lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu, 29 Feb 2024 22:42:13 -0800
From: Kees Cook <keescook@...omium.org>
To: linux-kernel@...r.kernel.org,
	kovalev@...linux.org
Cc: Kees Cook <keescook@...omium.org>,
	gregkh@...uxfoundation.org,
	bryantan@...are.com,
	vdasa@...are.com,
	pv-drivers@...are.com,
	arnd@...db.de,
	harshit.m.mogalapalli@...cle.com,
	nickel@...linux.org,
	oficerovas@...linux.org,
	dutyrok@...linux.org
Subject: Re: [PATCH] VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()

On Mon, 19 Feb 2024 13:53:15 +0300, kovalev@...linux.org wrote:
> The changes are similar to those given in the commit 19b070fefd0d
> ("VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()").
> 
> Fix filling of the msg and msg_payload in dg_info struct, which prevents a
> possible "detected field-spanning write" of memcpy warning that is issued
> by the tracking mechanism __fortify_memcpy_chk.
> 
> [...]

Since I ended up carrying the other fix, I can carry this one too. :)

Applied to for-next/hardening, thanks!

[1/1] VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler()
      https://git.kernel.org/kees/c/1ce15647a1aa

Take care,

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