On 01/05/18 03:15, Andrew Morton wrote:
On Fri, 27 Apr 2018 03:42:41 +0400 Igor Stoppa <igor.sto...@gmail.com> wrote:
These two patches were written in preparation for the creation of
protectable memory, however their use is not limited to pmalloc and can
improve the use of vir
troubleshooting a crash, it is recommended
to compile the tests into the monolithic kernel.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
lib/Kconfig.debug | 23 +++
lib/Makefile| 1 +
lib/test_genalloc.c | 419
3 files c
enwall.com/lists/kernel-hardening/2018/04/29/1]
* make the tester code a kernel module
* turn selftest BUG() error exit paths into WARN()
* add analysis of impact on current users of genalloc
Igor Stoppa (3):
genalloc: track beginning of allocations
Add label and license to genalloc.rst
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 112 +++
lib/genalloc.c | 742 ++-
2 files changed, 599 insertions(+), 255 deletions(-)
diff --git a/include/linux/genalloc.h b/include/linux/genalloc.h
Add SPDX license to genalloc.rst, then a label, to allow cross-referencing.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/genalloc.rst | 4
1 file changed, 4 insertions(+)
diff --git a/Documentation/core-api/genalloc.rst
b/Documentation/co
On 03/05/18 01:50, Andrew Morton wrote:
On Wed, 2 May 2018 05:05:19 +0400 Igor Stoppa <igor.sto...@gmail.com> wrote:
This patchset was created as part of an older version of pmalloc, however
it has value per-se, as it hardens the memory management for the generic
allocator ge
/Igor-security/linux/tree/preparations-for-mm
Igor Stoppa (2):
struct page: add field for vm_struct
vmalloc: rename llist field in vmap_area
include/linux/mm_types.h | 1 +
include/linux/vmalloc.h | 2 +-
mm/vmalloc.c | 8 +---
3 files changed, 7 insertions(+), 4 deletions
tilization outside of the purging phase.
Since the purging happens after the vmap_area is dismissed, its use is
mutually exclusive with any use performed while the area is allocated.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/vmalloc.h | 2 +-
mm/vmalloc.c
arent area.
This will avoid more expensive searches, later on.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
Reviewed-by: Jay Freyensee <why2jjj.li...@gmail.com>
Reviewed-by: Matthew Wilcox <mawil...@microsoft.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c
oops, sorry, I forgot the references :-(
On 29/04/18 20:39, Igor Stoppa wrote:
On 29/04/18 07:09, Matthew Wilcox wrote:
On Sun, Apr 29, 2018 at 06:45:39AM +0400, Igor Stoppa wrote:
This patchset was created as part of an older version of pmalloc,
however
it has value per-se, as it hardens
On 29/04/18 07:09, Matthew Wilcox wrote:
On Sun, Apr 29, 2018 at 06:45:39AM +0400, Igor Stoppa wrote:
This patchset was created as part of an older version of pmalloc, however
it has value per-se, as it hardens the memory management for the generic
allocator genalloc.
Genalloc does
On 29/04/18 07:36, Randy Dunlap wrote:
On 04/28/2018 07:45 PM, Igor Stoppa wrote:
[...]
+ test_genalloc();
Is there a stub for test_genalloc() when its config option is not enabled?
I don't see it.
I failed to add to the patch include/linux/test_genalloc.h :-/
That's where the stub
On 04/05/18 01:55, Dave Hansen wrote:
On 05/03/2018 02:52 PM, Igor Stoppa wrote:
At the end of the summit, we agreed that I would go through the physmap.
Do you mean the kernel linear map?
Apparently I did mean it. It was confusing, because I couldn't find a
single place stating
On 24/04/18 15:50, Matthew Wilcox wrote:
On Mon, Apr 23, 2018 at 04:54:56PM +0400, Igor Stoppa wrote:
While the vanilla version of pmalloc provides support for permanently
transitioning between writable and read-only of a memory pool, this
patch seeks to support a separate class of data
Add SPDX license to genalloc.rst, then a label, to allow cross-referencing.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/genalloc.rst | 4
1 file changed, 4 insertions(+)
diff --git a/Documentation/core-api/genalloc.rst
b/Documentation/co
that the patch works correctly.
Eventually, the extra parameter (and the corresponding verification)
could be dropped, in favor of a simplified API.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 112 +++
lib/genalloc.c
it as module.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile| 1 +
lib/test_genalloc.c | 410
4 files changed, 428 insertions(+)
create mode 1006
the callers of the free function with the internal tracking.
