lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 25 Feb 2022 16:01:57 -0800
From:   Andrew Morton <>
To:     Kees Cook <>
Cc:     Matthew Wilcox <>,
        Josh Poimboeuf <>,,
        Muhammad Usama Anjum <>,
        David Laight <David.Laight@...LAB.COM>,,
Subject: Re: [PATCH v3] usercopy: Check valid lifetime via stack depth

On Fri, 25 Feb 2022 09:33:45 -0800 Kees Cook <> wrote:

> Under CONFIG_HARDENED_USERCOPY=y, when exact stack frame boundary checking
> is not available (i.e. everything except x86 with FRAME_POINTER), check
> a stack object as being at least "current depth valid", in the sense
> that any object within the stack region but not between start-of-stack
> and current_stack_pointer should be considered unavailable (i.e. its
> lifetime is from a call no longer present on the stack).
> Introduce ARCH_HAS_CURRENT_STACK_POINTER to track which architectures
> have actually implemented the common global register alias.
> Additionally report usercopy bounds checking failures with an offset
> from current_stack_pointer, which may assist with diagnosing failures.
> (once slightly adjusted in a separate patch) will pass again with
> this fixed.

Again, what does this actually do?

> Reported-by: Muhammad Usama Anjum <>

A link to that report would shed some light.  But actually describing
the user-visible impact right there in the changelog is preferable.

It sounds like a selftest is newly failing, which makes it a
userspace-visible regression, perhaps?

If so, do we have a Fixes: and is a cc:stable warranted?

Powered by blists - more mailing lists