Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Backport v2.7-branch] backport #65546: userspace: Additional checks in K_SYSCALL_MEMORY #69637

Merged
merged 3 commits into from
Mar 1, 2024
Merged

[Backport v2.7-branch] backport #65546: userspace: Additional checks in K_SYSCALL_MEMORY #69637

merged 3 commits into from
Mar 1, 2024

Conversation

ceolin
Copy link
Member

@ceolin ceolin commented Feb 29, 2024
edited by cfriedt

Backport of #65546 for v2.7-branch.

Fixes #66775

peter-mitsis and others added 3 commits February 29, 2024 23:20
@peter-mitsis @ceolin
include: util: Add Z_DETECT_POINTER_OVERFLOW()
0637668 
The Z_DETECT_POINTER_OVERFLOW() macro is intended detect whether
or not a buffer spans a region of memory that goes beyond the
highest possible address (thereby overflowing the pointer).

Signed-off-by: Peter Mitsis <peter.mitsis@intel.com>
@ceolin
userspace: Additional checks in K_SYSCALL_MEMORY
0fb4a72 
This macros needed additional checks before invoking
arch_buffer_validate.

- size can not be less then 0. Some functions invoke this macro
  using signed type which will be promote to unsigned when invoking
  arch_buffer_validate. We need to do an early check.
- We need to check for possible overflow, since a malicious user
  application could use a negative number that would be promoted
  to a big value that would cause a integer overflow when adding it
  to the buffer address, leading to invalid checks.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
@ceolin
syscall: Fix static analysis compalins
de8af88 
Since K_SYSCALL_MEMORY can be called with signed/unsigned size types, if
we check if size >= 0, static anlysis will complain about it when
size in unsigned.

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
@github-actions github-actions bot added the area: API Changes to public APIs label Feb 29, 2024
@ceolin ceolin requested a review from cfriedt February 29, 2024 23:34
@ceolin ceolin linked an issue Feb 29, 2024 that may be closed by this pull request
[Backport v2.7-branch] Failed to backport #65546 #69151
Closed
@cfriedt cfriedt changed the title [Backport v2.7-branch] backport #65546 [Backport v2.7-branch] backport #65546: userspace: Additional checks in K_SYSCALL_MEMORY Feb 29, 2024
d3zd3z
d3zd3z approved these changes Mar 1, 2024
View reviewed changes
include/sys/util.h Show resolved Hide resolved
@cfriedt
Copy link
Member

cfriedt commented Mar 1, 2024

Assuming that the doc build failure is unrelated.

@cfriedt cfriedt merged commit e9fcfa1 into zephyrproject-rtos:v2.7-branch Mar 1, 2024
23 of 24 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@d3zd3z d3zd3z d3zd3z approved these changes

@cfriedt cfriedt cfriedt approved these changes

@nashif nashif Awaiting requested review from nashif nashif is a code owner

@carlescufi carlescufi Awaiting requested review from carlescufi carlescufi is a code owner

@galak galak Awaiting requested review from galak galak is a code owner

@MaureenHelm MaureenHelm Awaiting requested review from MaureenHelm MaureenHelm is a code owner

Assignees
No one assigned
Labels
area: API Changes to public APIs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Backport v2.7-branch] Failed to backport #65546
4 participants
@ceolin @cfriedt @d3zd3z @peter-mitsis