Later on, the "size" parameter can be dropped, and each caller can be
adjusted accordingly.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
Igor Stoppa (3):
genalloc: track beginning of allocations
Add l
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/pmalloc.txt | 104 +
1 file changed, 104 insertions(+)
create mode 100644 Documentation/core-api/pmalloc.txt
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig| 7 ++
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 65 +++
mm/pmalloc-selftest.
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 215
include/linux/vmalloc.h | 1
On 26/01/18 07:35, Matthew Wilcox wrote:
> On Wed, Jan 24, 2018 at 08:10:53PM +0100, Jann Horn wrote:
>> I'm not entirely convinced by the approach of marking small parts of
>> kernel memory as readonly for hardening.
>
> It depends how significant the data stored in there are. For example,
>
On 25/01/18 17:38, Jerome Glisse wrote:
> On Thu, Jan 25, 2018 at 10:14:28AM -0500, Boris Lukashev wrote:
>> On Thu, Jan 25, 2018 at 6:59 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
>
> [...]
>
>> DMA/physmap access coupled with a knowledge of which virtual m
On 24/01/18 19:56, Igor Stoppa wrote:
[...]
> +bool pmalloc_prealloc(struct gen_pool *pool, size_t size)
> +{
[...]
> +abort:
> + vfree(chunk);
this should be vfree_atomic()
[...]
> +void *pmalloc(struct gen_pool *pool, size_t size, gfp_t gfp)
> +{
[...]
> +free
On 24/01/18 21:14, Ralph Campbell wrote:
> 2 Minor typos inline below:
thanks for proof-reading, will fix accordingly.
--
igor
Hi,
thanks for the review. My reply below.
On 24/01/18 21:10, Jann Horn wrote:
> I'm not entirely convinced by the approach of marking small parts of
> kernel memory as readonly for hardening.
Because of the physmap you mention later?
Regarding small parts vs big parts (what is big enough?) I
iew.
Igor Stoppa (6):
genalloc: track beginning of allocations
genalloc: selftest
struct page: add field for vm_struct
Protectable Memory
Documentation for Pmalloc
Pmalloc: self-test
Documentation/core-api/pmalloc.txt | 104
include/linux/genalloc-selftest.h | 30 +++
incl
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 14 ++
lib/Makefile | 1
missed someone, please include them to the recipients.
Igor Stoppa (2):
genalloc: track beginning of allocations
genalloc: selftest
include/linux/genalloc-selftest.h | 30 +++
include/linux/genalloc.h | 3 +-
init/main.c | 2 +
lib/Kconfig
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 216
include/linux/vmalloc.h | 1
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/pmalloc.txt | 104 +
1 file changed, 104 insertions(+)
create mode 100644 Documentation/core-api/pmalloc.txt
.
An example is provided, in the form of self-testing.
Changes since the v11 version:
[http://www.openwall.com/lists/kernel-hardening/2018/01/24/4]
- restricted access to sysfs entries created (444 -> 400)
- more explicit reference to documentation
- couple of typos
Igor Stoppa (6):
genal
On 26/01/18 18:36, Boris Lukashev wrote:
> I like the idea of making the verification call optional for consumers
> allowing for fast/slow+hard paths depending on their needs.
> Cant see any additional vectors for abuse (other than the original
> ones effecting out-of-band modification) introduced
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
lib/genalloc.c| 2 +-
mm/Kconfig| 7 ++
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 65 +++
mm/p
On 01/02/18 02:00, Christopher Lameter wrote:
> On Tue, 30 Jan 2018, Igor Stoppa wrote:
>
>> @@ -1769,6 +1774,9 @@ void *__vmalloc_node_range(unsigned long size,
>> unsigned long align,
>>
>> kmemleak_vmalloc(area, size, gfp_mask);
>>
>> +
On 02/02/18 17:40, Rob Herring wrote:
> Add SPDX license tag check based on the rules defined in
Shouldn't it also check that the license is compatible?
[...]
> + } elsif ($realfile =~ /\.rst$/) {
> + $comment = '..';
What is the
On 01/02/18 23:11, Kees Cook wrote:
> IIUC, he means PageHead(), which is also hard to grep for, since it is
> a constructed name, via Page##uname in include/linux/page-flags.h:
>
> __PAGEFLAG(Head, head, PF_ANY) CLEARPAGEFLAG(Head, head, PF_ANY)
Thank you, I'll try to provide a meaningful
Thanks for the review and apologies for the delay.
