From: Ingo Molnar <mingo@kernel.org>
To: Greg KH <greg@kroah.com>
Cc: "Thomas Garnier" <thgarnie@google.com>,
"Martin Schwidefsky" <schwidefsky@de.ibm.com>,
"Heiko Carstens" <heiko.carstens@de.ibm.com>,
"Dave Hansen" <dave.hansen@intel.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Thomas Gleixner" <tglx@linutronix.de>,
"David Howells" <dhowells@redhat.com>,
"René Nyffenegger" <mail@renenyffenegger.ch>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
"Eric W . Biederman" <ebiederm@xmission.com>,
"Oleg Nesterov" <oleg@redhat.com>,
"Pavel Tikhomirov" <ptikhomirov@virtuozzo.com>,
"Ingo Molnar" <mingo@redhat.com>,
"H . Peter Anvin" <hpa@zytor.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Rik van Riel" <riel@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Josh Poimboeuf" <jpoimboe@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"Brian Gerst" <brgerst@gmail.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
"Christian Borntraeger" <borntraeger@de.ibm.com>,
"Russell King" <linux@armlinux.org.uk>,
"Will Deacon" <will.deacon@arm.com>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Mark Rutland" <mark.rutland@arm.com>,
"James Morse" <james.morse@arm.com>,
linux-s390 <linux-s390@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>,
"Linux API" <linux-api@vger.kernel.org>,
"the arch/x86 maintainers" <x86@kernel.org>,
linux-arm-kernel@lists.infradead.org,
"Kernel Hardening" <kernel-hardening@lists.openwall.com>,
"Linus Torvalds" <torvalds@linux-foundation.org>,
"Peter Zijlstra" <a.p.zijlstra@chello.nl>
Subject: Re: [kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode
Date: Tue, 9 May 2017 08:45:22 +0200 [thread overview]
Message-ID: <20170509064522.anusoikaalvlux3w@gmail.com> (raw)
In-Reply-To: <20170508124621.GA20705@kroah.com>
* Greg KH <greg@kroah.com> wrote:
> What about a simple coccinelle script to test for this type of thing?
> We write it once, add it to the in-kernel body of tests, and then 0-day
> runs it on all trees all the time. That should catch this type of
> issue, like all of the other "bad programming bus" that the tool
> currently catches.
Yeah, that would work - but today most of our coccinelle scripts are still pretty
verbose, and I think it's important to make this a different category of
coccinelle script, which is .config driven where a loud warning yells at us.
I.e. force the 'zero warnings tolerated' model.
I also noticed that Coccinelle builds are pretty slow, so it would still make
sense to have a performance oriented static checking facility that does not have
the performance baggage of high level functional languages.
I.e. either integrate it into Sparse - or start a kernel integrated static
analysis tooling project that would only follow control flow initially - which is
what we need here I believe.
We only have ~115 code blocks in the kernel that set/restore KERNEL_DS, it would
be a pity to add a runtime check to every system call ...
We could also add a runtime check to oops handling to make sure we don't leak
KERNEL_DS through kernel crashes, to ease worries about CVE-2010-4258.
Thanks,
Ingo
WARNING: multiple messages have this Message-ID (diff)
From: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
To: Greg KH <greg-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
Cc: "Thomas Garnier"
<thgarnie-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>,
"Martin Schwidefsky"
<schwidefsky-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
"Heiko Carstens"
<heiko.carstens-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
"Dave Hansen"
<dave.hansen-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>,
"Arnd Bergmann" <arnd-r2nGTMty4D4@public.gmane.org>,
"Thomas Gleixner" <tglx-hfZtesqFncYOwBW4kG4KsQ@public.gmane.org>,
"David Howells"
<dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"René Nyffenegger"
<mail-gLCNRsNSrVdVZEhyV+6z5nIPMjoJpjVV@public.gmane.org>,
"Andrew Morton"
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
"Paul E . McKenney"
<paulmck-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
"Eric W . Biederman"
<ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>,
"Oleg Nesterov" <oleg-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Pavel Tikhomirov"
<ptikhomirov-5HdwGun5lf+gSpxsJD1C4w@public.gmane.org>,
"Ingo Molnar" <mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"H . Peter Anvin" <hpa-YMNOUZJC4hwAvxtiuMwx3w@public.gmane.org>,
"Andy Lutomirski" <luto-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
"Paolo Bonzini"
<pbonzini-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Rik van Riel" <riel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
"Kees Cook" <keescook@chromium.o>
Subject: Re: [kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode
Date: Tue, 9 May 2017 08:45:22 +0200 [thread overview]
Message-ID: <20170509064522.anusoikaalvlux3w@gmail.com> (raw)
In-Reply-To: <20170508124621.GA20705-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
* Greg KH <greg-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org> wrote:
> What about a simple coccinelle script to test for this type of thing?
