Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Sat, 3 Dec 2016 10:10:57 +0100
From: Greg KH <gregkh@...uxfoundation.org>
To: Kees Cook <keescook@...omium.org>
Cc: Michael Ellerman <mpe@...erman.id.au>,
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>,
	LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2] lkdtm: Add tests for LIST_POISON and ZERO_SIZE_PTR

On Fri, Dec 02, 2016 at 01:32:24PM -0800, Kees Cook wrote:
> On Thu, Dec 1, 2016 at 8:22 PM, Michael Ellerman <mpe@...erman.id.au> wrote:
> > This adds two tests, to check that a read or write to LIST_POISON1 and
> > ZERO_SIZE_PTR are blocked.
> >
> > The default values for both (256 and 16) typically fall in the range
> > of valid user space addresses. However in general mmap_min_addr is 64K,
> > which prevents user space from mapping anything at those addresses.
> >
> > However it's feasible that an attacker will be able to find a way to
> > cause an access at an offset from either value, and if that offset is
> > greater than 64K then they can access user space again.
> >
> > To simulate that case, in the test we create a user mapping at
> > approximately mmap_min_addr, and offset the pointer by that amount. This
> > gives the test the greatest chance of failing (ie. an access
> > succeeding). We don't actually use mmap_min_addr, because that would
> > require exporting it to modules, instead we use the default value at
> > compile time as a reasonable approximation.
> >
> > Signed-off-by: Michael Ellerman <mpe@...erman.id.au>
> 
> Thanks for this! I like it. :)
> 
> Acked-by: Kees Cook <keescook@...omium.org>
> 
> Greg, can you take this into your tree?

Sure, will do so on Monday.

thanks,

greg k-h

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.