Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751865AbdIUP1R (ORCPT ); Thu, 21 Sep 2017 11:27:17 -0400 Received: from resqmta-ch2-08v.sys.comcast.net ([69.252.207.40]:36276 "EHLO resqmta-ch2-08v.sys.comcast.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751832AbdIUP1Q (ORCPT ); Thu, 21 Sep 2017 11:27:16 -0400 Date: Thu, 21 Sep 2017 10:27:13 -0500 (CDT) From: Christopher Lameter X-X-Sender: cl@nuc-kabylake To: Kees Cook cc: linux-kernel@vger.kernel.org, David Windsor , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , linux-mm@kvack.org, linux-xfs@vger.kernel.org, linux-fsdevel@vger.kernel.org, netdev@vger.kernel.org, kernel-hardening@lists.openwall.com Subject: Re: [PATCH v3 03/31] usercopy: Mark kmalloc caches as usercopy caches In-Reply-To: <1505940337-79069-4-git-send-email-keescook@chromium.org> Message-ID: References: <1505940337-79069-1-git-send-email-keescook@chromium.org> <1505940337-79069-4-git-send-email-keescook@chromium.org> User-Agent: Alpine 2.20 (DEB 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII X-CMAE-Envelope: MS4wfOOCKBKLtTEqV29KUFThZxG2ymxFPth/5UYhqvx8DNAPcmw207xZNPFj9ieIZGeQIp8qtfoSZL03sFMa6rpv2iyduSj6PlfTRluj2qrW0bEzKPa2Mdzc mV+XP1F4nxZiKf6ST28dmYUGZwatNeqMTjIFJafd91AkKSYs361zZUN6HhZhuajBFLFQma2kwUbKspPZV6HJ6/gutG48VVC1P3+njc+M1rniwNLvWXLGskt9 MGFQ+fvsoMg4fEk4sfXv9IeMuZbytEap0RVbnfKYBh8CT+tNoAsP4IWq2f+vCXExZDchbiPCw3OP0I2jeVX/GxtMlwVALUyCBQ3vpINkT/GAv1cUw9EPhyIo AjRxjHSHqUdiWelotvdWiA2ygZbZPVXqnTcAZp10qGN65wWDiOYuUjwgJK5KQ/HATJDB0i+Nxu/k6Bpxn517oN2msNiIv34dPcKQ8TMAsr7bEvcz+VZLgRU7 gJB+kxUT4B/vFPeaOL8+4Z6604v5wtMJfXnu224nkQHZtM6ObjOwmEWCkcwEwDUljbp9Fo1I0DvvbQ27vHzVHOdtgg0raBPjH912sg== Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 719 Lines: 21 On Wed, 20 Sep 2017, Kees Cook wrote: > --- a/mm/slab.c > +++ b/mm/slab.c > @@ -1291,7 +1291,8 @@ void __init kmem_cache_init(void) > */ > kmalloc_caches[INDEX_NODE] = create_kmalloc_cache( > kmalloc_info[INDEX_NODE].name, > - kmalloc_size(INDEX_NODE), ARCH_KMALLOC_FLAGS); > + kmalloc_size(INDEX_NODE), ARCH_KMALLOC_FLAGS, > + 0, kmalloc_size(INDEX_NODE)); > slab_state = PARTIAL_NODE; > setup_kmalloc_cache_index_table(); Ok this presumes that at some point we will be able to restrict the number of bytes writeable and thus set the offset and size field to different values. Is that realistic? We already whitelist all kmalloc caches (see first patch). So what is the point of this patch?