> We write it once, add it to the in-kernel body of tests, and then 0-day
> runs it on all trees all the time. That should catch this type of
> issue, like all of the other "bad programming bus" that the tool
> currently catches.
Yeah, that would work - but today most of our coccinelle scripts are still pretty
verbose, and I think it's important to make this a different category of
coccinelle script, which is .config driven where a loud warning yells at us.
I.e. force the 'zero warnings tolerated' model.
I also noticed that Coccinelle builds are pretty slow, so it would still make
sense to have a performance oriented static checking facility that does not have
the performance baggage of high level functional languages.
I.e. either integrate it into Sparse - or start a kernel integrated static
analysis tooling project that would only follow control flow initially - which is
what we need here I believe.
We only have ~115 code blocks in the kernel that set/restore KERNEL_DS, it would
be a pity to add a runtime check to every system call ...
We could also add a runtime check to oops handling to make sure we don't leak
KERNEL_DS through kernel crashes, to ease worries about CVE-2010-4258.
Thanks,
Ingo
WARNING: multiple messages have this Message-ID (diff)
From: mingo@kernel.org (Ingo Molnar)
To: linux-arm-kernel@lists.infradead.org
Subject: [kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode
Date: Tue, 9 May 2017 08:45:22 +0200 [thread overview]
Message-ID: <20170509064522.anusoikaalvlux3w@gmail.com> (raw)
In-Reply-To: <20170508124621.GA20705@kroah.com>
* Greg KH <greg@kroah.com> wrote:
> What about a simple coccinelle script to test for this type of thing?
> We write it once, add it to the in-kernel body of tests, and then 0-day
> runs it on all trees all the time. That should catch this type of
> issue, like all of the other "bad programming bus" that the tool
> currently catches.
Yeah, that would work - but today most of our coccinelle scripts are still pretty
verbose, and I think it's important to make this a different category of
coccinelle script, which is .config driven where a loud warning yells at us.
I.e. force the 'zero warnings tolerated' model.
I also noticed that Coccinelle builds are pretty slow, so it would still make
sense to have a performance oriented static checking facility that does not have
the performance baggage of high level functional languages.
I.e. either integrate it into Sparse - or start a kernel integrated static
analysis tooling project that would only follow control flow initially - which is
what we need here I believe.
We only have ~115 code blocks in the kernel that set/restore KERNEL_DS, it would
be a pity to add a runtime check to every system call ...
We could also add a runtime check to oops handling to make sure we don't leak
KERNEL_DS through kernel crashes, to ease worries about CVE-2010-4258.
Thanks,
Ingo
next prev parent reply other threads:[~2017-05-09 6:45 UTC|newest]
