| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180509200223.22451-1-keescook@chromium.org>
Date: Wed, 9 May 2018 13:02:17 -0700
From: Kees Cook <keescook@...omium.org>
To: Matthew Wilcox <mawilcox@...rosoft.com>
Cc: Kees Cook <keescook@...omium.org>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
Matthew Wilcox <willy@...radead.org>,
LKML <linux-kernel@...r.kernel.org>,
Linux-MM <linux-mm@...ck.org>,
Kernel Hardening <kernel-hardening@...ts.openwall.com>
Subject: [PATCH v2 0/6] Provide saturating helpers for allocation
This is a stab at providing three new helpers for allocation size
calculation:
struct_size(), array_size(), and array3_size().
These are implemented on top of Rasmus's overflow checking functions. The
existing allocators are adjusted to use the more efficient overflow
checks as well.
I have left out the 8 tree-wide conversion patches of open-coded
multiplications into the new helpers, as those are largely
unchanged from v1. Everything can be seen here, though:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=kspp/overflow/array_size
The question remains for what to do with the *calloc() and *_array*()
API. They could be entirely removed in favor of using the new helpers:
kcalloc(n, size, gfp) -> kzalloc(array_size(n, size), gfp)
kmalloc_array(n, size, gfp) -> kmalloc(array_size(n, size), gfp)
Changes from v1:
- use explicit overflow helpers instead of array_size() helpers.
- drop early-checks for SIZE_MAX.
- protect devm_kmalloc()-family from addition overflow.
- added missing overflow.h includes.
- fixed 0-day issues in a few treewide manual conversions
-Kees
Powered by blists - more mailing lists