Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 21 Feb 2017 12:32:16 -0800
From: Kees Cook <keescook@...omium.org>
To: Stephen Hemminger <stephen@...workplumber.org>
Cc: Eddie Kovsky <ewk@...ovsky.org>, Jessica Yu <jeyu@...hat.com>, 
	Rusty Russell <rusty@...tcorp.com.au>, KY Srinivasan <kys@...rosoft.com>, 
	Haiyang Zhang <haiyangz@...rosoft.com>, Stephen Hemminger <sthemmin@...rosoft.com>, 
	LKML <linux-kernel@...r.kernel.org>, 
	"kernel-hardening@...ts.openwall.com" <kernel-hardening@...ts.openwall.com>
Subject: Re: [PATCH v2 1/3] module: verify address is read-only

On Mon, Feb 20, 2017 at 9:14 AM, Stephen Hemminger
<stephen@...workplumber.org> wrote:
> On Fri, 17 Feb 2017 21:58:42 -0800
> "Eddie Kovsky" <ewk@...ovsky.org> wrote:
>
>> Implement a mechanism to check if a module's address is in
>> the rodata or ro_after_init sections. It mimics the exsiting functions
>> that test if an address is inside a module's text section.
>>
>> Signed-off-by: Eddie Kovsky <ewk@...ovsky.org>
>
> I don't see the point of this for many of the hyper-v functions.
> They are only called from a small number of places, and this can be validated
> by code inspection. Adding this seems just seems to be code bloat to me.

I think it has value in that it effectively blocks any way for
non-ro_after_init structures from being passed into these functions.
Since there are so few callers now, it's the perfect place to add
this.

-Kees

-- 
Kees Cook
Pixel Security

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.