Replies inlined below.
On 30/01/18 19:08, Jonathan Corbet wrote:
> On Tue, 30 Jan 2018 17:14:45 +0200
> Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
> Please don't put plain-text files into core-api - that's a directory fu
On 02/02/18 20:43, Christopher Lameter wrote:
> On Thu, 1 Feb 2018, Igor Stoppa wrote:
>
>>> Would it not be better to use compound page allocations here?
[...]
> Ok its compound_head(). See also the use in the SLAB and SLUB allocator.
>
>> During hardened user co
On 02/02/18 21:06, Joe Perches wrote:
> On Fri, 2018-02-02 at 12:27 -0600, Rob Herring wrote:
>> On Fri, Feb 2, 2018 at 9:49 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
>>> On 02/02/18 17:40, Rob Herring wrote:
>>>> Add SPDX license tag check based on th
On 04/02/18 00:29, Boris Lukashev wrote:
> On Sat, Feb 3, 2018 at 3:32 PM, Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
>> What you are suggesting, if I have understood it correctly, is that,
>> when the pool is protected, the addresses already given out, will bec
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig| 9
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 61 +++
mm/pmalloc-selftest.
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/index.rst | 1 +
Documentation/core-api/pmalloc.rst | 114 +
2 files changed, 115 insertions(+)
creat
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 213
include/linux/vmalloc.h | 1
.
An example is provided, in the form of self-testing.
Changes since v13:
[http://www.openwall.com/lists/kernel-hardening/2018/02/03/3]
- fixed warnings from "make htmldocs"
- added documentation to core-api index
Igor Stoppa (6):
genalloc: track beginning of allocations
genalloc
+Boris Lukashev
On 02/02/18 20:39, Christopher Lameter wrote:
> On Thu, 25 Jan 2018, Matthew Wilcox wrote:
>
>> It's worth having a discussion about whether we want the pmalloc API
>> or whether we want a slab-based API. We can have a separate discussion
>> about an API to remove pages from the
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 211 +++
include/linux/vmalloc.h | 1
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 30 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
being patched has a 1:1 mapping between allocation units and bits.
This means that, now, the bitmap can be extended (by following powers of
2), to track also other properties of the allocations, if ever needed.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genall
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
>> On Thu, 25 Jan 2018, Matthew Wilcox wrote:
>>> It's worth having a discussion about whether we want the pmalloc API
>>> or whether we want a slab-based API.
I'd love to have some feedback specifically about the API.
I have also some idea about userspace and how to extend the pmalloc
concept
On 03/02/18 22:12, Boris Lukashev wrote:
> Regarding the notion of validated protected memory, is there a method
> by which the resulting checksum could be used in a lookup
> table/function to resolve the location of the protected data?
What I have in mind is a checksum at page/vmap_area
.
An example is provided, in the form of self-testing.
Changes since v12
[https://lkml.org/lkml/2018/1/30/397]
- fixed Kconfig dependency for pmalloc-test
- fixed warning for size_t treated as %ul on i386
- moved to SPDX license reference
- rewrote pmalloc docs
Igor Stoppa (6):
genalloc: track
On 11/02/18 14:24, Mike Rapoport wrote:
> On Sun, Feb 11, 2018 at 05:19:15AM +0200, Igor Stoppa wrote:
[...]
>> +/**
>> + * mem_to_units - convert references to memory into orders of allocation
>
> Documentation/doc-guide/kernel-doc.rst recommends to to include brackets
&g
On 11/02/18 14:37, Mike Rapoport wrote:
> On Sun, Feb 11, 2018 at 05:19:18AM +0200, Igor Stoppa wrote:
>> + * Return: 0 if the object does not belong to pmalloc, 1 if it belongs to
>> + * pmalloc, -1 if it partially overlaps pmalloc meory, but incore
On 11/02/18 23:17, Matthew Wilcox wrote:
> On Sun, Feb 11, 2018 at 05:19:20AM +0200, Igor Stoppa wrote:
>> @@ -0,0 +1,114 @@
>> +SPDX-License-Identifier: CC-BY-SA-4.0
>
> You need the '.. ' before the 'SPDX'. See
> Documentation/process/license-rules.rst
yes, sorry, I
On 04/02/18 23:37, Randy Dunlap wrote:
[...]
