linux-imx
Public
Source
committed 7bff3c06997240
240
/* Verify object does not incorrectly span multiple pages. */241
241
check_page_span(ptr, n, page, to_user);242
242
}243
243
}244
244
245
245
static DEFINE_STATIC_KEY_FALSE_RO(bypass_usercopy_checks);246
246
247
247
/*248
248
* Validates that the given object is:249
249
* - not bogus address250
-
* - known-safe heap or stack object250
+
* - fully contained by stack (or stack frame, when available)251
+
* - fully within SLAB object (or object whitelist area, when available)251
252
* - not in kernel text252
253
*/253
254
void __check_object_size(const void *ptr, unsigned long n, bool to_user)254
255
{255
256
if (static_branch_unlikely(&bypass_usercopy_checks))256
257
return;257
258
258
259
/* Skip all tests if size is zero. */259
260
if (!n)260
261
return;261
262
262
263
/* Check for invalid addresses. */263
264
check_bogus_address((const unsigned long)ptr, n, to_user);264
265
265
-
/* Check for bad heap object. */266
-
check_heap_object(ptr, n, to_user);267
-
268
266
/* Check for bad stack object. */269
267
switch (check_stack_object(ptr, n)) {270
268
case NOT_STACK:271
269
/* Object is not touching the current process stack. */272
270
break;273
271
case GOOD_FRAME:274
272
case GOOD_STACK:275
273
/*276
274
* Object is either in the correct frame (when it277
275
* is possible to check) or just generally on the278
276
* process stack (when frame checking not available).279
277
*/280
278
return;281
279
default:282
280
usercopy_abort("process stack", NULL, to_user, 0, n);283
281
}284
282
283
+
/* Check for bad heap object. */284
+
check_heap_object(ptr, n, to_user);285
+
285
286
/* Check for object in kernel to avoid text exposure. */286
287
check_kernel_text_object((const unsigned long)ptr, n, to_user);287
288
}288
289
EXPORT_SYMBOL(__check_object_size);289
290
290
291
static bool enable_checks __initdata = true;291
292
292
293
static int __init parse_hardened_usercopy(char *str)293
294
{294
295
return strtobool(str, &enable_checks);