Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-30 Thread Pekka Enberg
On 25/01/2019 19.38, Matthew Wilcox wrote: It's never appropriate to map a page allocated by SLAB into userspace. A buggy device driver might try this, or an attacker might be able to find a way to make it happen. Signed-off-by: Matthew Wilcox Acked-by: Pekka Enberg A WARN_ON_ONCE() would

Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-30 Thread Michael Ellerman
Matthew Wilcox writes: > It's never appropriate to map a page allocated by SLAB into userspace. > A buggy device driver might try this, or an attacker might be able to > find a way to make it happen. > > Signed-off-by: Matthew Wilcox > --- > mm/memory.c | 2 +- > 1 file changed, 1

Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-28 Thread Christopher Lameter
On Tue, 29 Jan 2019, Kees Cook wrote: > It seems like a fatal condition to me? There's nothing to check that > such a page wouldn't get freed by the slab while still mapped to > userspace, right? Lets just fail the code. Currently this may work with SLUB. But SLAB and SLOB overlay fields with

Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-28 Thread Kees Cook
On Tue, Jan 29, 2019 at 7:21 AM Andrew Morton wrote: > > On Fri, 25 Jan 2019 09:38:27 -0800 Matthew Wilcox wrote: > > > It's never appropriate to map a page allocated by SLAB into userspace. > > A buggy device driver might try this, or an attacker might be able to > > find a way to make it

Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-28 Thread Andrew Morton
On Fri, 25 Jan 2019 09:38:27 -0800 Matthew Wilcox wrote: > It's never appropriate to map a page allocated by SLAB into userspace. > A buggy device driver might try this, or an attacker might be able to > find a way to make it happen. It wouldn't surprise me if someone somewhere is doing this.

Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-25 Thread Matthew Wilcox
On Sat, Jan 26, 2019 at 07:44:40AM +1300, Kees Cook wrote: > > - if (PageAnon(page)) > > + if (PageAnon(page) || PageSlab(page)) > > Are there other types that should not get mapped? (Or better yet, is > there a whitelist of those that are okay to be mapped?) Funny you should ask; I

Re: [PATCH] mm: Prevent mapping slab pages to userspace

2019-01-25 Thread Kees Cook
On Sat, Jan 26, 2019 at 6:38 AM Matthew Wilcox wrote: > > It's never appropriate to map a page allocated by SLAB into userspace. > A buggy device driver might try this, or an attacker might be able to > find a way to make it happen. > > Signed-off-by: Matthew Wilcox > --- > mm/memory.c | 2 +- >

[PATCH] mm: Prevent mapping slab pages to userspace

2019-01-25 Thread Matthew Wilcox
It's never appropriate to map a page allocated by SLAB into userspace. A buggy device driver might try this, or an attacker might be able to find a way to make it happen. Signed-off-by: Matthew Wilcox --- mm/memory.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git