Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp5304440yba; Wed, 10 Apr 2019 16:28:42 -0700 (PDT) X-Google-Smtp-Source: APXvYqwgTGOlDXXd8jQIFaft2wr50Hchr5fQLXJri/Nmx/qnm9ro7NYTe0zrOShfILWrkAPyuGJg X-Received: by 2002:a63:8e:: with SMTP id 136mr39163647pga.367.1554938922083; Wed, 10 Apr 2019 16:28:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554938922; cv=none; d=google.com; s=arc-20160816; b=NmXLLsHxrxIPvhOiT3cUYVFoxGD6f2oPDqaHcqPercKpURV0354kO2GiLMhPGzaTch L9H6QGib3SStoECLsCNP1Kxub06d81mqmS73sJZOA7qz6KLISF0YuT+4YsqXCxTkZEI7 EeO5EzzKNV41lJ5Voiw6wVXK0lWQOovZbS5HaR09hO4VCEU5Kd+u7pzG1rktjBwz6xS7 TGetwQPn5monu+qWrJhoqg4pbwOH5wHO+zt+Aw+2uEyEsxNcvcQIstQvav03S8d5wCeg UhiMGMdIK5+p5XbpMAlQqRf/Wsr61sjszcRjREux+PWDwBL7E6TGPdIP8dqNlPCIknLb wSZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=gNlKPyKG8+QtNce73/Iv5lOFma4r0K9qU8E9XvP2Jc0=; b=fIqIC/x4Qh2TJpVxDVRfl/J5NDLfdZC2qDk/H25jyIHxN6EuvJ7TlVvXnLX9MrYYAf 8r/Njb4YLFAyzoXUyRr0GKgoYLZ9ix7GP1tNmQj0pfIen5yUlL4mRItmTHLjHxVv37Ow Ha2aahDSAolOH/eJnqC5fmOdn2a1g9YBzP9VKqL9sG+rqCV2H0BgCOascZPSXABTCe9k 3NalyMhV2oKvwYDfDXFNBB0YyTfHLrSEnrgSQpIxMw1JYP2OnzQUVzkoOA1eZHenzZTv dYOR1h+kTJCxTIY0tX8LgKjyvCiHFqY/wHsO6NEvG+XIfQOsNQCGQvo16RK1xVt1qkuR 8/fg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="d/mq2Rkw"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q1si33028215pfh.125.2019.04.10.16.28.26; Wed, 10 Apr 2019 16:28:42 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b="d/mq2Rkw"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726564AbfDJX1o (ORCPT + 99 others); Wed, 10 Apr 2019 19:27:44 -0400 Received: from mail-vk1-f171.google.com ([209.85.221.171]:40102 "EHLO mail-vk1-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726026AbfDJX1n (ORCPT ); Wed, 10 Apr 2019 19:27:43 -0400 Received: by mail-vk1-f171.google.com with SMTP id l17so965748vke.7 for ; Wed, 10 Apr 2019 16:27:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=gNlKPyKG8+QtNce73/Iv5lOFma4r0K9qU8E9XvP2Jc0=; b=d/mq2RkwjH/zieHh3yaXl4fAgXqLQzmIqXqRsSzThUGDzWSawNIzYLSWf+yMcriAuF jQocb31jPcSY+7iOFq4j6sJK1CG4f2z1a35AnhDdew0cXY08ZjccG9HAzJelvXlmZ+zy KZnKq/5SR1OK4jq/kK0g4UBSbqqx2mG6Dl7XA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=gNlKPyKG8+QtNce73/Iv5lOFma4r0K9qU8E9XvP2Jc0=; b=FzN5gBcsMu6qG2xDNVEfWY9uIWjkJ9a3skURPe/NUFHvWkw2KI5B6CIBxfMHP5tgjM lzUq651YTWvXcycCbAGA8tKUK77wtI/p3q34ELCpwZUv/N/SMjs9ujUBo6XFOFYFoC1/ 45YGYwxOb4WbhqWiQERa4AbtYNODntBu2txCzBk4VP52ipBU0iRj8EejuK0HWokEQS1Q ChJlkCqbau1m9qw5i5MMCVB117UQuut0bUI1paL/yJtkRQLohha5y4Kqt+hbmJ/dWd7x H0/pKDjxJfZS6VRXXUHQ/MR5KO4QIzM4pY/X0rNYJ9gzFiYWZLjQhsYpaLtjDwdDwyrJ yoZg== X-Gm-Message-State: APjAAAVIz06NxSrYDkE4bLiyJvMP/y0onMDpfOgwakRJrLdBAQO15OR+ P2qPgdO6jeT0b0KdFPoGAcbTPXvz+cU= X-Received: by 2002:a1f:860c:: with SMTP id i12mr26638522vkd.46.1554938861445; Wed, 10 Apr 2019 16:27:41 -0700 (PDT) Received: from mail-vs1-f49.google.com (mail-vs1-f49.google.com. [209.85.217.49]) by smtp.gmail.com with ESMTPSA id u10sm17578457vku.34.2019.04.10.16.27.40 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 10 Apr 2019 16:27:40 -0700 (PDT) Received: by mail-vs1-f49.google.com with SMTP id g187so2394149vsc.8 for ; Wed, 10 Apr 2019 16:27:40 -0700 (PDT) X-Received: by 2002:a67:76c7:: with SMTP id r190mr27002454vsc.196.1554938859577; Wed, 10 Apr 2019 16:27:39 -0700 (PDT) MIME-Version: 1.0 References: <20190319170911.GB202956@gmail.com> <20190320185719.GB180195@gmail.com> <20190321175122.GA1587@sol.localdomain> <20190410031734.GB7140@sol.localdomain> <20190410190729.GA120258@gmail.com> <20190410231156.GB120258@gmail.com> In-Reply-To: <20190410231156.GB120258@gmail.com> From: Kees Cook Date: Wed, 10 Apr 2019 16:27:28 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: crypto: Kernel memory overwrite attempt detected to spans multiple pages To: Eric Biggers Cc: Geert Uytterhoeven , Herbert Xu , linux-security-module , Linux ARM , Linux Crypto Mailing List , Linux Kernel Mailing List , Laura Abbott , Rik van Riel Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 10, 2019 at 4:12 PM Eric Biggers wrote: > You've explained *what* it does again, but not *why*. *Why* do you want > hardened usercopy to detect copies across page boundaries, when there is no > actual buffer overflow? But that *is* how it determines it was a buffer overflow: "if you cross page boundaries (of a non-compound allocation), it *is* a buffer overflow". This assertion, however, is flawed because many contiguous allocations are not marked as being grouped together when it reality they were. It was an attempt to get allocation size information out of the page allocator, similar to how slab can be queries about allocation size. I'm open to improvements here, since it's obviously broken in its current state. :) -- Kees Cook