Re: [PATCH v3 02/11] mm: Hardened usercopy

On Mon, Jul 25, 2016 at 7:03 PM, Michael Ellerman wrote: > Josh Poimboeuf writes: > >> On Thu, Jul 21, 2016 at 11:34:25AM -0700, Kees Cook wrote: >>> On Wed, Jul 20, 2016 at 11:52 PM, Michael Ellerman >>> wrote: >>> > Kees Cook

RE: [PATCH v3 02/11] mm: Hardened usercopy

David Laight writes: > From: Josh Poimboeuf >> Sent: 22 July 2016 18:46 >> > >> > e.g. then if the pointer was in the thread_info, the second test would >> > fail, triggering the protection. >> >> FWIW, this won't work right on x86 after Andy's >>

Re: [PATCH v3 02/11] mm: Hardened usercopy

Josh Poimboeuf writes: > On Thu, Jul 21, 2016 at 11:34:25AM -0700, Kees Cook wrote: >> On Wed, Jul 20, 2016 at 11:52 PM, Michael Ellerman >> wrote: >> > Kees Cook writes: >> > >> >> diff --git a/mm/usercopy.c b/mm/usercopy.c >>

RE: [PATCH v3 02/11] mm: Hardened usercopy

From: Josh Poimboeuf > Sent: 22 July 2016 18:46 .. > > >> +/* > > >> + * Checks if a given pointer and length is contained by the current > > >> + * stack frame (if possible). > > >> + * > > >> + * 0: not at all on the stack > > >> + * 1: fully within a valid stack frame > > >> + * 2: fully

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Thu, Jul 21, 2016 at 11:34:25AM -0700, Kees Cook wrote: > On Wed, Jul 20, 2016 at 11:52 PM, Michael Ellerman > wrote: > > Kees Cook writes: > > > >> diff --git a/mm/usercopy.c b/mm/usercopy.c > >> new file mode 100644 > >> index

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Wed, Jul 20, 2016 at 11:52 PM, Michael Ellerman wrote: > Kees Cook writes: > >> diff --git a/mm/usercopy.c b/mm/usercopy.c >> new file mode 100644 >> index ..e4bf4e7ccdf6 >> --- /dev/null >> +++ b/mm/usercopy.c >> @@ -0,0 +1,234 @@ > ...

Re: [PATCH v3 02/11] mm: Hardened usercopy

Kees Cook writes: > diff --git a/mm/usercopy.c b/mm/usercopy.c > new file mode 100644 > index ..e4bf4e7ccdf6 > --- /dev/null > +++ b/mm/usercopy.c > @@ -0,0 +1,234 @@ ... > + > +/* > + * Checks if a given pointer and length is contained by the current > + *

Re: [PATCH v3 02/11] mm: Hardened usercopy

On 07/20/2016 03:24 AM, Balbir Singh wrote: On Tue, 2016-07-19 at 11:48 -0700, Kees Cook wrote: On Mon, Jul 18, 2016 at 6:06 PM, Laura Abbott wrote: On 07/15/2016 02:44 PM, Kees Cook wrote: This doesn't work when copying CMA allocated memory since CMA purposely allocates

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Tue, 2016-07-19 at 11:48 -0700, Kees Cook wrote: > On Mon, Jul 18, 2016 at 6:06 PM, Laura Abbott wrote: > >  > > On 07/15/2016 02:44 PM, Kees Cook wrote: > >  > > This doesn't work when copying CMA allocated memory since CMA purposely > > allocates larger than a page block

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Tue, Jul 19, 2016 at 12:12 PM, Kees Cook wrote: > On Mon, Jul 18, 2016 at 6:52 PM, Laura Abbott wrote: >> On 07/15/2016 02:44 PM, Kees Cook wrote: >>> +static inline const char *check_heap_object(const void *ptr, unsigned >>> long n, >>> +

Re: [PATCH v3 02/11] mm: Hardened usercopy

On 07/19/2016 10:34 PM, Kees Cook wrote: [...] >> >> So what about for the CONFIG text: >> >>An architecture should select this if the kernel mapping has a >> secondary >>linear mapping of the kernel text - in other words more than one >> virtual >>kernel address that

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Tue, Jul 19, 2016 at 1:14 PM, Christian Borntraeger wrote: > On 07/19/2016 09:31 PM, Kees Cook wrote: >> On Tue, Jul 19, 2016 at 2:21 AM, Christian Borntraeger >> wrote: >>> On 07/15/2016 11:44 PM, Kees Cook wrote: +config

Re: [PATCH v3 02/11] mm: Hardened usercopy

On 07/19/2016 09:31 PM, Kees Cook wrote: > On Tue, Jul 19, 2016 at 2:21 AM, Christian Borntraeger > wrote: >> On 07/15/2016 11:44 PM, Kees Cook wrote: >>> +config HAVE_ARCH_LINEAR_KERNEL_MAPPING >>> + bool >>> + help >>> + An architecture should select this

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Tue, Jul 19, 2016 at 2:21 AM, Christian Borntraeger wrote: > On 07/15/2016 11:44 PM, Kees Cook wrote: >> +config HAVE_ARCH_LINEAR_KERNEL_MAPPING >> + bool >> + help >> + An architecture should select this if it has a secondary linear >> + mapping of

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Mon, Jul 18, 2016 at 6:52 PM, Laura Abbott wrote: > On 07/15/2016 02:44 PM, Kees Cook wrote: >> >> This is the start of porting PAX_USERCOPY into the mainline kernel. This >> is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The >> work is based on code

Re: [PATCH v3 02/11] mm: Hardened usercopy

On Mon, Jul 18, 2016 at 6:06 PM, Laura Abbott wrote: > On 07/15/2016 02:44 PM, Kees Cook wrote: >> >> This is the start of porting PAX_USERCOPY into the mainline kernel. This >> is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The >> work is based on code

Re: [PATCH v3 02/11] mm: Hardened usercopy

On 07/15/2016 11:44 PM, Kees Cook wrote: > +config HAVE_ARCH_LINEAR_KERNEL_MAPPING > + bool > + help > + An architecture should select this if it has a secondary linear > + mapping of the kernel text. This is used to verify that kernel > + text exposures are not visible

Re: [PATCH v3 02/11] mm: Hardened usercopy

On 07/15/2016 02:44 PM, Kees Cook wrote: This is the start of porting PAX_USERCOPY into the mainline kernel. This is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The work is based on code by PaX Team and Brad Spengler, and an earlier port from Casey Schaufler. Additional

Re: [PATCH v3 02/11] mm: Hardened usercopy

On 07/15/2016 02:44 PM, Kees Cook wrote: This is the start of porting PAX_USERCOPY into the mainline kernel. This is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The work is based on code by PaX Team and Brad Spengler, and an earlier port from Casey Schaufler. Additional

[PATCH v3 02/11] mm: Hardened usercopy

This is the start of porting PAX_USERCOPY into the mainline kernel. This is the first set of features, controlled by CONFIG_HARDENED_USERCOPY. The work is based on code by PaX Team and Brad Spengler, and an earlier port from Casey Schaufler. Additional non-slab page tests are from Rik van Riel.