Re: [PATCH] usercopy: add testcases to check zeroing on failure of usercopy

From: Kees Cook
Date: Mon Feb 13 2017 - 13:21:25 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH] kernfs: fix locking around kernfs_ops->release() callback"
Previous message: Paul E. McKenney: "Re: [PATCH RFC v2 tip/core/rcu] Maintain special bits at bottom of ->dynticks counter"
In reply to: Hoeun Ryu: "[PATCH] usercopy: add testcases to check zeroing on failure of usercopy"
Next in thread: Kees Cook: "Re: [PATCH] usercopy: add testcases to check zeroing on failure of usercopy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Feb 11, 2017 at 10:13 PM, Hoeun Ryu <hoeun.ryu@xxxxxxxxx> wrote:
> In the hardend usercopy, the destination buffer will be zeroed if
> copy_from_user/get_user fails. This patch adds testcases for it.
> The destination buffer is set with non-zero value before illegal
> copy_from_user/get_user is executed and the buffer is compared to
> zero after usercopy is done.
>
> Signed-off-by: Hoeun Ryu <hoeun.ryu@xxxxxxxxx>

This looks great!

I'll adjust the commit slightly (the zeroing always happens,
regardless of hardened usercopy) and add it to my usercopy tree.

Thanks!

-Kees

--
Kees Cook
Pixel Security

Next message: Greg Kroah-Hartman: "Re: [PATCH] kernfs: fix locking around kernfs_ops->release() callback"
Previous message: Paul E. McKenney: "Re: [PATCH RFC v2 tip/core/rcu] Maintain special bits at bottom of ->dynticks counter"
In reply to: Hoeun Ryu: "[PATCH] usercopy: add testcases to check zeroing on failure of usercopy"
Next in thread: Kees Cook: "Re: [PATCH] usercopy: add testcases to check zeroing on failure of usercopy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]