Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 9 Jun 2016 10:48:57 -0700
From: Kees Cook <keescook@...omium.org>
To: "Schaufler, Casey" <casey.schaufler@...el.com>
Cc: "kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>, 
	Brad Spengler <spender@...ecurity.net>, PaX Team <pageexec@...email.hu>, 
	Rik van Riel <riel@...hat.com>, Christoph Lameter <cl@...ux.com>, Pekka Enberg <penberg@...nel.org>, 
	David Rientjes <rientjes@...gle.com>, Joonsoo Kim <iamjoonsoo.kim@....com>, 
	Andrew Morton <akpm@...ux-foundation.org>
Subject: Re: [RFC][PATCH v2 0/4] mm: Hardened usercopy

On Thu, Jun 9, 2016 at 8:35 AM, Schaufler, Casey
<casey.schaufler@...el.com> wrote:
>> -----Original Message-----
>> From: Kees Cook [mailto:keescook@...omium.org]
>> Sent: Wednesday, June 08, 2016 2:12 PM
>> To: kernel-hardening@...ts.openwall.com
>> Cc: Kees Cook <keescook@...omium.org>; Brad Spengler
>> <spender@...ecurity.net>; PaX Team <pageexec@...email.hu>; Schaufler,
>> Casey <casey.schaufler@...el.com>; Rik van Riel <riel@...hat.com>; Christoph
>> Lameter <cl@...ux.com>; Pekka Enberg <penberg@...nel.org>; David Rientjes
>> <rientjes@...gle.com>; Joonsoo Kim <iamjoonsoo.kim@....com>; Andrew
>> Morton <akpm@...ux-foundation.org>
>> Subject: [RFC][PATCH v2 0/4] mm: Hardened usercopy
>>
>> Hi,
>>
>> This is v2 of the RFC patches for a mainline port of PAX_USERCOPY. After
>> I started writing tests for Casey's earlier port[1], I kept fixing things
>> further and further until I ended up with a whole new patch series. To
>> that end, I also took Rik's feedback and made a number of other changes
>> and clean-ups, which are noted in the "v2" history at the end.
>
> I love it when a plan comes together.
>
> Thank you for v2. Hopefully v1 was useful as a base.

Yeah, absolutely! It let me focus on a much smaller set of changes,
and the v2 really just ended up falling out of writing the lkdtm
tests. I spent a bunch of time scratching my head over the fact that
on x86 copy_*_user doesn't call down to __copy_*_user (!!), and
instead uses _copy_*_user (one underscore). After figuring that out,
then I was able to trip over all kinds of things with the whitelisting
pieces, so I separated that out, and it just continued from there.

I'd still really love to get a lot more testing, since I suspect my
bare-bones VM is not sufficiently exercising all the code that needs
whitelist tweaks, etc.

-Kees

-- 
Kees Cook
Chrome OS & Brillo Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.