Re: [PATCH v2] slab: Add POISON_POINTER_DELTA to ZERO_SIZE_PTR
From: Kees Cook
Date: Fri Nov 18 2016 - 12:55:15 EST
On Fri, Nov 18, 2016 at 9:47 AM, Christoph Lameter <cl@xxxxxxxxx> wrote:
> On Thu, 17 Nov 2016, Michael Ellerman wrote:
>> Currently ZERO_OR_NULL_PTR() uses a trick of doing a single check that
>> x <= ZERO_SIZE_PTR, and ignoring the fact that it also matches 1-15.
> Well yes that was done so we do not add too many branches all over the
There are actually very few callers of this macro. (Though it's
possible they're executed frequently.)
>> That no longer really works once we add the poison delta, so split it
>> into two checks. Assign x to a temporary to avoid evaluating it
>> twice (suggested by Kees Cook).
> And now you are doing just that.
In this case, what about the original < ZERO_SIZE_PTR check Michael
suggested? At least the one use in usercopy.c needs to be fixed, but
otherwise, it should be fine?