Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed,  9 May 2018 13:02:17 -0700
From: Kees Cook <keescook@...omium.org>
To: Matthew Wilcox <mawilcox@...rosoft.com>
Cc: Kees Cook <keescook@...omium.org>,
	Rasmus Villemoes <linux@...musvillemoes.dk>,
	Matthew Wilcox <willy@...radead.org>,
	LKML <linux-kernel@...r.kernel.org>,
	Linux-MM <linux-mm@...ck.org>,
	Kernel Hardening <kernel-hardening@...ts.openwall.com>
Subject: [PATCH v2 0/6] Provide saturating helpers for allocation

This is a stab at providing three new helpers for allocation size
calculation:

struct_size(), array_size(), and array3_size().

These are implemented on top of Rasmus's overflow checking functions. The
existing allocators are adjusted to use the more efficient overflow
checks as well.

I have left out the 8 tree-wide conversion patches of open-coded
multiplications into the new helpers, as those are largely
unchanged from v1. Everything can be seen here, though:
https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/log/?h=kspp/overflow/array_size

The question remains for what to do with the *calloc() and *_array*()
API. They could be entirely removed in favor of using the new helpers:

kcalloc(n, size, gfp)        ->  kzalloc(array_size(n, size), gfp)
kmalloc_array(n, size, gfp)  ->  kmalloc(array_size(n, size), gfp)

Changes from v1:
- use explicit overflow helpers instead of array_size() helpers.
- drop early-checks for SIZE_MAX.
- protect devm_kmalloc()-family from addition overflow.
- added missing overflow.h includes.
- fixed 0-day issues in a few treewide manual conversions

-Kees


Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.