| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <csfegppvkhnl33x37335dsxdxmlzn7jairgsucxl5rdo3d6yzi@2z3nfgtcy7eg>
Date: Mon, 10 Mar 2025 15:25:16 +0100
From: Joel Granados <joel.granados@...nel.org>
To: Wen Yang <wen.yang@...ux.dev>
Cc: "Eric W. Biederman" <ebiederm@...ssion.com>,
Luis Chamberlain <mcgrof@...nel.org>, Kees Cook <keescook@...omium.org>,
Christian Brauner <brauner@...nel.org>, Dave Young <dyoung@...hat.com>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v5] sysctl: simplify the min/max boundary check
On Thu, Mar 06, 2025 at 09:33:39PM +0800, Wen Yang wrote:
>
>
> On 2025/3/3 17:26, Joel Granados wrote:
> > On Thu, Jan 30, 2025 at 10:32:14PM +0800, Wen Yang wrote:
> > >
> > >
> > > On 2025/1/28 01:51, Eric W. Biederman wrote:
> > > > Joel Granados <joel.granados@...nel.org> writes:
> > > >
> > > > > On Thu, Jan 23, 2025 at 12:30:25PM -0600, Eric W. Biederman wrote:
> > > > > > "Eric W. Biederman" <ebiederm@...ssion.com> writes:
> > > > > >
> > > > > > > Joel Granados <joel.granados@...nel.org> writes:
> > > > > > >
> > > > > > > > On Sun, Jan 19, 2025 at 10:59:21PM +0800, Wen Yang wrote:
> > ...
...
> > Quick question: Do you have a systemic way of identifying these? Do you
> > have a grep or awk scripts somewhere? I'm actually very interested in
> > finding out what is the impact of this.
> >
>
> Thanks, we may use the following simple scripts:
>
> - the extra {1,2} as pointers to some objects:
> $ grep "\.extra1\|\.extra2" * -R | grep -v "SYSCTL_" | grep -v "\&"
This is actually pretty nice. Thx for that. I executed it a bit
differently:
$ git grep "\.extra1\|\.extra2" | grep -v "SYSCTL_" | grep -v "&"
I also went and did something way more complicated :). I created an
smatch check [1] and ran it on a allyes config. This gave me all of your
results except the openat2 selftests. This might be something to
consider for when this is finished to add a check so that ppl don't just
add an int or a long to a extra
Best
[1]: https://github.com/Joelgranados/smatch/tree/jag/extra_ptr
>
> - the extra {1,2} as pointers to elements in the shared constant array:
> $ grep "\.extra1\|\.extra2" * -R | grep "SYSCTL_"
>
> - the extra {1,2} as pointers to additional constant variables:
> $ grep "\.extra1\|\.extra2" * -R | grep "\&"
>
>
> --
> Best wishes,
> Wen
>
>
> >
> >
> > >
> > >
> > > So could we modify it in this way to make it compatible with these two
> > > situations:
> > >
> > > @@ -137,8 +137,16 @@ struct ctl_table {
> > > umode_t mode;
> > > proc_handler *proc_handler; /* Callback for text formatting */
> > > struct ctl_table_poll *poll;
> > > - void *extra1;
> > > - void *extra2;
> > > + union {
> > > + struct {
> > > + void *extra1;
> > > + void *extra2;
> > > + };
> > > + struct {
> > > + unsigned long min;
> > > + unsigned long max;
> > > + };
> > > + };
> > > } __randomize_layout;
> > >
> > >
> > > --
> > > Best wishes,
> > > Wen
> > >
> >
--
Joel Granados
Powered by blists - more mailing lists