Date: Tue, 2 Feb 2016 06:33:27 -0500 From: David Windsor <dave@...gbits.org> To: Kees Cook <keescook@...omium.org>, kernel-hardening@...ts.openwall.com Subject: Re: [RFC PATCH v2 00/12] Add PAX_REFCOUNT overflow protection FYI, I now have time to work on this again. Currently, I'm rebasing v2 atop linux-next. I've already incorporated the following changes suggested during the on-list review of v2: * s/PAX_REFCOUNT/STRICT_REFCOUNT * Reordering the patchset in a more sane manner (per Greg KH) * Creation of the "Kernel Hardening" menu in Kconfig * Creation of per-architecture Kconfig option for opting in to STRICT_REFCOUNT * Whitespace fixes v3 is forthcoming and will be posted here as soon as I have the patchset rebased to linux-next. Thanks, David On Wed, Jan 20, 2016 at 8:11 AM, David Windsor <dave@...gbits.org> wrote: > Hi Kees, > > On Tue, Jan 19, 2016 at 2:07 PM, Kees Cook <keescook@...omium.org> wrote: >> Hi David, >> >> On Thu, Dec 17, 2015 at 12:55 PM, Kees Cook <keescook@...omium.org> wrote: >>> On Thu, Dec 17, 2015 at 6:57 AM, David Windsor <dave@...gbits.org> wrote: >>>> NOTE: This is a v2 submission because patch 3/5 in v1 was too large to sent >>>> to kernel-hardening. Taking that as a sign that the patch needed to be split, >>>> I'm sending this version of the patchset, with the patches split more or less >>>> on a per-maintainer basis (except for those in drivers/). >> >> How's the next spin coming? It looks like we have some new real-world >> examples of exploits that would have been blocked by this protection: >> >> http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/ >> >> :) >> > > I'm currently working on v3 of this patchset: porting the patches to > linux-next and incorporating suggested changes to v2. I'm fairly well > along, but need just a bit more time I'm a bit busy at the moment, so > I expect realistically to have time to finish this at the beginning of > February. > > Thanks, > David > >> -Kees >> >> -- >> Kees Cook >> Chrome OS & Brillo Security
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.