>> +reason, could neither be declared as constant, nor it could take advantage
>
> nor could it
ok
[...]
>> +Ex: A policy that is loaded from userspace.
>
> Either
>Example:
> or
>E.g.:
>
On 12/02/18 17:31, Mike Rapoport wrote:
[...]
> Seems that kernel-doc does not consider () as a valid match for the
> identifier :)
>
> Can you please check with the below patch?
yes, it works now, than you!
--
igor
On 12/02/18 14:53, Mike Rapoport wrote:
> 'scripts/kernel-doc -v -none
That has a quite interesting behavior.
I run it on genalloc.c while I am in the process of adding the brackets
to the function names in the kernel-doc description.
The brackets confuse the script and it fails to output
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig| 9
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 64 +++
mm/pmalloc-selftest.
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/index.rst | 1 +
Documentation/core-api/pmalloc.rst | 114 +
2 files changed, 115 insertions(+)
creat
for a sufficiently long
sequence of zeros, to identify zones available for allocation.
This patch doubles the space reserved in the bitmap for each allocation,
to track their beginning.
For details, see the documentation inside lib/genalloc.c
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
i
to lists
- Fixed SPDX license statements
Igor Stoppa (6):
genalloc: track beginning of allocations
genalloc: selftest
struct page: add field for vm_struct
Protectable Memory
Pmalloc: self-test
Documentation for Pmalloc
Documentation/core-api/index.rst | 1 +
Documentat
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 242 +++
include/linux/vmalloc.h | 1
On 11/02/18 23:16, Matthew Wilcox wrote:
> On Sun, Feb 11, 2018 at 05:19:17AM +0200, Igor Stoppa wrote:
>> The struct page has a "mapping" field, which can be re-used, to store a
>> pointer to the parent area. This will avoid more expensive searches.
>>
>>
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 26 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
On 05/02/18 00:34, Randy Dunlap wrote:
> On 02/04/2018 08:47 AM, Igor Stoppa wrote:
[...]
> It would be good for a lot of this to be in a source file or the
> pmalloc.rst documentation file instead of living only in the git repository.
This is actually about genalloc. The
ry include that was causing compilation failures
- changed license of pmalloc documentation from GPL 2.0 to CC-BY-SA-4.0
Igor Stoppa (6):
genalloc: track beginning of allocations
genalloc: selftest
struct page: add field for vm_struct
Protectable Memory
Pmalloc: self-test
Documentation f
for a sufficiently long
sequence of zeros, to identify zones available for allocation.
This patch doubles the space reserved in the bitmap for each allocation,
to track their beginning.
For details, see the documentation inside lib/genalloc.c
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
i
as needed, for example to support the
protection of data that is initialized in sufficiently distinct phases.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc.h | 3 +
include/linux/pmalloc.h | 222 +
include/linux/vmalloc.h | 1
Detailed documentation about the protectable memory allocator.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
Documentation/core-api/index.rst | 1 +
Documentation/core-api/pmalloc.rst | 114 +
2 files changed, 115 insertions(+)
creat
Add basic self-test functionality for pmalloc.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
mm/Kconfig| 9
mm/Makefile | 1 +
mm/pmalloc-selftest.c | 63 +++
mm/pmalloc-selftest.
.
The execution of the self testing is controlled through a Kconfig option.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/genalloc-selftest.h | 26 +++
init/main.c | 2 +
lib/Kconfig | 15 ++
lib/Makefile | 1
arent area. This will avoid more expensive searches.
As example, the function find_vm_area is reimplemented, to take advantage
of the newly introduced field.
Signed-off-by: Igor Stoppa <igor.sto...@huawei.com>
---
include/linux/mm_types.h | 1 +
mm/vmalloc.c | 18 +-
On 05/02/18 00:06, Randy Dunlap wrote:
> On 02/04/2018 08:47 AM, Igor Stoppa wrote:
[...]
>> + * pmalloc_create_pool - create a new protectable memory pool -
>
> Drop trailing " -".
yes
>> + * @name: the name of the pool, must be unique
>
> Is that
On 07/02/18 22:25, kbuild test robot wrote:
[...]
>>> lib/genalloc-selftest.c:17:10: fatal error: asm/set_memory.h: No such file
>>> or directory
> #include
This header is unnecessary and will be removed.
