| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 18 May 2020 10:19:45 +0930
From: "Andrew Jeffery" <andrew@...id.au>
To: "Kees Cook" <keescook@...omium.org>
Cc: linux-arm-kernel@...ts.infradead.org,
"Russell King" <linux@...linux.org.uk>, mhiramat@...nel.org,
labbott@...hat.com, mathieu.desnoyers@...icios.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] ARM: kprobes: Avoid fortify_panic() when copying optprobe template
On Mon, 18 May 2020, at 07:18, Kees Cook wrote:
> On Mon, May 18, 2020 at 01:09:59AM +0930, Andrew Jeffery wrote:
> > As mentioned, a couple of attempts have been made to address the issue
> > by casting a pointer to optprobe_template_entry before providing it to
> > memcpy(), however gccs such as Ubuntu 20.04's arm-linux-gnueabi-gcc
> > 9.3.0 (Ubuntu 9.3.0-10ubuntu1) see through these efforts.
>
> Ah, dang. :P
>
> How about converting them all to unsized arrays, which would also allow
> the code to drop the "&" everywhere, I think. This is untested:
Looks better than my hack. Took it for a spin under qemu and it works for me.
Reviewed-by: Andrew Jeffery <andrew@...id.au>
Tested-by: Andrew Jeffery <andrew@...id.au>
Thanks Kees!
Andrew
Powered by blists - more mailing lists