| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Dec 2021 19:18:57 +0000
From: William Kucharski <william.kucharski@...cle.com>
To: "Matthew Wilcox (Oracle)" <willy@...radead.org>
CC: Kees Cook <keescook@...omium.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
Thomas Gleixner <tglx@...utronix.de>,
"linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>
Subject: Re: [PATCH v3 0/3] Assorted improvements to usercopy
I like these, but a quick question:
Since the usercopy_abort() calls are all because the offset exceeds the page
size, is there a reason why you don't specifically state that via the detail
parameter rather than just supply a NULL pointer?
Otherwise for the patch series:
Reviewed-by: William Kucharski <william.kucharski@...cle.com>
> On Dec 13, 2021, at 7:27 AM, Matthew Wilcox (Oracle) <willy@...radead.org> wrote:
>
> We must prohibit page boundary crossing for kmap() addresses.
> vmap() addresses are limited by the length of the mapping, and
> compound pages are limited by the size of the page.
>
> These should probably all have test cases?
>
> v3:
> - Remove a now-unused variable
> v2:
> - Prevent a NULL pointer dereference when a vmalloc-range pointer
> doesn't have an associated allocation (me)
> - Report better offsets than "0" (Kees)
>
>
> Matthew Wilcox (Oracle) (3):
> mm/usercopy: Check kmap addresses properly
> mm/usercopy: Detect vmalloc overruns
> mm/usercopy: Detect compound page overruns
>
> arch/x86/include/asm/highmem.h | 1 +
> include/linux/highmem-internal.h | 10 ++++++++
> mm/usercopy.c | 43 +++++++++++++++++++++++---------
> 3 files changed, 42 insertions(+), 12 deletions(-)
>
> --
> 2.33.0
Powered by blists - more mailing lists