Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 4 Apr 2018 09:23:05 -0700
From: Kees Cook <>
To: Ulf Hansson <>
Cc: "Tobin C. Harding" <>, "" <>, 
	Linux Kernel Mailing List <>, 
	Kernel Hardening <>, Tycho Andersen <>
Subject: Re: [PATCH] mmc: pwrseq: Use kmalloc_array instead of stack VLA

On Wed, Apr 4, 2018 at 5:45 AM, Ulf Hansson <> wrote:
> On 26 March 2018 at 08:33, Tobin C. Harding <> wrote:
>> The use of stack Variable Length Arrays needs to be avoided, as they
>> can be a vector for stack exhaustion, which can be both a runtime bug
>> (kernel Oops) or a security flaw (overwriting memory beyond the
>> stack). Also, in general, as code evolves it is easy to lose track of
>> how big a VLA can get. Thus, we can end up having runtime failures
>> that are hard to debug. As part of the directive[1] to remove all VLAs
>> from the kernel, and build with -Wvla.
>> Currently driver is using a VLA declared using the number of descriptors.  This
>> array is used to store integer values and is later used as an argument to
>> `gpiod_set_array_value_cansleep()` This can be avoided by using
>> `kmalloc_array()` to allocate memory for the array of integer values.  Memory is
>> free'd before return from function.
>> From the code it appears that it is safe to sleep so we can use GFP_KERNEL
>> (based _cansleep() suffix of function `gpiod_set_array_value_cansleep()`.
>> It can be expected that this patch will result in a small increase in overhead
>> due to the use of `kmalloc_array()`
>> [1]
>> Signed-off-by: Tobin C. Harding <>
> Thanks, queued for 3.18!

Time travel! ;)


Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.