* Re: [PATCH v6 0/5] Fortify strscpy() [not found] <20201119164915.10618-1-laniel_francis@privacyrequired.com> @ 2020-11-20 1:35 ` Andrew Morton 2020-11-20 13:33 ` David Laight [not found] ` <5676804.6kI0aEeX2c@machine> [not found] ` <20201119164915.10618-2-laniel_francis@privacyrequired.com> 1 sibling, 2 replies; 6+ messages in thread From: Andrew Morton @ 2020-11-20 1:35 UTC (permalink / raw) To: laniel_francis; +Cc: linux-hardening, linux-mm, linux-kernel, dja, keescook On Thu, 19 Nov 2020 17:49:10 +0100 laniel_francis@privacyrequired.com wrote: > From: Francis Laniel <laniel_francis@privacyrequired.com> > > Hi. > > > I hope your families, friends and yourselves are fine. Thanks. You too ;) > This patch set answers to this issue: > https://github.com/KSPP/linux/issues/46 I fail to understand what this patchset has to do with that one-element-array issue :( > I based my modifications on top of two patches from Daniel Axtens which modify > calls to __builtin_object_size to ensure the true size of char * are returned > and not the surrounding structure size. > > To sum up, in my first patch I implemented a fortified version of strscpy. > This new version ensures the following before calling vanilla strscpy: > 1. There is no read overflow because either size is smaller than src length > or we shrink size to src length by calling fortified strnlen. > 2. There is no write overflow because we either failed during compilation or at > runtime by checking that size is smaller than dest size. > The second patch brings a new file in LKDTM driver to test this new version. > The test ensures the fortified version still returns the same value as the > vanilla one while panic'ing when there is a write overflow. > The third just corrects some typos in LKDTM related file. > > If you see any problem or way to improve the code, feel free to share it. Could you please send along a reworked [0/n] cover letter? Explain in your own words, without requiring that readers go off and read web pages - What problem the patchset solves - How it solves it - The value of the patchset (to kernel developers or to end-users) so that we can understand why it should be merged. Thanks. ^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: [PATCH v6 0/5] Fortify strscpy() 2020-11-20 1:35 ` [PATCH v6 0/5] Fortify strscpy() Andrew Morton @ 2020-11-20 13:33 ` David Laight 2020-11-20 15:51 ` Francis Laniel [not found] ` <5676804.6kI0aEeX2c@machine> 1 sibling, 1 reply; 6+ messages in thread From: David Laight @ 2020-11-20 13:33 UTC (permalink / raw) To: 'Andrew Morton', laniel_francis Cc: linux-hardening, linux-mm, linux-kernel, dja, keescook From: Andrew Morton > Sent: 20 November 2020 01:36 ... > Could you please send along a reworked [0/n] cover letter? Explain in > your own words, without requiring that readers go off and read web > pages > > - What problem the patchset solves > - How it solves it > - The value of the patchset (to kernel developers or to end-users) so that we > can understand why it should be merged. - How much it slows things down. David - Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK Registration No: 1397386 (Wales) ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v6 0/5] Fortify strscpy() 2020-11-20 13:33 ` David Laight @ 2020-11-20 15:51 ` Francis Laniel 0 siblings, 0 replies; 6+ messages in thread From: Francis Laniel @ 2020-11-20 15:51 UTC (permalink / raw) To: David Laight Cc: 'Andrew Morton', linux-hardening, linux-mm, linux-kernel, dja, keescook Le vendredi 20 novembre 2020, 14:33:53 CET David Laight a écrit : > From: Andrew Morton > > > Sent: 20 November 2020 01:36 > > ... > > > Could you please send along a reworked [0/n] cover letter? Explain in > > your own words, without requiring that readers go off and read web > > pages > > > > - What problem the patchset solves > > - How it solves it > > - The value of the patchset (to kernel developers or to end-users) so that > > we> > > can understand why it should be merged. > > - How much it slows things down. I will add it for the next version! > David > > - > Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 > 1PT, UK Registration No: 1397386 (Wales) ^ permalink raw reply [flat|nested] 6+ messages in thread