--
igor
On 05/02/18 00:19, Randy Dunlap wrote:
> On 02/04/2018 08:47 AM, Igor Stoppa wrote:
[...]
> Please use kernel multi-line comment style.
ok for all of them
[...]
>> +BUG_ON(!locations[action->location]);
>> +print_first_chunk_bitmap(pool);
>> +BUG_ON(c
if your patch is applied to the wrong git tree, please drop us a note to
> help improve the system]
>
> url:
> https://github.com/0day-ci/linux/commits/Igor-Stoppa/mm-security-ro-protection-for-dynamic-data/20180207-171252
> base: https://git.kernel.org/pub/scm/linux/kernel/git/kee
On 05/02/18 17:40, Christopher Lameter wrote:
> On Sat, 3 Feb 2018, Igor Stoppa wrote:
>
>>> We could even do this in a more thorough way. Can we use a ring 1 / 2
>>> distinction to create a hardened OS core that policies the rest of
>>> the ever expa
On 05/02/18 17:33, Christopher Lameter wrote:
> On Sat, 3 Feb 2018, Igor Stoppa wrote:
>
>> - the property of the compound page will affect the property of all the
>> pages in the compound, so when one is write protected, it can generate a
>> lot of wasted memory, if
On 05/02/18 05:45, Matthew Wilcox wrote:
> On Sun, Feb 04, 2018 at 02:34:08PM -0800, Randy Dunlap wrote:
>>> +/**
>>> + * cleart_bits_ll - according to the mask, clears the bits specified by
>>
>> clear_bits_ll
>
> 'make W=1' should catch this ... yes?
>
> (hint: building with 'make C=1
On 05/02/18 02:14, Randy Dunlap wrote:
> On 02/04/2018 03:03 PM, Matthew Wilcox wrote:
>> On Sun, Feb 04, 2018 at 02:19:22PM -0800, Randy Dunlap wrote:
+#ifndef __GENALLOC_SELFTEST_H__
+#define __GENALLOC_SELFTEST_H__
>>>
>>> Please use _LINUX_GENALLOC_SELFTEST_H_
>>
>>
On 06/02/18 14:37, Matthew Wilcox wrote:
[...]
> LOCAL variable names should be short, and to the point.
[...]
> (Documentation/process/coding-style.rst)
ok, will do, thanks for the pointer!
--
igor
On 21/02/18 03:36, Dave Chinner wrote:
> On Tue, Feb 20, 2018 at 03:56:00PM -0800, Matthew Wilcox wrote:
>> On Wed, Feb 21, 2018 at 08:36:04AM +1100, Dave Chinner wrote:
>>> FWIW, I'm not wanting to use it to replace static variables. All the
>>> structures are dynamically allocated right now, and
On 22/02/18 00:24, Kees Cook wrote:
> On Tue, Feb 20, 2018 at 8:40 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
>> sorry for being dense ... are you proposing that I do something to
>> lkdtm_rodata.c ? An example would probably help me understand.
>
On 21/02/18 23:36, Dave Chinner wrote:
> On Wed, Feb 21, 2018 at 11:56:22AM +0200, Igor Stoppa wrote:
[...]
> It seems lots of people get confused when discussing concepts vs
> implementation... :)
IMHO, if possible, it's better to use unambiguous terms at every point.
__ro_a
On 22/02/18 00:28, Kees Cook wrote:
> On Tue, Feb 20, 2018 at 8:59 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
>>
>>
>> On 13/02/18 01:50, Kees Cook wrote:
>>> On Mon, Feb 12, 2018 at 8:52 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
[...]
&
On 13/02/18 01:52, Kees Cook wrote:
> On Mon, Feb 12, 2018 at 8:52 AM, Igor Stoppa <igor.sto...@huawei.com> wrote:
>> @@ -738,14 +1031,16 @@ EXPORT_SYMBOL(devm_gen_pool_create);
>>
>> #ifdef CONFIG_OF
>> /**
>> - * of_gen_pool_get - find a pool by phandle p
On 14/02/18 21:29, Kees Cook wrote:
> On Wed, Feb 14, 2018 at 11:06 AM, Laura Abbott wrote:
[...]
>> Kernel code should be fine, if it isn't that is a bug that should be
>> fixed. Modules yes are not fully protected. The conclusion from past
>
> I think that's a pretty
101 - 200 of 850 matches
Mail list logo