Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy

> I'd like it to dump stack and be fatal to the process involved, but > yeah, I guess BUG() would work. Creating an infrastructure for > handling security-related Oopses can be done separately from this > (and > I'd like to see that added, since it's a nice bit of configurable > reactivity to

Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy

> This could be a BUG, but I'd rather not panic the entire kernel. It seems unlikely that it will panic without panic_on_oops and that's an explicit opt-in to taking down the system on kernel logic errors exactly like this. In grsecurity, it calls the kernel exploit handling logic (panic if root,

Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy

On Fri, Jul 15, 2016 at 12:19 PM, Daniel Micay wrote: >> I'd like it to dump stack and be fatal to the process involved, but >> yeah, I guess BUG() would work. Creating an infrastructure for >> handling security-related Oopses can be done separately from this >> (and >> I'd

Re: [kernel-hardening] Re: [PATCH v2 02/11] mm: Hardened usercopy

On Fri, Jul 15, 2016 at 12:00 PM, Daniel Micay wrote: >> This could be a BUG, but I'd rather not panic the entire kernel. > > It seems unlikely that it will panic without panic_on_oops and that's > an explicit opt-in to taking down the system on kernel logic errors >

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Thu, Jul 14, 2016 at 09:53:31PM -0700, Kees Cook wrote: > On Thu, Jul 14, 2016 at 9:05 PM, Kees Cook wrote: > > On Thu, Jul 14, 2016 at 6:41 PM, Balbir Singh wrote: > >> On Thu, Jul 14, 2016 at 09:04:18PM -0400, Rik van Riel wrote: > >>> On Fri,

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Thu, Jul 14, 2016 at 9:05 PM, Kees Cook wrote: > On Thu, Jul 14, 2016 at 6:41 PM, Balbir Singh wrote: >> On Thu, Jul 14, 2016 at 09:04:18PM -0400, Rik van Riel wrote: >>> On Fri, 2016-07-15 at 09:20 +1000, Balbir Singh wrote: >>> >>> > > == >>> >

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Thu, Jul 14, 2016 at 4:20 PM, Balbir Singh wrote: > On Wed, Jul 13, 2016 at 02:55:55PM -0700, Kees Cook wrote: >> [...] >> +++ b/mm/usercopy.c >> @@ -0,0 +1,219 @@ >> [...] >> +/* >> + * Checks if a given pointer and length is contained by the current >> + * stack frame

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Thu, Jul 14, 2016 at 6:41 PM, Balbir Singh wrote: > On Thu, Jul 14, 2016 at 09:04:18PM -0400, Rik van Riel wrote: >> On Fri, 2016-07-15 at 09:20 +1000, Balbir Singh wrote: >> >> > > == >> > > +((unsigned long)end & (unsigned >> > > long)PAGE_MASK))) >> > > +

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Thu, Jul 14, 2016 at 09:04:18PM -0400, Rik van Riel wrote: > On Fri, 2016-07-15 at 09:20 +1000, Balbir Singh wrote: > > > > == > > > +    ((unsigned long)end & (unsigned > > > long)PAGE_MASK))) > > > + return NULL; > > > + > > > + /* Allow if start and end are inside the same

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Fri, 2016-07-15 at 09:20 +1000, Balbir Singh wrote: > > == > > +    ((unsigned long)end & (unsigned > > long)PAGE_MASK))) > > + return NULL; > > + > > + /* Allow if start and end are inside the same compound > > page. */ > > + endpage = virt_to_head_page(end); > > +

Re: [PATCH v2 02/11] mm: Hardened usercopy

On Wed, Jul 13, 2016 at 02:55:55PM -0700, Kees Cook wrote: > This is the start of porting PAX_USERCOPY into the mainline kernel. This > is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The > work is based on code by PaX Team and Brad Spengler, and an earlier port > from Casey

[PATCH v2 02/11] mm: Hardened usercopy

This is the start of porting PAX_USERCOPY into the mainline kernel. This is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The work is based on code by PaX Team and Brad Spengler, and an earlier port from Casey Schaufler. Additional non-slab page tests are from Rik van Riel.