GET

Patch Detail

get:
Show a patch.

patch:
Update a patch.

put:
Update a patch.

GET /api/1.2/patches/652391/?format=api
HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 652391,
    "url": "http://patchwork.ozlabs.org/api/1.2/patches/652391/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/linuxppc-dev/patch/0f980e84-b587-3d9e-3c26-ad57f947c08b@redhat.com/",
    "project": {
        "id": 2,
        "url": "http://patchwork.ozlabs.org/api/1.2/projects/2/?format=api",
        "name": "Linux PPC development",
        "link_name": "linuxppc-dev",
        "list_id": "linuxppc-dev.lists.ozlabs.org",
        "list_email": "linuxppc-dev@lists.ozlabs.org",
        "web_url": "https://github.com/linuxppc/wiki/wiki",
        "scm_url": "https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git",
        "webscm_url": "https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/",
        "list_archive_url": "https://lore.kernel.org/linuxppc-dev/",
        "list_archive_url_format": "https://lore.kernel.org/linuxppc-dev/{}/",
        "commit_url_format": "https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id={}"
    },
    "msgid": "<0f980e84-b587-3d9e-3c26-ad57f947c08b@redhat.com>",
    "list_archive_url": "https://lore.kernel.org/linuxppc-dev/0f980e84-b587-3d9e-3c26-ad57f947c08b@redhat.com/",
    "date": "2016-07-25T19:16:24",
    "name": "[v4,12/12] mm: SLUB hardened usercopy support",
    "commit_ref": null,
    "pull_url": null,
    "state": "not-applicable",
    "archived": false,
    "hash": "57196cd09c1c25be8173a117bc095ac416aa5728",
    "submitter": {
        "id": 66322,
        "url": "http://patchwork.ozlabs.org/api/1.2/people/66322/?format=api",
        "name": "Laura Abbott",
        "email": "labbott@redhat.com"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/linuxppc-dev/patch/0f980e84-b587-3d9e-3c26-ad57f947c08b@redhat.com/mbox/",
    "series": [],
    "comments": "http://patchwork.ozlabs.org/api/patches/652391/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/652391/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org>",
        "X-Original-To": [
            "patchwork-incoming@ozlabs.org",
            "linuxppc-dev@lists.ozlabs.org"
        ],
        "Delivered-To": [
            "patchwork-incoming@ozlabs.org",
            "linuxppc-dev@lists.ozlabs.org"
        ],
        "Received": [
            "from lists.ozlabs.org (lists.ozlabs.org [103.22.144.68])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3ryrcX4j8Hz9sdg\n\tfor <patchwork-incoming@ozlabs.org>;\n\tTue, 26 Jul 2016 05:17:48 +1000 (AEST)",
            "from ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3])\n\tby lists.ozlabs.org (Postfix) with ESMTP id 3ryrcX3tkzzDrL3\n\tfor <patchwork-incoming@ozlabs.org>;\n\tTue, 26 Jul 2016 05:17:48 +1000 (AEST)",
            "from mail-it0-f48.google.com (mail-it0-f48.google.com\n\t[209.85.214.48])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128\n\tbits)) (No client certificate requested)\n\tby lists.ozlabs.org (Postfix) with ESMTPS id 3ryrb44FmrzDrJM\n\tfor <linuxppc-dev@lists.ozlabs.org>;\n\tTue, 26 Jul 2016 05:16:32 +1000 (AEST)",
            "by mail-it0-f48.google.com with SMTP id j124so115277271ith.1\n\tfor <linuxppc-dev@lists.ozlabs.org>;\n\tMon, 25 Jul 2016 12:16:32 -0700 (PDT)",
            "from ?IPv6:2601:602:9800:177f::337f? ([2601:602:9800:177f::337f])\n\tby smtp.gmail.com with ESMTPSA id\n\tz128sm12136642iof.4.2016.07.25.12.16.25\n\t(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);\n\tMon, 25 Jul 2016 12:16:28 -0700 (PDT)"
        ],
