Merge #434

434: Let sys_rand write to uninitialized memory r=mkroening a=mkroening Co-authored-by: Martin Kröning <mkroening@posteo.net>

Merge #434
2e5d7b15 · bors[bot] · GitHub · 4d2216aa · b5a68c8d · 2e5d7b15
Unverified Commit 2e5d7b15 authored 3 years ago by bors[bot] Committed by GitHub 3 years ago
--- a/src/arch/x86_64/kernel/switch.rs
+++ b/src/arch/x86_64/kernel/switch.rs
@@ -154,7 +154,7 @@ pub unsafe extern "C" fn switch_to_fpu_owner(_old_stack: *mut usize, _new_stack:
 macro_rules! kernel_function_impl {
 	($kernel_function:ident($($arg:ident: $A:ident),*) { $($operands:tt)* }) => {
 		/// Executes `f` on the kernel stack.
-		pub fn $kernel_function<R, $($A),*>(f: extern "C" fn($($A),*) -> R, $($arg: $A),*) -> R {
+		pub fn $kernel_function<R, $($A),*>(f: unsafe extern "C" fn($($A),*) -> R, $($arg: $A),*) -> R {
 			unsafe {
 				assert!(mem::size_of::<R>() <= mem::size_of::<usize>());


--- a/src/syscalls/random.rs
+++ b/src/syscalls/random.rs
@@ -11,13 +11,19 @@ fn generate_park_miller_lehmer_random_number() -> u32 {
 	random
 }

-extern "C" fn __sys_rand32(value: &mut u32) -> i32 {
-	*value = try_sys!(arch::processor::generate_random_number32().ok_or("sys_rand32 failed"));
+unsafe extern "C" fn __sys_rand32(value: *mut u32) -> i32 {
+	let rand = try_sys!(arch::processor::generate_random_number32().ok_or("sys_rand32 failed"));
+	unsafe {
+		value.write(rand);
+	}
 	0
 }

-extern "C" fn __sys_rand64(value: &mut u64) -> i32 {
-	*value = try_sys!(arch::processor::generate_random_number64().ok_or("sys_rand64 failed"));
+unsafe extern "C" fn __sys_rand64(value: *mut u64) -> i32 {
+	let rand = try_sys!(arch::processor::generate_random_number64().ok_or("sys_rand64 failed"));
+	unsafe {
+		value.write(rand);
+	}
 	0
 }

@@ -30,7 +36,7 @@ extern "C" fn __sys_rand() -> u32 {
 /// the function returns `None`.
 #[cfg(not(feature = "newlib"))]
 #[no_mangle]
-pub extern "C" fn sys_secure_rand32(value: &mut u32) -> i32 {
+pub unsafe extern "C" fn sys_secure_rand32(value: *mut u32) -> i32 {
 	kernel_function!(__sys_rand32(value))
 }

@@ -39,7 +45,7 @@ pub extern "C" fn sys_secure_rand32(value: &mut u32) -> i32 {
 /// the function returns `None`.
 #[cfg(not(feature = "newlib"))]
 #[no_mangle]
-pub extern "C" fn sys_secure_rand64(value: &mut u64) -> i32 {
+pub unsafe extern "C" fn sys_secure_rand64(value: *mut u64) -> i32 {
 	kernel_function!(__sys_rand64(value))
 }