From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A7771CA0EC8 for ; Tue, 12 Sep 2023 01:57:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235222AbjILB54 (ORCPT ); Mon, 11 Sep 2023 21:57:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52442 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235312AbjILB5o (ORCPT ); Mon, 11 Sep 2023 21:57:44 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id EBD511C61B2; Mon, 11 Sep 2023 18:27:53 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1135AC116A1; Tue, 12 Sep 2023 01:27:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1694482073; bh=i1OpMkK8nN3ugs7HSsHaoziL6+KbW09I3yNP+41/i54=; h=Date:From:To:CC:Subject:In-Reply-To:References:From; b=coMndRYw55qf5oJQ4mYnWLWjpikXmT0btw0FXm928IRMwJjHPrV8RIjVgNnO6qoCw JT3hvN9kCotKz/cGKyE+wS3Ei9Zwjbvbh5paGnFIT241HNCrBV6JwSsk7sgvWZdwrx g6bohU08+jLacNfIRcHXNR05VIr4EviYjWIB+srXf1V5bplTmm9u/boTLm9f/LeY+/ vFcP4Qo/XhwDVgHhlC2oOKiXiBTfmI2kb/I83qwCxA7xUwacibfht0JwFwA/cLJh99 QVXYNV//NiaIcTvCjAhHRKRlnSyY34LnNunLnYVl07pdDJgFbAvpgncKRlFndex/0O MsTnACCDqW6Sw== Date: Mon, 11 Sep 2023 18:27:50 -0700 From: Kees Cook To: Philipp Stanner , Kees Cook , Andy Shevchenko , Eric Biederman , Christian Brauner , David Disseldorp , Luis Chamberlain , Siddh Raman Pant , Nick Alcock , Maarten Lankhorst , Maxime Ripard , Thomas Zimmermann , David Airlie , Daniel Vetter , Zack Rusin CC: VMware Graphics Reviewers , dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org, kexec@lists.infradead.org, linux-hardening@vger.kernel.org Subject: Re: [PATCH v2 0/5] Introduce new wrappers to copy user-arrays User-Agent: K-9 Mail for Android In-Reply-To: References: Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-hardening@vger.kernel.org On September 8, 2023 12:59:39 PM PDT, Philipp Stanner wrote: >Hi! > >David Airlie suggested that we could implement new wrappers around >(v)memdup_user() for duplicating user arrays=2E > >This small patch series first implements the two new wrapper functions >memdup_array_user() and vmemdup_array_user()=2E They calculate the >array-sizes safely, i=2Ee=2E, they return an error in case of an overflow= =2E > >It then implements the new wrappers in two components in kernel/ and two >in the drm-subsystem=2E > >In total, there are 18 files in the kernel that use (v)memdup_user() to >duplicate arrays=2E My plan is to provide patches for the other 14 >successively once this series has been merged=2E > > >Changes since v1: >- Insert new headers alphabetically ordered >- Remove empty lines in functions' docstrings >- Return -EOVERFLOW instead of -EINVAL from wrapper functions > > >@Andy: >I test-build it for UM on my x86_64=2E Builds successfully=2E >A kernel build (localmodconfig) for my Fedora38 @ x86_64 does also boot >fine=2E > >If there is more I can do to verify the early boot stages are fine, >please let me know! > >P=2E > >Philipp Stanner (5): > string=2Eh: add array-wrappers for (v)memdup_user() > kernel: kexec: copy user-array safely > kernel: watch_queue: copy user-array safely > drm_lease=2Ec: copy user-array safely > drm: vmgfx_surface=2Ec: copy user-array safely > > drivers/gpu/drm/drm_lease=2Ec | 4 +-- > drivers/gpu/drm/vmwgfx/vmwgfx_surface=2Ec | 4 +-- > include/linux/string=2Eh | 40 +++++++++++++++++++++++++ > kernel/kexec=2Ec | 2 +- > kernel/watch_queue=2Ec | 2 +- > 5 files changed, 46 insertions(+), 6 deletions(-) > Nice=2E For the series: Reviewed-by: Kees Cook --=20 Kees Cook