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20130820;\n\th=x-gm-message-state:from:subject:to:references:cc:message-id:date\n\t:user-agent:mime-version:in-reply-to:content-transfer-encoding;\n\tbh=1alCQ/YBsVzJqQWPZrNwmdfhELVQ9bxw+LYCj445z2A=;\n\tb=JhrWXL1PseWQxoUF+bNA9qGaP/Le2TQRtonelU5l37jtsmMBzJW9eJd5N+5OgNu26y\n\t0hqfcy6hczOuMY4O7j/sVywSJpCf7sI0m7mkosEEduFDmKDVz94s720Ac4dcJLDxoMBm\n\t3EpbcZLRH13H78BnSwgaiMyNEoG3sCEhmiZMTND79+ZbZa6KygNT3/pluSJmfD24r98j\n\tvCn1SjTn7f31g3r50aFGCP4OV74PdlPE5zeB8ugH7K9YtSWyItQRXadlJmGnyqtRxcqL\n\t+SQvw/Q7PUwoMG8pUOMoaHGaAk/e9vw0QoXUYYc5ekdtaWzXGO5x6kmoe/f8QZS8VpP8\n\t4qsw==",
        "X-Gm-Message-State": "AEkoousOuuBNiG/+qY7q4oqRiiZUWIAcPUstp1lVXcB8gNFA1zNgFLEE77WXGgs9QHTkoRxJ",
        "X-Received": "by 10.36.208.71 with SMTP id m68mr22567397itg.63.1469474190133; \n\tMon, 25 Jul 2016 12:16:30 -0700 (PDT)",
        "From": "Laura Abbott <labbott@redhat.com>",
        "Subject": "Re: [PATCH v4 12/12] mm: SLUB hardened usercopy support",
        "To": "Kees Cook <keescook@chromium.org>, kernel-hardening@lists.openwall.com",
        "References": "<1469046427-12696-1-git-send-email-keescook@chromium.org>\n\t<1469046427-12696-13-git-send-email-keescook@chromium.org>",
        "Message-ID": "<0f980e84-b587-3d9e-3c26-ad57f947c08b@redhat.com>",
        "Date": "Mon, 25 Jul 2016 12:16:24 -0700",
        "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101\n\tThunderbird/45.1.1",
        "MIME-Version": "1.0",
        "In-Reply-To": "<1469046427-12696-13-git-send-email-keescook@chromium.org>",
        "X-BeenThere": "linuxppc-dev@lists.ozlabs.org",
        "X-Mailman-Version": "2.1.22",
        "Precedence": "list",
        "List-Id": "Linux on PowerPC Developers Mail List\n\t<linuxppc-dev.lists.ozlabs.org>",
        "List-Unsubscribe": "<https://lists.ozlabs.org/options/linuxppc-dev>,\n\t<mailto:linuxppc-dev-request@lists.ozlabs.org?subject=unsubscribe>",
        "List-Archive": "<http://lists.ozlabs.org/pipermail/linuxppc-dev/>",
        "List-Post": "<mailto:linuxppc-dev@lists.ozlabs.org>",
        "List-Help": "<mailto:linuxppc-dev-request@lists.ozlabs.org?subject=help>",
        "List-Subscribe": "<https://lists.ozlabs.org/listinfo/linuxppc-dev>,\n\t<mailto:linuxppc-dev-request@lists.ozlabs.org?subject=subscribe>",
        "Cc": "Jan Kara <jack@suse.cz>, Will Deacon <will.deacon@arm.com>,\n\tlinux-mm@kvack.org, sparclinux@vger.kernel.org,\n\tlinux-ia64@vger.kernel.org, Christoph Lameter <cl@linux.com>,\n\tAndrea Arcangeli <aarcange@redhat.com>, \n\tlinux-arch@vger.kernel.org, x86@kernel.org,\n\tRussell King <linux@armlinux.org.uk>,\n\tlinux-arm-kernel@lists.infradead.org, \n\tCatalin Marinas <catalin.marinas@arm.com>,\n\tPaX Team <pageexec@freemail.hu>, \n\tBorislav Petkov <bp@suse.de>, Mathias Krause <minipli@googlemail.com>,\n\tFenghua Yu <fenghua.yu@intel.com>, Rik van Riel <riel@redhat.com>,\n\tDavid Rientjes <rientjes@google.com>, Tony Luck <tony.luck@intel.com>,\n\tAndy Lutomirski <luto@kernel.org>, Josh Poimboeuf <jpoimboe@redhat.com>, \n\tAndrew Morton <akpm@linux-foundation.org>,\n\tDmitry Vyukov <dvyukov@google.com>, \n\tLaura Abbott <labbott@fedoraproject.org>,\n\tBrad Spengler <spender@grsecurity.net>,\n\tArd Biesheuvel <ard.biesheuvel@linaro.org>,\n\tlinux-kernel@vger.kernel.org, Pekka Enberg <penberg@kernel.org>,\n\tDaniel Micay <danielmicay@gmail.com>, \n\tCasey Schaufler <casey@schaufler-ca.com>,\n\tJoonsoo Kim <iamjoonsoo.kim@lge.com>, \n\tlinuxppc-dev@lists.ozlabs.org, \"David S. Miller\" <davem@davemloft.net>",
        "Content-Transfer-Encoding": "base64",
        "Content-Type": "text/plain; charset=\"utf-8\"; Format=\"flowed\"",
        "Errors-To": "linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org",
