| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20221118034713.gonna.754-kees@kernel.org>
Date: Thu, 17 Nov 2022 19:51:57 -0800
From: Kees Cook <keescook@...omium.org>
To: Vlastimil Babka <vbabka@...e.cz>
Cc: Kees Cook <keescook@...omium.org>,
Christoph Lameter <cl@...ux.com>,
Pekka Enberg <penberg@...nel.org>,
David Rientjes <rientjes@...gle.com>,
Joonsoo Kim <iamjoonsoo.kim@....com>,
Andrew Morton <akpm@...ux-foundation.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Hyeonggon Yoo <42.hyeyoo@...il.com>,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
linux-hardening@...r.kernel.org
Subject: [PATCH v2 0/2] slab: Provide full coverage for __alloc_size attribute
Hi,
These patches work around a deficiency in GCC (>=11) and Clang (<16)
where the __alloc_size attribute does not apply to inlines. :(
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=96503
This manifests as reduced overflow detection coverage for many allocation
sites under CONFIG_FORTIFY_SOURCE=y, where the allocation size was not
actually being propagated to __builtin_dynamic_object_size(). The problem
was in two halves: the trace wrapper (now fixed in -next), and const-0
special-casing (covered here).
Thanks,
-Kees
v2:
- drop trace wrapper refactoring -- handled differently now (vbabka)
- drop kunit/fortify test patch since it depends on other changes
- rebase
v1: https://lore.kernel.org/all/20221101222520.never.109-kees@kernel.org
Kees Cook (2):
slab: Clean up SLOB vs kmalloc() definition
slab: Remove special-casing of const 0 size allocations
include/linux/slab.h | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
--
2.34.1
Powered by blists - more mailing lists