Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 18 Nov 2016 09:55:08 -0800
From: Kees Cook <>
To: Christoph Lameter <>
Cc: Michael Ellerman <>, Andrew Morton <>, 
	Pekka Enberg <>, David Rientjes <>, 
	Joonsoo Kim <>, Linux-MM <>, 
	LKML <>, 
	"" <>

On Fri, Nov 18, 2016 at 9:47 AM, Christoph Lameter <> wrote:
> On Thu, 17 Nov 2016, Michael Ellerman wrote:
>> Currently ZERO_OR_NULL_PTR() uses a trick of doing a single check that
>> x <= ZERO_SIZE_PTR, and ignoring the fact that it also matches 1-15.
> Well yes that was done so we do not add too many branches all over the
> kernel.....

There are actually very few callers of this macro. (Though it's
possible they're executed frequently.)

>> That no longer really works once we add the poison delta, so split it
>> into two checks. Assign x to a temporary to avoid evaluating it
>> twice (suggested by Kees Cook).
> And now you are doing just that.

In this case, what about the original < ZERO_SIZE_PTR check Michael
suggested? At least the one use in usercopy.c needs to be fixed, but
otherwise, it should be fine?


Kees Cook
Nexus Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.