| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <202112131246.4BBFBA69A@keescook>
Date: Mon, 13 Dec 2021 12:47:58 -0800
From: Kees Cook <keescook@...omium.org>
To: Matthew Wilcox <willy@...radead.org>
Cc: William Kucharski <william.kucharski@...cle.com>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
Thomas Gleixner <tglx@...utronix.de>,
"linux-hardening@...r.kernel.org" <linux-hardening@...r.kernel.org>
Subject: Re: [PATCH v3 0/3] Assorted improvements to usercopy
On Mon, Dec 13, 2021 at 08:27:42PM +0000, Matthew Wilcox wrote:
> On Mon, Dec 13, 2021 at 07:18:57PM +0000, William Kucharski wrote:
> > I like these, but a quick question:
> >
> > Since the usercopy_abort() calls are all because the offset exceeds the page
> > size, is there a reason why you don't specifically state that via the detail
> > parameter rather than just supply a NULL pointer?
>
> Hmm ... I'd defer to Kees on this, because I'm not familiar with
> usercopy_abort() usage, but the only places which use the detail
> parameter today are slab/slub, which use it to pass the name of
> the slab. I think the user is supposed to infer that we overran the
> end of the page based on the offset & length values.
I agree that leaving it NULL is best here. The "detail" is really about
adding more information about which thing it was, which for slab makes
sense, but most other stuff there isn't really anything to quickly
distinguish one from another (i.e. vmap is all vmap).
--
Kees Cook
Powered by blists - more mailing lists