lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 24 Oct 2022 20:03:34 +0200
From:   "Vlastimil Babka (SUSE)" <>
To:     Kees Cook <>,
        Andrew Morton <>
Subject: Re: [PATCH] mempool: Use kmalloc_size_roundup() to match ksize()

On 10/19/22 07:37, Kees Cook wrote:
> On Tue, Oct 18, 2022 at 03:51:37PM -0700, Andrew Morton wrote:
>> On Tue, 18 Oct 2022 02:03:29 -0700 Kees Cook <> wrote:
>> > Round up allocations with kmalloc_size_roundup() so that mempool's use
>> > of ksize() is always accurate and no special handling of the memory is
>> Confused.  If the special handling is not needed, why doesn't the patch
>> removed the no longer needed special handling?
> The special handling is in the ksize() implementation, so it can't be
> removed[1] until all the ksize()-affected users are updated to see their
> true allocation sizes first.
> [1]

But in the previous version I was wondering if we can just stop doing
ksize()-like poison handling in mempool completely, if no mempool consumers
call ksize() to expand their use of the allocated objects. You seemed to
agree but this version is uncahnged?

Powered by blists - more mailing lists