lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 31 Jan 2023 10:57:00 -0500
From:   Stefan Berger <stefanb@...ux.ibm.com>
To:     Andrew Donnellan <ajd@...ux.ibm.com>,
        linuxppc-dev@...ts.ozlabs.org, linux-integrity@...r.kernel.org
Cc:     ruscur@...sell.cc, bgray@...ux.ibm.com, nayna@...ux.ibm.com,
        gcwilson@...ux.ibm.com, gjoyce@...ux.ibm.com, brking@...ux.ibm.com,
        sudhakar@...ux.ibm.com, erichte@...ux.ibm.com,
        gregkh@...uxfoundation.org, linux-kernel@...r.kernel.org,
        zohar@...ux.ibm.com, joel@....id.au, npiggin@...il.com
Subject: Re: [PATCH v5 12/25] powerpc/secvar: Warn when PAGE_SIZE is smaller
 than max object size



On 1/31/23 01:39, Andrew Donnellan wrote:
> Due to sysfs constraints, when writing to a variable, we can only handle
> writes of up to PAGE_SIZE.
> 
> It's possible that the maximum object size is larger than PAGE_SIZE, in
> which case, print a warning on boot so that the user is aware.
> 
> Signed-off-by: Andrew Donnellan <ajd@...ux.ibm.com>
> Signed-off-by: Russell Currey <ruscur@...sell.cc>
> 
> ---
> 
> v3: New patch (ajd)
> ---
>   arch/powerpc/kernel/secvar-sysfs.c | 9 +++++++++
>   1 file changed, 9 insertions(+)
> 
> diff --git a/arch/powerpc/kernel/secvar-sysfs.c b/arch/powerpc/kernel/secvar-sysfs.c
> index 2cbc60b37e4e..9b6be63b7b36 100644
> --- a/arch/powerpc/kernel/secvar-sysfs.c
> +++ b/arch/powerpc/kernel/secvar-sysfs.c
> @@ -223,6 +223,7 @@ static int secvar_sysfs_load_static(void)
>   
>   static int secvar_sysfs_init(void)
>   {
> +	u64 max_size;
>   	int rc;
>   
>   	if (!secvar_ops) {
> @@ -272,6 +273,14 @@ static int secvar_sysfs_init(void)
>   		goto err;
>   	}
>   
> +	// Due to sysfs limitations, we will only ever get a write buffer of
> +	// up to 1 page in size. Print a warning if this is potentially going
> +	// to cause problems, so that the user is aware.
> +	secvar_ops->max_size(&max_size);
> +	if (max_size > PAGE_SIZE)
> +		pr_warn_ratelimited("PAGE_SIZE (%lu) is smaller than maximum object size (%llu), writes are limited to PAGE_SIZE\n",
> +				    PAGE_SIZE, max_size);
> +
>   	return 0;
>   err:
>   	kobject_put(secvar_kobj);

Reviewed-by: Stefan Berger <stefanb@...ux.ibm.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