[parent not found: <5676804.6kI0aEeX2c@machine>]
* Re: [PATCH v6 0/5] Fortify strscpy() [not found] ` <5676804.6kI0aEeX2c@machine> @ 2020-11-20 19:52 ` Kees Cook 0 siblings, 0 replies; 6+ messages in thread From: Kees Cook @ 2020-11-20 19:52 UTC (permalink / raw) To: Francis Laniel Cc: Andrew Morton, linux-hardening, linux-mm, linux-kernel, dja On Fri, Nov 20, 2020 at 10:40:38AM +0100, Francis Laniel wrote: > Le vendredi 20 novembre 2020, 02:35:43 CET Andrew Morton a écrit : > > On Thu, 19 Nov 2020 17:49:10 +0100 laniel_francis@privacyrequired.com wrote: > > > This patch set answers to this issue: > > > https://github.com/KSPP/linux/issues/46 > > > > I fail to understand what this patchset has to do with that > > one-element-array issue :( > > I think I linked another issue totally not related with that one... This just looks like a typo. The URL should be: https://github.com/KSPP/linux/issues/96 -- Kees Cook ^ permalink raw reply [flat|nested] 6+ messages in thread
[parent not found: <20201119164915.10618-2-laniel_francis@privacyrequired.com>]
* Re: [PATCH v6 1/5] string.h: detect intra-object overflow in fortified string functions [not found] ` <20201119164915.10618-2-laniel_francis@privacyrequired.com> @ 2020-11-20 1:38 ` Andrew Morton 2020-11-20 9:41 ` Francis Laniel 0 siblings, 1 reply; 6+ messages in thread From: Andrew Morton @ 2020-11-20 1:38 UTC (permalink / raw) To: laniel_francis Cc: linux-hardening, linux-mm, linux-kernel, dja, keescook, Daniel Micay On Thu, 19 Nov 2020 17:49:11 +0100 laniel_francis@privacyrequired.com wrote: > From: Daniel Axtens <dja@axtens.net> > > ... > > Cc: Daniel Micay <danielmicay@gmail.com> > Cc: Kees Cook <keescook@chromium.org> > Reviewed-by: Kees Cook <keescook@chromium.org> > Signed-off-by: Daniel Axtens <dja@axtens.net> This patch should have your signoff as well, as per Documentation/process/submitting-patches.rst "Developer's Certificate of Origin 1.1". I think it would be best to send out a v7 to address this and the cover letter issue, please. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH v6 1/5] string.h: detect intra-object overflow in fortified string functions 2020-11-20 1:38 ` [PATCH v6 1/5] string.h: detect intra-object overflow in fortified string functions Andrew Morton @ 2020-11-20 9:41 ` Francis Laniel 0 siblings, 0 replies; 6+ messages in thread From: Francis Laniel @ 2020-11-20 9:41 UTC (permalink / raw) To: Andrew Morton Cc: linux-hardening, linux-mm, linux-kernel, dja, keescook, Daniel Micay Le vendredi 20 novembre 2020, 02:38:22 CET Andrew Morton a écrit : > On Thu, 19 Nov 2020 17:49:11 +0100 laniel_francis@privacyrequired.com wrote: > > From: Daniel Axtens <dja@axtens.net> > > > > ... > > > > Cc: Daniel Micay <danielmicay@gmail.com> > > Cc: Kees Cook <keescook@chromium.org> > > Reviewed-by: Kees Cook <keescook@chromium.org> > > Signed-off-by: Daniel Axtens <dja@axtens.net> > > This patch should have your signoff as well, as per > Documentation/process/submitting-patches.rst "Developer's Certificate > of Origin 1.1". > > I think it would be best to send out a v7 to address this and the cover > letter issue, please. Will be done for the v7! I just read the documentation page, rebase on Linus Torvalds tree and send the v7! ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-11-20 19:52 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <20201119164915.10618-1-laniel_francis@privacyrequired.com> 2020-11-20 1:35 ` [PATCH v6 0/5] Fortify strscpy() Andrew Morton 2020-11-20 13:33 ` David Laight 2020-11-20 15:51 ` Francis Laniel [not found] ` <5676804.6kI0aEeX2c@machine> 2020-11-20 19:52 ` Kees Cook [not found] ` <20201119164915.10618-2-laniel_francis@privacyrequired.com> 2020-11-20 1:38 ` [PATCH v6 1/5] string.h: detect intra-object overflow in fortified string functions Andrew Morton 2020-11-20 9:41 ` Francis Laniel
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).