lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 18 Oct 2017 07:21:05 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Arnd Bergmann <arnd@...db.de>
Cc:     Jessica Yu <jeyu@...nel.org>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Re: [RESEND][PATCH 0/3] module: Do not paper over type mismatches in module_param_call()

On Wed, Oct 18, 2017 at 3:12 AM, Arnd Bergmann <arnd@...db.de> wrote:
> On Wed, Oct 18, 2017 at 4:04 AM, Kees Cook <keescook@...omium.org> wrote:
>> (re-sending to Jessica's @korg address...)
>>
>> The module_param_call() macro was explicitly casting the .set and .get
>> function prototypes away with (void *). This can lead to hard-to-find
>> type mismatches. Additionally, it creates problems for static checkers
>> and Control Flow Itegrity compiler features, which depend on clustering
>> function call sites based on prototype signature.
>>
>> This removes the casts and fixes all the incorrect prototypes tree-wide.
>
> I've applied the patch to my randconfig test setup, will let you know if I find
> any regressions today.
>
> I did notice that patch 2 has a conflict against the ipmi driver, I had to
> manuall port that one part. Splitting up patch 2 would help there, but
> complicates other things.

Yeah, it was a small enough treewide change on code that normally
doesn't change much, so I figured it could stand as a regular patch.

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