From: Kees Cook <keescook@chromium.org>
To: Romain Perier <romain.perier@gmail.com>
Cc: Shyam Saini <mayhs11saini@gmail.com>,
Kernel Hardening <kernel-hardening@lists.openwall.com>
Subject: Re: Get involved
Date: Fri, 7 Jun 2019 21:32:00 -0700 [thread overview]
Message-ID: <201906072117.A1C045C@keescook> (raw)
In-Reply-To: <CABgxDoLe3fXNLob3pnj7Nn2v54Htqr+cg5gRRQPxFK7HPX85=Q@mail.gmail.com>
On Fri, Jun 07, 2019 at 08:16:42PM +0200, Romain Perier wrote:
> Hi,
Hi! Sorry for the late reply: I've been travelling this week. :P
> Okay, np. I will select another one then :) (hehe that's the game ;) )
>
> @Kees: do you have something in mind (as a new task) ?
Shyam, you'd also started FIELD_SIZEOF refactoring, but never sent a v2
patch if I was following correctly? Is there one or the other of these
tasks you'd like help with? https://patchwork.kernel.org/patch/10900187/
Romain, what do you think about reviewing NLA code? I'd mentioned a
third task here:
https://www.openwall.com/lists/kernel-hardening/2019/04/17/8
Quoting...
- audit and fix all misuse of NLA_STRING
This is a following up on noticing the misuse of NLA_STRING (no NUL
terminator), getting used with regular string functions (that expect a
NUL termination):
https://lore.kernel.org/lkml/1519329289.2637.12.camel@sipsolutions.net/T/#u
It'd be nice if someone could inspect all the NLA_STRING
representations and find if there are any other problems like this
(and see if there was a good way to systemically fix the problem).
For yet another idea would be to get syzkaller[1] set up and enable
integer overflow detection (by adding "-fsanitize=signed-integer-overflow"
to KBUILD_CFLAGS) and start finding and fixes cases like this[2].
Thanks and let me know what you think!
-Kees
[1] https://github.com/google/syzkaller/blob/master/docs/linux/setup.md
[2] https://lore.kernel.org/lkml/20180824215439.GA46785@beast/
--
Kees Cook
next prev parent reply other threads:[~2019-06-08 4:32 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-04 17:08 Get involved Romain Perier
2019-06-07 17:54 ` Romain Perier
2019-06-07 18:04 ` Shyam Saini
2019-06-07 18:16 ` Romain Perier
2019-06-08 4:32 ` Kees Cook [this message]
2019-06-08 6:02 ` Shyam Saini
2019-06-08 8:16 ` Romain Perier
2019-06-08 9:19 ` Shyam Saini
-- strict thread matches above, loose matches on Subject: below --
2019-06-18 10:36 Gote, Nitin R
2019-06-18 11:35 ` Jann Horn
2019-06-20 10:27 ` Gote, Nitin R
2020-04-27 15:26 Oscar Carter
2024-05-28 19:13 Mahmoud Maatouq
2024-05-31 16:15 ` Ferruh Yigit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201906072117.A1C045C@keescook \
--to=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=mayhs11saini@gmail.com \
--cc=romain.perier@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.