICpsaXN0KTsKCkJ1dCBvbiB4MzIsIHBvaW50ZXJzIHBhc3NlZCB0byBzeXNjYWxs IG11c3QgaGF2ZSBwb2ludGVyIHR5cGUgc28gdGhhdCB0aGV5CndpbGwgYmUgemVyby1leHRlbmRl ZC4gIFNpbmNlIHRoZSBYSUQgYXJndW1lbnRzIGFyZSB1bnNpZ25lZCBvbiB0aGUga2VybmVsCnNp ZGUsIHNvIG5vIHNpZ24gZXh0ZW5zaW9uIGlzIHJlcXVpcmVkLiAgQ2hhbmdlIHhpZF9jb21tYW5k IHRvCgpzdHJ1Y3QgeGlkX2NvbW1hbmQKewogIGludCBzeXNjYWxsX25vOwogIHVuc2lnbmVkIGxv bmcgaW50IGlkWzNdOwogIHZvbGF0aWxlIGludCBjbnRyOwogIHZvbGF0aWxlIGludCBlcnJvcjsK fTsKCnNvIHRoYXQgYWxsIGFyZ3VtZW50cyB6ZXJvLWV4dGVuZGVkLiAgQSB0ZXN0Y2FzZSBpcyBh ZGRlZCBmb3IgeDMyIGFuZApzZXRncm91cHMgcmV0dXJuZWQgd2l0aCBFRkFVTFQgd2hlbiBydW5u aW5nIGFzIHJvb3Qgd2l0aG91dCB0aGUgZml4LgotLS0KIG5wdGwvZGVzY3IuaCAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICB8ICA4ICsrLQogc3lzZGVwcy91bml4L3N5c3YvbGludXgv eDg2XzY0L3gzMi9NYWtlZmlsZSAgIHwgIDQgKysKIC4uLi9zeXN2L2xpbnV4L3g4Nl82NC94MzIv dHN0LXNldGdyb3Vwcy5jICAgICB8IDY3ICsrKysrKysrKysrKysrKysrKysKIDMgZmlsZXMgY2hh bmdlZCwgNzggaW5zZXJ0aW9ucygrKSwgMSBkZWxldGlvbigtKQogY3JlYXRlIG1vZGUgMTAwNjQ0 IHN5c2RlcHMvdW5peC9zeXN2L2xpbnV4L3g4Nl82NC94MzIvdHN0LXNldGdyb3Vwcy5jCgpkaWZm IC0tZ2l0IGEvbnB0bC9kZXNjci5oIGIvbnB0bC9kZXNjci5oCmluZGV4IDZhNTA5YjY3MjUuLmU5 OGZlNDA4NGQgMTAwNjQ0Ci0tLSBhL25wdGwvZGVzY3IuaAorKysgYi9ucHRsL2Rlc2NyLmgKQEAg LTk1LDcgKzk1LDEzIEBAIHN0cnVjdCBwdGhyZWFkX3Vud2luZF9idWYKIHN0cnVjdCB4aWRfY29t bWFuZAogewogICBpbnQgc3lzY2FsbF9ubzsKLSAgbG9uZyBpbnQgaWRbM107CisgIC8qIEVuZm9y Y2UgemVyby1leHRlbnNpb24gZm9yIHRoZSBwb2ludGVyIGFyZ3VtZW50IGluCisKKyAgICAgaW50 IHNldGdyb3VwcyhzaXplX3Qgc2l6ZSwgY29uc3QgZ2lkX3QgKmxpc3QpOworCisgICAgIFNpbmNl IHRoZSBYSUQgYXJndW1lbnRzIGFyZSB1bnNpZ25lZCBvbiB0aGUga2VybmVsIHNpZGUsIHNvIG5v IHNpZ24KKyAgICAgZXh0ZW5zaW9uIGlzIHJlcXVpcmVkLiAgKi8KKyAgdW5zaWduZWQgbG9uZyBp bnQgaWRbM107CiAgIHZvbGF0aWxlIGludCBjbnRyOwogICB2b2xhdGlsZSBpbnQgZXJyb3I7IC8q