diff options
author | Kees Cook <keescook@chromium.org> | 2018-01-10 14:48:22 -0800 |
---|---|---|
committer | Kees Cook <keescook@chromium.org> | 2018-01-15 12:07:45 -0800 |
commit | f4e6e289cb9cf67885b6b18b9d56d2c3e1c714a1 (patch) | |
tree | ef4487691b7cc2581baeebedfa3ef4482ecad3fa /mm/slab.c | |
parent | b394d468e7d75637e682a9be4a1181b27186c593 (diff) | |
download | lwn-f4e6e289cb9cf67885b6b18b9d56d2c3e1c714a1.tar.gz lwn-f4e6e289cb9cf67885b6b18b9d56d2c3e1c714a1.zip |
usercopy: Include offset in hardened usercopy report
This refactors the hardened usercopy code so that failure reporting can
happen within the checking functions instead of at the top level. This
simplifies the return value handling and allows more details and offsets
to be included in the report. Having the offset can be much more helpful
in understanding hardened usercopy bugs.
Signed-off-by: Kees Cook <keescook@chromium.org>
Diffstat (limited to 'mm/slab.c')
-rw-r--r-- | mm/slab.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/mm/slab.c b/mm/slab.c index 183e996dde5f..b2beb2cc15e2 100644 --- a/mm/slab.c +++ b/mm/slab.c @@ -4397,8 +4397,8 @@ module_init(slab_proc_init); * Returns NULL if check passes, otherwise const char * to name of cache * to indicate an error. */ -const char *__check_heap_object(const void *ptr, unsigned long n, - struct page *page) +void __check_heap_object(const void *ptr, unsigned long n, struct page *page, + bool to_user) { struct kmem_cache *cachep; unsigned int objnr; @@ -4414,9 +4414,9 @@ const char *__check_heap_object(const void *ptr, unsigned long n, /* Allow address range falling entirely within object size. */ if (offset <= cachep->object_size && n <= cachep->object_size - offset) - return NULL; + return; - return cachep->name; + usercopy_abort("SLAB object", cachep->name, to_user, offset, n); } #endif /* CONFIG_HARDENED_USERCOPY */ |