| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200520111324.GA16488@lst.de>
Date: Wed, 20 May 2020 13:13:24 +0200
From: Christoph Hellwig <hch@....de>
To: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Christoph Hellwig <hch@....de>, x86@...nel.org,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>,
linux-parisc@...r.kernel.org, linux-um@...ts.infradead.org,
netdev@...r.kernel.org, bpf@...r.kernel.org, linux-mm@...ck.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 13/20] maccess: always use strict semantics for
probe_kernel_read
On Wed, May 20, 2020 at 08:11:26PM +0900, Masami Hiramatsu wrote:
> > - ret = probe_kernel_read(&c, (u8 *)addr + len, 1);
> > + if (IS_ENABLED(CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE) &&
> > + (unsigned long)addr < TASK_SIZE) {
> > + ret = probe_user_read(&c,
> > + (__force u8 __user *)addr + len, 1);
> > + } else {
> > + ret = probe_kernel_read(&c, (u8 *)addr + len, 1);
> > + }
> > len++;
> > } while (c && ret == 0 && len < MAX_STRING_SIZE);
>
> To avoid redundant check in the loop, we can use strnlen_user_nofault() out of
> the loop. Something like below.
Yes, I've done something very similar in response to Linus' comment (just
using an ifdef instead).
Powered by blists - more mailing lists