IC0xOiBubyBjYWxsIHlldCwgMDogc3VjY2VzcyBzZWVuLCA+MDogZXJyb3Igc2Vlbi4gICovCiB9 OwpkaWZmIC0tZ2l0IGEvc3lzZGVwcy91bml4L3N5c3YvbGludXgveDg2XzY0L3gzMi9NYWtlZmls ZSBiL3N5c2RlcHMvdW5peC9zeXN2L2xpbnV4L3g4Nl82NC94MzIvTWFrZWZpbGUKaW5kZXggMTZi NzY4ZDhiYS4uMWE2Yzk4NGY5NiAxMDA2NDQKLS0tIGEvc3lzZGVwcy91bml4L3N5c3YvbGludXgv eDg2XzY0L3gzMi9NYWtlZmlsZQorKysgYi9zeXNkZXBzL3VuaXgvc3lzdi9saW51eC94ODZfNjQv eDMyL01ha2VmaWxlCkBAIC01LDYgKzUsMTAgQEAgaWZlcSAoJChzdWJkaXIpLG1pc2MpCiBzeXNk ZXBfcm91dGluZXMgKz0gYXJjaF9wcmN0bAogZW5kaWYKIAoraWZlcSAoJChzdWJkaXIpLG5wdGwp Cit4dGVzdHMgKz0gdHN0LXNldGdyb3VwcworZW5kaWYKKwogaWZlcSAoJChzdWJkaXIpLGNvbmZv cm0pCiAjIEZvciBidWdzIDE2NDM3IGFuZCAyMTI3OS4KIGNvbmZvcm10ZXN0LXhmYWlsLWNvbmRz ICs9IHg4Nl82NC14MzItbGludXgKZGlmZiAtLWdpdCBhL3N5c2RlcHMvdW5peC9zeXN2L2xpbnV4 L3g4Nl82NC94MzIvdHN0LXNldGdyb3Vwcy5jIGIvc3lzZGVwcy91bml4L3N5c3YvbGludXgveDg2 XzY0L3gzMi90c3Qtc2V0Z3JvdXBzLmMKbmV3IGZpbGUgbW9kZSAxMDA2NDQKaW5kZXggMDAwMDAw MDAwMC4uOTg5NTQ0MzI3OAotLS0gL2Rldi9udWxsCisrKyBiL3N5c2RlcHMvdW5peC9zeXN2L2xp bnV4L3g4Nl82NC94MzIvdHN0LXNldGdyb3Vwcy5jCkBAIC0wLDAgKzEsNjcgQEAKKy8qIEJhc2lj IHRlc3QgZm9yIHNldGdyb3VwcworICAgQ29weXJpZ2h0IChDKSAyMDIwIEZyZWUgU29mdHdhcmUg Rm91bmRhdGlvbiwgSW5jLgorICAgVGhpcyBmaWxlIGlzIHBhcnQgb2YgdGhlIEdOVSBDIExpYnJh cnkuCisKKyAgIFRoZSBHTlUgQyBMaWJyYXJ5IGlzIGZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVk aXN0cmlidXRlIGl0IGFuZC9vcgorICAgbW9kaWZ5IGl0IHVuZGVyIHRoZSB0ZXJtcyBvZiB0aGUg R05VIExlc3NlciBHZW5lcmFsIFB1YmxpYworICAgTGljZW5zZSBhcyBwdWJsaXNoZWQgYnkgdGhl IEZyZWUgU29mdHdhcmUgRm91bmRhdGlvbjsgZWl0aGVyCisgICB2ZXJzaW9uIDIuMSBvZiB0aGUg TGljZW5zZSwgb3IgKGF0IHlvdXIgb3B0aW9uKSBhbnkgbGF0ZXIgdmVyc2lvbi4KKworICAgVGhl IEdOVSBDIExpYnJhcnkgaXMgZGlzdHJpYnV0ZWQgaW4gdGhlIGhvcGUgdGhhdCBpdCB3aWxsIGJl IHVzZWZ1bCwKKyAgIGJ1dCBXSVRIT1VUIEFOWSBXQVJSQU5UWTsgd2l0aG91dCBldmVuIHRoZSBp