lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Apr 2019 16:11:58 -0700 From: Eric Biggers <ebiggers@...nel.org> To: Kees Cook <keescook@...omium.org> Cc: Geert Uytterhoeven <geert@...ux-m68k.org>, Herbert Xu <herbert@...dor.apana.org.au>, linux-security-module <linux-security-module@...r.kernel.org>, Linux ARM <linux-arm-kernel@...ts.infradead.org>, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, Laura Abbott <labbott@...hat.com>, Rik van Riel <riel@...riel.com> Subject: Re: crypto: Kernel memory overwrite attempt detected to spans multiple pages On Wed, Apr 10, 2019 at 02:57:46PM -0700, Kees Cook wrote: > On Wed, Apr 10, 2019 at 12:07 PM Eric Biggers <ebiggers@...nel.org> wrote: > > That didn't answer my question. My question is what is the purpose of this? If > > there was actual buffer overflow when __GFP_COMP isn't specified that would make > > perfect sense, but AFAICS there isn't. So why does hardened usercopy consider > > it broken when __GFP_COMP isn't specified? > > The goal of CONFIG_HARDENED_USERCOPY_PAGESPAN was to detect copies > across page boundaries in memory allocated by the page allocator. > There appear to be enough cases of allocations that span pages but do > not mark them with __GFP_COMP, so this logic hasn't proven useful in > the real world (which is why no one should use the ..._PAGESPAN config > in production). I'd like to get the kernel to the point where hardened > usercopy can correctly do these checks (right now it's mainly only > useful at checking for overflows in slub and slab), but it'll take > time/focus for a while. No one has had time yet to track all of these > down and fix them. (I defer to Laura and Rik on the design of the > pagespan checks; they did the bulk of the work there.) > > Does that help explain it, or am I still missing your question? > > -- > Kees Cook You've explained *what* it does again, but not *why*. *Why* do you want hardened usercopy to detect copies across page boundaries, when there is no actual buffer overflow? - Eric
Powered by blists - more mailing lists