From: Heiko Carstens <heiko.carstens@de.ibm.com>
To: Paul Moore <paul@paul-moore.com>
Cc: Stephen Rothwell <sfr@canb.auug.org.au>,
James Morris <jmorris@namei.org>,
linux-next@vger.kernel.org, linux-kernel@vger.kernel.org,
Kees Cook <keescook@chromium.org>,
Martin Schwidefsky <schwidefsky@de.ibm.com>
Subject: Re: linux-next: manual merge of the audit tree with the security tree
Date: Sat, 25 Jun 2016 09:28:42 +0200 [thread overview]
Message-ID: <20160625072842.GA3303@osiris> (raw)
In-Reply-To: <CAHC9VhSKEEyfP7Gc_bsWbwn-TmjBFi3ATLCcx8VjYDSuBTVj5g@mail.gmail.com>
On Fri, Jun 24, 2016 at 12:20:52PM -0400, Paul Moore wrote:
> > I'm a bit concerned about user space pointers passed as argument for compat
> > tasks. These need to mask out 33 instead of 32 bits. This is of course
> > system call specific and I don't know enough about audit to tell if it
> > could be a problem.
>
> From a practical point of view I'm not sure how much of an impact that
> will have as it is unlikely anyone will be doing anything useful with
> those pointer values; for example, you aren't going to be inspecting a
> process' memory space using just the audit log. Also, at the very
> least we aren't removing any information, just adding in an extra bit
> of potential junk. Anyone who does care about user space pointers in
> the audit log, should have all the information the need to drop the
> high bit.
>
> Does that sound reasonable?
Yes, it does. If there should be problems because of the one extra bit that
potentially contains garbage we still can look for a way to fix this.
Thanks!
next prev parent reply other threads:[~2016-06-25 7:28 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-06-23 4:18 linux-next: manual merge of the audit tree with the security tree Stephen Rothwell
2016-06-23 6:01 ` Heiko Carstens
2016-06-23 16:14 ` Paul Moore
2016-06-24 5:41 ` Heiko Carstens
2016-06-24 15:05 ` Paul Moore
2016-06-24 15:20 ` Heiko Carstens
2016-06-24 16:20 ` Paul Moore
2016-06-25 7:28 ` Heiko Carstens [this message]
-- strict thread matches above, loose matches on Subject: below --
2016-06-28 3:24 Stephen Rothwell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160625072842.GA3303@osiris \
--to=heiko.carstens@de.ibm.com \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-next@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=schwidefsky@de.ibm.com \
--cc=sfr@canb.auug.org.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.