[PATCH 0/9] Series to make copy_from_user to a stack slot provable right
- From: Arjan van de Ven <arjan@xxxxxxxxxxxxx>
- Date: Sat, 26 Sep 2009 20:49:51 +0200
[PATCH 0/9] Series to make copy_from_user to a stack slot provable right
This series contains a series of patches that, when applied, make every
copy_from_user() in a make allyesconfig to a (direct) stack slot
provable-by-gcc to have a correct size.
This is useful because if we fix all of these, we can make the non-provable
case an error, as an indication of a possible security hole.
Now the series has 4 types of patches
1) changes where the original code really was missing checks
2) changes where the checks were coded so complex and games were played with
types, that I (and the compiler) couldn't be sure if it was correct or
not
3) changes where we're hitting a small gcc missing optimization, but where
a simplification of the code allows gcc to prove things anyway.
(http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41477 is filed for this)
4) a case in sys_socketcall where Dave Miller and co were very smart in
optimizing the code to the point where it's not reasonable for gcc
to realize the result is ok.
--
Arjan van de Ven Intel Open Source Technology Centre
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- [PATCH 1/9] Fix bound checks for copy_from_user in the acpi /proc code
- From: Arjan van de Ven
- [PATCH 9/9] Add explicit bound checks in net/socket.c
- From: Arjan van de Ven
- [PATCH 5/9] Add bound checks in acpi/video for copy_from_user
- From: Arjan van de Ven
- [PATCH 8/9] Add explicit bound checks in mm/migrate.c
- From: Arjan van de Ven
- [PATCH 6/9] Simplify bound checks in cifs for copy_from_user
- From: Arjan van de Ven
- [PATCH 3/9] Add bound checks in wext for copy_from_user
- From: Arjan van de Ven
- [PATCH 2/9] Simplify bound checks in nvram for copy_from_user
- From: Arjan van de Ven
- [PATCH 7/9] Simplify bound checks in capabilities for copy_from_user
- From: Arjan van de Ven
- [PATCH 4/9] Simplify bound checks in the MTRR code
- From: Arjan van de Ven
- [PATCH 1/9] Fix bound checks for copy_from_user in the acpi /proc code
- Prev by Date: [PATCH 9/9] Add explicit bound checks in net/socket.c
- Next by Date: [PATCH 1/9] Fix bound checks for copy_from_user in the acpi /proc code
- Previous by thread: [PATCH] qnx4fs: add missing KERN_xxx to printk() calls
- Next by thread: [PATCH 4/9] Simplify bound checks in the MTRR code
- Index(es):
Relevant Pages
|
