| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Oct 2022 21:12:57 +0800
From: Kefeng Wang <wangkefeng.wang@...wei.com>
To: Jane Chu <jane.chu@...cle.com>, <pmladek@...e.com>,
<rostedt@...dmis.org>, <senozhatsky@...omium.org>,
<andriy.shevchenko@...ux.intel.com>, <linux@...musvillemoes.dk>,
<linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>
CC: <konrad.wilk@...cle.com>, <haakon.bugge@...cle.com>,
<john.haxby@...cle.com>
Subject: Re: [PATCH v3 0/1] vsprintf: check non-canonical pointer by
kern_addr_valid()
On 2022/10/20 3:34, Jane Chu wrote:
> Changes since v2 [1]:
> - revised commit comment for clarification;
> - cc linux-mm for expert's review on the kern_addr_valid() usage as suggested by Petr;
but this won't fix issue on archs which don't have correct
kern_addr_valid(), right?
could we call copy_from_kernel_nofault() when it could works well, and
skip it on early boot?
other options, call some functions in include/asm-generic/sections.h or
include/linux/kallsyms.h?
> - cc Kefeng Wang in light of his recent patch [2]
>
> [1]: https://lore.kernel.org/lkml/288a7aba-c647-b51f-bdb3-99a62449dbb3@oracle.com/T/
> [2]: https://lore.kernel.org/lkml/20221018074014.185687-1-wangkefeng.wang@huawei.com/
>
> Jane Chu (1):
> vsprintf: protect kernel from panic due to non-canonical pointer
> dereference
>
> lib/vsprintf.c | 3 +++
> 1 file changed, 3 insertions(+)
>
Powered by blists - more mailing lists