On Wed, Feb 26, 2020 at 05:07:18PM +1100, Daniel Axtens wrote: > Kees Cook <keescook@xxxxxxxxxxxx> writes: > > > On Fri, Feb 07, 2020 at 03:38:22PM -0500, Daniel Micay wrote: > >> There are some uses of ksize in the kernel making use of the real > >> usable size of memory allocations rather than only the requested > >> amount. It's incorrect when mixed with alloc_size markers, since if a > >> number like 14 is passed that's used as the upper bound, rather than a > >> rounded size like 16 returned by ksize. It's unlikely to trigger any > >> issues with only CONFIG_FORTIFY_SOURCE, but it becomes more likely > >> with -fsanitize=object-size or other library-based usage of > >> __builtin_object_size. > > > > I think the solution here is to use a macro that does the per-bucket > > rounding and applies them to the attributes. Keep the bucket size lists > > in sync will likely need some BUILD_BUG_ON()s or similar. > > I can have a go at this but with various other work projects it has > unfortunately slipped way down the to-do list. So I've very happy for > anyone else to take this and run with it. Sounds good. I've added the above note from Micay to the KSPP bug tracker: https://github.com/KSPP/linux/issues/5 Thanks for bringing this topic back up! -- Kees Cook
