| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Feb 2022 15:45:18 -0800
From: Andrew Morton <akpm@...ux-foundation.org>
To: Kees Cook <keescook@...omium.org>
Cc: llvm@...ts.linux.dev, Marco Elver <elver@...gle.com>,
Pekka Enberg <penberg@...nel.org>,
David Rientjes <rientjes@...gle.com>,
Joonsoo Kim <iamjoonsoo.kim@....com>,
Vlastimil Babka <vbabka@...e.cz>, linux-mm@...ck.org,
stable@...r.kernel.org,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"Rafael J. Wysocki" <rafael@...nel.org>,
Christoph Lameter <cl@...ux.com>,
Nathan Chancellor <nathan@...nel.org>,
Nick Desaulniers <ndesaulniers@...gle.com>,
Daniel Micay <danielmicay@...il.com>,
linux-kernel@...r.kernel.org, linux-hardening@...r.kernel.org
Subject: Re: [PATCH] mm: Handle ksize() vs __alloc_size by forgetting size
On Fri, 25 Feb 2022 14:16:25 -0800 Kees Cook <keescook@...omium.org> wrote:
> If ksize() is used on an allocation, the compiler cannot make any
> assumptions about its size any more (as hinted by __alloc_size). Force
> it to forget.
>
> One caller was using a container_of() construction that needed to be
> worked around.
Please, when fixing something do fully explain what that thing is. I,
for one, simply cannot understand why this change is being proposed.
Especially when proposing a -stable backport! Tell readers what was
the end-user impact of the bug.
> Link: https://github.com/ClangBuiltLinux/linux/issues/1599
Even that didn't tell me. Is it just a clang warning? Does the kernel
post your private keys on reddit then scribble all over your disk
drive? I dunno.
Powered by blists - more mailing lists