Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 30 Aug 2019 14:29:58 +1000
From: Dave Chinner <david@...morbit.com>
To: Kees Cook <keescook@...omium.org>
Cc: Jason Yan <yanaijie@...wei.com>, kernel-hardening@...ts.openwall.com,
	linux-fsdevel@...r.kernel.org
Subject: Re: CONFIG_HARDENED_USERCOPY

On Thu, Aug 29, 2019 at 09:15:36AM -0700, Kees Cook wrote:
> On Thu, Aug 29, 2019 at 08:42:30PM +0800, Jason Yan wrote:
> > We found an issue of kernel bug related to HARDENED_USERCOPY.
> > When copying an IO buffer to userspace, HARDENED_USERCOPY thought it is
> > illegal to copy this buffer. Actually this is because this IO buffer was
> > merged from two bio vectors, and the two bio vectors buffer was allocated
> > with kmalloc() in the filesystem layer.
> 
> Ew. I thought the FS layer was always using page_alloc?

No, they don't. It's perfectly legal to use heap memory for bio
buffers - we've been doing it since, at least, XFS got merged all
those years ago.

Cheers,

Dave.
-- 
Dave Chinner
david@...morbit.com

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.