+ kasan-slab-fix-conflicts-with-config_hardened_usercopy.patch added to -mm tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

The patch titled
     Subject: kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY
has been added to the -mm tree.  Its filename is
     kasan-slab-fix-conflicts-with-config_hardened_usercopy.patch

This patch should soon appear at
    http://ozlabs.org/~akpm/mmots/broken-out/kasan-slab-fix-conflicts-with-config_hardened_usercopy.patch
and later at
    http://ozlabs.org/~akpm/mmotm/broken-out/kasan-slab-fix-conflicts-with-config_hardened_usercopy.patch

Before you just go and hit "reply", please:
   a) Consider who else should be cc'ed
   b) Prefer to cc a suitable mailing list as well
   c) Ideally: find the original patch on the mailing list and do a
      reply-to-all to that, adding suitable additional cc's

*** Remember to use Documentation/process/submit-checklist.rst when testing your code ***

The -mm tree is included into linux-next and is updated
there every 3-4 working days

------------------------------------------------------
From: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
Subject: kasan, slab: fix conflicts with CONFIG_HARDENED_USERCOPY

Similarly to 96fedce2 ("kasan: make tag based mode work with
CONFIG_HARDENED_USERCOPY"), we need to reset pointer tags in
__check_heap_object() in mm/slab.c before doing any pointer math.

Link: http://lkml.kernel.org/r/9a5c0f958db10e69df5ff9f2b997866b56b7effc.1550602886.git.andreyknvl@xxxxxxxxxx
Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx>
Tested-by: Qian Cai <cai@xxxxxx>
Cc: Alexander Potapenko <glider@xxxxxxxxxx>
Cc: Andrey Ryabinin <aryabinin@xxxxxxxxxxxxx>
Cc: Catalin Marinas <catalin.marinas@xxxxxxx>
Cc: Dmitry Vyukov <dvyukov@xxxxxxxxxx>
Cc: Evgeniy Stepanov <eugenis@xxxxxxxxxx>
Cc: Kostya Serebryany <kcc@xxxxxxxxxx>
Cc: Vincenzo Frascino <vincenzo.frascino@xxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
---


--- a/mm/slab.c~kasan-slab-fix-conflicts-with-config_hardened_usercopy
+++ a/mm/slab.c
@@ -4408,6 +4408,8 @@ void __check_heap_object(const void *ptr
 	unsigned int objnr;
 	unsigned long offset;
 
+	ptr = kasan_reset_tag(ptr);
+
 	/* Find and validate object. */
 	cachep = page->slab_cache;
 	objnr = obj_to_index(cachep, page, (void *)ptr);
_

Patches currently in -mm which might be from andreyknvl@xxxxxxxxxx are

kasan-fix-assigning-tags-twice.patch
kasan-kmemleak-pass-tagged-pointers-to-kmemleak.patch
kmemleak-account-for-tagged-pointers-when-calculating-pointer-range-v2.patch
kasan-slub-move-kasan_poison_slab-hook-before-page_address.patch
kasan-slub-move-kasan_poison_slab-hook-before-page_address-v2.patch
kasan-slub-fix-conflicts-with-config_slab_freelist_hardened.patch
kasan-slub-fix-more-conflicts-with-config_slab_freelist_hardened.patch
kasan-fix-random-seed-generation-for-tag-based-mode.patch
kasan-prevent-tracing-of-tagsc.patch
kasan-slab-fix-conflicts-with-config_hardened_usercopy.patch
kasan-slab-make-freelist-stored-without-tags.patch
kasan-slab-remove-redundant-kasan_slab_alloc-hooks.patch
[Index of Archives]     [Kernel Archive]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]

  Powered by Linux