Re: [PATCH v2 2/2] ima: Alloc ima_max_digest_data in xattr_verify() if CONFIG_VMAP_STACK=y

From: Eric Biggers
Date: Thu Dec 01 2022 - 13:55:35 EST

Next message: Dave Jiang: "Re: [PATCH V2 06/11] cxl/mem: Trace DRAM Event Record"
Previous message: Dave Jiang: "Re: [PATCH V2 05/11] cxl/mem: Trace General Media Event Record"
In reply to: Roberto Sassu: "[PATCH v2 2/2] ima: Alloc ima_max_digest_data in xattr_verify() if CONFIG_VMAP_STACK=y"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Dec 01, 2022 at 11:06:25AM +0100, Roberto Sassu wrote:
> From: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
>
> Similarly to evm_verify_hmac(), which allocates an evm_digest structure to
> satisfy the linear mapping requirement if CONFIG_VMAP_STACK is enabled, do
> the same in xattr_verify(). Allocate an ima_max_digest_data structure and
> use that instead of the in-stack counterpart.
>
> Cc: stable@xxxxxxxxxxxxxxx # 4.9.x
> Fixes: ba14a194a434 ("fork: Add generic vmalloced stack support")
> Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx>

Likewise, what is the actual problem here? Where specifically is a scatterlist
being used to represent an on-stack buffer?

- Eric

Next message: Dave Jiang: "Re: [PATCH V2 06/11] cxl/mem: Trace DRAM Event Record"
Previous message: Dave Jiang: "Re: [PATCH V2 05/11] cxl/mem: Trace General Media Event Record"
In reply to: Roberto Sassu: "[PATCH v2 2/2] ima: Alloc ima_max_digest_data in xattr_verify() if CONFIG_VMAP_STACK=y"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]