Thread overview: 282+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-28 15:32 [kernel-hardening] [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` [kernel-hardening] [PATCH v9 2/4] x86/syscalls: Optimize address limit check Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` [kernel-hardening] [PATCH v9 3/4] arm/syscalls: " Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` [kernel-hardening] [PATCH v9 4/4] arm64/syscalls: " Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-04-28 15:32 ` Thomas Garnier
2017-05-05 22:18 ` [kernel-hardening] Re: [PATCH v9 1/4] syscalls: Verify address limit before returning to user-mode Thomas Garnier
2017-05-05 22:18 ` Thomas Garnier
2017-05-05 22:18 ` Thomas Garnier
2017-05-05 22:18 ` Thomas Garnier
2017-05-08 7:33 ` [kernel-hardening] " Ingo Molnar
2017-05-08 7:33 ` Ingo Molnar
2017-05-08 7:33 ` Ingo Molnar
2017-05-08 7:33 ` Ingo Molnar
2017-05-08 7:52 ` [kernel-hardening] " Ingo Molnar
2017-05-08 7:52 ` Ingo Molnar
2017-05-08 7:52 ` Ingo Molnar
2017-05-08 7:52 ` [kernel-hardening] " Ingo Molnar
2017-05-08 7:52 ` Ingo Molnar
2017-05-08 15:22 ` [kernel-hardening] " Daniel Micay
2017-05-08 15:22 ` Daniel Micay
2017-05-08 15:22 ` Daniel Micay
2017-05-08 15:26 ` Kees Cook
2017-05-08 15:26 ` Kees Cook
2017-05-08 15:26 ` Kees Cook
2017-05-08 19:51 ` Thomas Garnier
2017-05-08 19:51 ` Thomas Garnier
2017-05-08 19:51 ` Thomas Garnier
2017-05-09 6:56 ` Ingo Molnar
2017-05-09 6:56 ` Ingo Molnar
2017-05-09 6:56 ` Ingo Molnar
2017-05-09 11:10 ` Greg KH
2017-05-09 11:10 ` Greg KH
2017-05-09 11:10 ` Greg KH
2017-05-09 14:29 ` Thomas Garnier
2017-05-09 14:29 ` Thomas Garnier
2017-05-09 14:29 ` Thomas Garnier
2017-05-11 23:17 ` Thomas Garnier
2017-05-11 23:17 ` Thomas Garnier
2017-05-11 23:17 ` Thomas Garnier
2017-05-11 23:44 ` Linus Torvalds
2017-05-11 23:44 ` Linus Torvalds
2017-05-11 23:44 ` Linus Torvalds
2017-05-12 5:28 ` Martin Schwidefsky
2017-05-12 5:28 ` Martin Schwidefsky
2017-05-12 5:28 ` Martin Schwidefsky
2017-05-12 5:34 ` Kees Cook
2017-05-12 5:34 ` Kees Cook
2017-05-12 5:34 ` Kees Cook
2017-05-12 5:54 ` Martin Schwidefsky
2017-05-12 5:54 ` Martin Schwidefsky
2017-05-12 5:54 ` Martin Schwidefsky
2017-05-12 19:01 ` Kees Cook
2017-05-12 19:01 ` Kees Cook
2017-05-12 19:01 ` Kees Cook
2017-05-12 19:08 ` Russell King - ARM Linux
2017-05-12 19:08 ` Russell King - ARM Linux
2017-05-12 19:08 ` Russell King - ARM Linux
2017-05-12 19:08 ` Linus Torvalds
2017-05-12 19:08 ` Linus Torvalds
2017-05-12 19:08 ` Linus Torvalds
2017-05-12 19:30 ` Kees Cook
2017-05-12 19:30 ` Kees Cook
2017-05-12 19:30 ` Kees Cook
2017-05-12 20:21 ` Russell King - ARM Linux
2017-05-12 20:21 ` Russell King - ARM Linux
2017-05-12 20:21 ` Russell King - ARM Linux
2017-05-12 20:30 ` Peter Zijlstra
2017-05-12 20:30 ` Peter Zijlstra
2017-05-12 20:30 ` Peter Zijlstra
2017-05-12 20:45 ` Russell King - ARM Linux
2017-05-12 20:45 ` Russell King - ARM Linux
2017-05-12 20:45 ` Russell King - ARM Linux
2017-05-12 21:00 ` Kees Cook
2017-05-12 21:00 ` Kees Cook
2017-05-12 21:00 ` Kees Cook
2017-05-12 21:04 ` Kees Cook
2017-05-12 21:04 ` Kees Cook
2017-05-12 21:04 ` Kees Cook
2017-05-13 7:21 ` Christoph Hellwig
2017-05-13 7:21 ` Christoph Hellwig
2017-05-13 7:21 ` Christoph Hellwig
2017-05-12 21:06 ` Al Viro
2017-05-12 21:06 ` Al Viro
2017-05-12 21:06 ` Al Viro
