| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGXu5jLQKicH96W_jjvw_J3KTFpVsERQqhJphsq1oQ2t=OJ36Q@mail.gmail.com> Date: Wed, 17 Aug 2016 14:57:47 -0700 From: Kees Cook <keescook@...omium.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Rik van Riel <riel@...hat.com>, kernel test robot <xiaolong.ye@...el.com>, LKP <lkp@...org>, LKML <linux-kernel@...r.kernel.org>, Valdis Kletnieks <valdis.kletnieks@...edu> Subject: Re: [x86/uaccess] 5b710f34e1: kernel BUG at mm/usercopy.c:75! On Wed, Aug 17, 2016 at 2:55 PM, Linus Torvalds <torvalds@...ux-foundation.org> wrote: > On Wed, Aug 17, 2016 at 2:50 PM, Kees Cook <keescook@...omium.org> wrote: >> On Wed, Aug 17, 2016 at 2:45 PM, Linus Torvalds >>> >>> Networking does, but seems to use __GFP_COMP, at least in the one case >>> I checked (skbuff). >> >> Was this allocation really through kmalloc? > > The networking one I looked at, no. But they do __GFP_COMP. > > The task struct allocation generally is (alloc_task_struct_node()), > but as Rik pointed out, SLOB doesn't actually necessarily do the slab > book-keeping for multi-page allocations. Perhaps I can just ifdef the multi-page checks with CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR. That way a SLOB build still has basic bounds checking (which was my intention with that config), and non-SLOB builds still get multi-page checking. -Kees -- Kees Cook Nexus Security
Powered by blists - more mailing lists