bXBsaWVkIHdhcnJhbnR5IG9mCisgICBNRVJDSEFOVEFCSUxJVFkgb3IgRklUTkVTUyBGT1IgQSBQ QVJUSUNVTEFSIFBVUlBPU0UuICBTZWUgdGhlIEdOVQorICAgTGVzc2VyIEdlbmVyYWwgUHVibGlj IExpY2Vuc2UgZm9yIG1vcmUgZGV0YWlscy4KKworICAgWW91IHNob3VsZCBoYXZlIHJlY2VpdmVk IGEgY29weSBvZiB0aGUgR05VIExlc3NlciBHZW5lcmFsIFB1YmxpYworICAgTGljZW5zZSBhbG9u ZyB3aXRoIHRoZSBHTlUgQyBMaWJyYXJ5OyBpZiBub3QsIHNlZQorICAgPGh0dHBzOi8vd3d3Lmdu dS5vcmcvbGljZW5zZXMvPi4gICovCisKKyNpbmNsdWRlIDxzdGRsaWIuaD4KKyNpbmNsdWRlIDxs aW1pdHMuaD4KKyNpbmNsdWRlIDxncnAuaD4KKyNpbmNsdWRlIDxlcnJuby5oPgorI2luY2x1ZGUg PGVycm9yLmg+CisjaW5jbHVkZSA8c3VwcG9ydC94dGhyZWFkLmg+CisjaW5jbHVkZSA8c3VwcG9y dC9zdXBwb3J0Lmg+CisjaW5jbHVkZSA8c3VwcG9ydC90ZXN0LWRyaXZlci5oPgorI2luY2x1ZGUg PHN1cHBvcnQveHVuaXN0ZC5oPgorCitzdGF0aWMgdm9pZCAqCitzdGFydF9yb3V0aW5lICh2b2lk ICphcmdzKQoreworICByZXR1cm4gTlVMTDsKK30KKworc3RhdGljIGludAorZG9fdGVzdCAodm9p ZCkKK3sKKyAgaW50IHNpemU7CisgIC8qIE5COiBTdGFjayBhZGRyZXNzIGlzIGF0IDB4ZmZmWFhY WFguICAqLworICBnaWRfdCBsaXN0W05HUk9VUFNfTUFYXTsKKyAgaW50IHN0YXR1cyA9IEVYSVRf U1VDQ0VTUzsKKworICBwdGhyZWFkX3QgdGhyZWFkID0geHB0aHJlYWRfY3JlYXRlIChOVUxMLCBz dGFydF9yb3V0aW5lLCBOVUxMKTsKKworICBzaXplID0gZ2V0Z3JvdXBzIChzaXplb2YgKGxpc3Qp IC8gc2l6ZW9mIChsaXN0WzBdKSwgbGlzdCk7CisgIGlmIChzaXplIDwgMCkKKyAgICB7CisgICAg ICBzdGF0dXMgPSBFWElUX0ZBSUxVUkU7CisgICAgICBlcnJvciAoMCwgZXJybm8sICJnZXRncm91 cHMgZmFpbGVkIik7CisgICAgfQorICBpZiAoc2V0Z3JvdXBzIChzaXplLCBsaXN0KSA8IDApCisg ICAgeworICAgICAgaWYgKGVycm5vID09IEVQRVJNKQorCXN0YXR1cyA9IEVYSVRfVU5TVVBQT1JU RUQ7CisgICAgICBlbHNlCisJeworCSAgc3RhdHVzID0gRVhJVF9GQUlMVVJFOworCSAgZXJyb3Ig KDAsIGVycm5vLCAic2V0Z3JvdXBzIGZhaWxlZCIpOworCX0KKyAgICB9CisKKyAgeHB0aHJlYWRf am9pbiAodGhyZWFkKTsKKworICByZXR1cm4gc3RhdHVzOworfQorCisjaW5jbHVkZSA8c3VwcG9y dC90ZXN0LWRyaXZlci5jPgotLSAKMi4yNi4yCgo= --00000000000012727205aa8e7003--