        "Sender": "\"Linuxppc-dev\"\n\t<linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org>"
    },
    "content": "On 07/20/2016 01:27 PM, Kees Cook wrote:\n> Under CONFIG_HARDENED_USERCOPY, this adds object size checking to the\n> SLUB allocator to catch any copies that may span objects. Includes a\n> redzone handling fix discovered by Michael Ellerman.\n>\n> Based on code from PaX and grsecurity.\n>\n> Signed-off-by: Kees Cook <keescook@chromium.org>\n> Tested-by: Michael Ellerman <mpe@ellerman.id.au>\n> ---\n>  init/Kconfig |  1 +\n>  mm/slub.c    | 36 ++++++++++++++++++++++++++++++++++++\n>  2 files changed, 37 insertions(+)\n>\n> diff --git a/init/Kconfig b/init/Kconfig\n> index 798c2020ee7c..1c4711819dfd 100644\n> --- a/init/Kconfig\n> +++ b/init/Kconfig\n> @@ -1765,6 +1765,7 @@ config SLAB\n>\n>  config SLUB\n>  \tbool \"SLUB (Unqueued Allocator)\"\n> +\tselect HAVE_HARDENED_USERCOPY_ALLOCATOR\n>  \thelp\n>  \t   SLUB is a slab allocator that minimizes cache line usage\n>  \t   instead of managing queues of cached objects (SLAB approach).\n> diff --git a/mm/slub.c b/mm/slub.c\n> index 825ff4505336..7dee3d9a5843 100644\n> --- a/mm/slub.c\n> +++ b/mm/slub.c\n> @@ -3614,6 +3614,42 @@ void *__kmalloc_node(size_t size, gfp_t flags, int node)\n>  EXPORT_SYMBOL(__kmalloc_node);\n>  #endif\n>\n> +#ifdef CONFIG_HARDENED_USERCOPY\n> +/*\n> + * Rejects objects that are incorrectly sized.\n> + *\n> + * Returns NULL if check passes, otherwise const char * to name of cache\n> + * to indicate an error.\n> + */\n> +const char *__check_heap_object(const void *ptr, unsigned long n,\n> +\t\t\t\tstruct page *page)\n> +{\n> +\tstruct kmem_cache *s;\n> +\tunsigned long offset;\n> +\tsize_t object_size;\n> +\n> +\t/* Find object and usable object size. */\n> +\ts = page->slab_cache;\n> +\tobject_size = slab_ksize(s);\n> +\n> +\t/* Find offset within object. */\n> +\toffset = (ptr - page_address(page)) % s->size;\n> +\n> +\t/* Adjust for redzone and reject if within the redzone. */\n> +\tif (kmem_cache_debug(s) && s->flags & SLAB_RED_ZONE) {\n> +\t\tif (offset < s->red_left_pad)\n> +\t\t\treturn s->name;\n> +\t\toffset -= s->red_left_pad;\n> +\t}\n> +\n> +\t/* Allow address range falling entirely within object size. */\n> +\tif (offset <= object_size && n <= object_size - offset)\n> +\t\treturn NULL;\n> +\n> +\treturn s->name;\n> +}\n> +#endif /* CONFIG_HARDENED_USERCOPY */\n> +\n\nI compared this against what check_valid_pointer does for SLUB_DEBUG\nchecking. I was hoping we could utilize that function to avoid\nduplication but a) __check_heap_object needs to allow accesses anywhere\nin the object, not just the beginning b) accessing page->objects\nis racy without the addition of locking in SLUB_DEBUG.\n\nStill, the ptr < page_address(page) check from __check_heap_object would\nbe good to add to avoid generating garbage large offsets and trying to\ninfer C math.\n\n\nWith that, you can add\n\nReviwed-by: Laura Abbott <labbott@redhat.com>\n\n>  static size_t __ksize(const void *object)\n>  {\n>  \tstruct page *page;\n>\n\nThanks,\nLaura",
    "diff": "diff --git a/mm/slub.c b/mm/slub.c\nindex 7dee3d9..5370e4f 100644\n--- a/mm/slub.c\n+++ b/mm/slub.c\n@@ -3632,6 +3632,9 @@ const char *__check_heap_object(const void *ptr, unsigned long n,\n         s = page->slab_cache;\n         object_size = slab_ksize(s);\n  \n+       if (ptr < page_address(page))\n+               return s->name;\n+\n         /* Find offset within object. */\n         offset = (ptr - page_address(page)) % s->size;\n  \n",
    "prefixes": [
        "v4",
        "12/12"
    ]
}