2017-05-12 21:16 ` [kernel-hardening] " Daniel Micay
2017-05-12 21:16 ` Daniel Micay
2017-05-12 21:16 ` Daniel Micay
2017-05-12 21:17 ` Kees Cook
2017-05-12 21:17 ` Kees Cook
2017-05-12 21:17 ` Kees Cook
2017-05-12 21:23 ` Daniel Micay
2017-05-12 21:23 ` Daniel Micay
2017-05-12 21:23 ` Daniel Micay
2017-05-12 21:41 ` Al Viro
2017-05-12 21:41 ` Al Viro
2017-05-12 21:41 ` Al Viro
2017-05-12 21:47 ` Rik van Riel
2017-05-12 21:47 ` Rik van Riel
2017-05-12 21:47 ` Rik van Riel
2017-05-12 22:57 ` Al Viro
2017-05-12 22:57 ` Al Viro
2017-05-12 22:57 ` Al Viro
2017-05-12 21:50 ` Kees Cook
2017-05-12 21:50 ` Kees Cook
2017-05-12 21:50 ` Kees Cook
2017-05-12 6:57 ` Ingo Molnar
2017-05-12 6:57 ` Ingo Molnar
2017-05-12 6:57 ` Ingo Molnar
2017-05-12 6:13 ` Andy Lutomirski
2017-05-12 6:13 ` Andy Lutomirski
2017-05-12 6:13 ` Andy Lutomirski
2017-05-12 6:58 ` Ingo Molnar
2017-05-12 6:58 ` Ingo Molnar
2017-05-12 6:58 ` Ingo Molnar
2017-05-12 17:05 ` Thomas Garnier
2017-05-12 17:05 ` Thomas Garnier
2017-05-12 17:05 ` Thomas Garnier
2017-05-09 16:30 ` [kernel-hardening] " Kees Cook
2017-05-09 16:30 ` Kees Cook
2017-05-09 16:30 ` Kees Cook
2017-05-08 12:46 ` Greg KH
2017-05-08 12:46 ` Greg KH
2017-05-08 12:46 ` Greg KH
2017-05-09 6:45 ` Ingo Molnar [this message]
2017-05-09 6:45 ` Ingo Molnar
2017-05-09 6:45 ` Ingo Molnar
2017-05-09 8:56 ` Christoph Hellwig
2017-05-09 8:56 ` Christoph Hellwig
2017-05-09 8:56 ` Christoph Hellwig
2017-05-09 13:00 ` Andy Lutomirski
2017-05-09 13:00 ` Andy Lutomirski
2017-05-09 13:00 ` Andy Lutomirski
2017-05-09 13:02 ` [kernel-hardening] " Christoph Hellwig
2017-05-09 13:02 ` Christoph Hellwig
2017-05-09 13:02 ` Christoph Hellwig
2017-05-09 16:03 ` Christoph Hellwig
2017-05-09 16:03 ` Christoph Hellwig
2017-05-09 16:03 ` Christoph Hellwig
2017-05-09 16:50 ` Kees Cook
2017-05-09 16:50 ` Kees Cook
2017-05-09 16:50 ` Kees Cook
2017-05-09 22:52 ` Andy Lutomirski
2017-05-09 22:52 ` Andy Lutomirski
2017-05-09 22:52 ` Andy Lutomirski
2017-05-09 23:31 ` Kees Cook
2017-05-09 23:31 ` Kees Cook
2017-05-09 23:31 ` Kees Cook
2017-05-10 1:59 ` Andy Lutomirski
2017-05-10 1:59 ` Andy Lutomirski
2017-05-10 1:59 ` Andy Lutomirski
2017-05-10 7:15 ` Christoph Hellwig
2017-05-10 7:15 ` Christoph Hellwig
2017-05-10 7:15 ` Christoph Hellwig
2017-05-11 11:22 ` Borislav Petkov
2017-05-11 11:22 ` Borislav Petkov
2017-05-11 11:22 ` Borislav Petkov
2017-05-10 6:46 ` Christoph Hellwig
2017-05-10 6:46 ` Christoph Hellwig
2017-05-10 6:46 ` Christoph Hellwig
2017-05-10 2:11 ` Al Viro
2017-05-10 2:11 ` Al Viro
2017-05-10 2:11 ` Al Viro
2017-05-10 2:45 ` Al Viro
2017-05-10 2:45 ` Al Viro
2017-05-10 2:45 ` Al Viro
2017-05-10 3:12 ` Al Viro
2017-05-10 3:12 ` Al Viro
2017-05-10 3:12 ` Al Viro
2017-05-10 3:21 ` Al Viro
2017-05-10 3:21 ` Al Viro
2017-05-10 3:21 ` Al Viro
2017-05-10 3:39 ` Al Viro
2017-05-10 3:39 ` Al Viro
2017-05-10 3:39 ` Al Viro
2017-05-10 6:54 ` Christoph Hellwig
2017-05-10 6:54 ` Christoph Hellwig
2017-05-10 6:54 ` Christoph Hellwig
2017-05-10 6:53 ` Christoph Hellwig
2017-05-10 6:53 ` Christoph Hellwig
2017-05-10 6:53 ` Christoph Hellwig
2017-05-10 7:27 ` Al Viro
2017-05-10 7:27 ` Al Viro
2017-05-10 7:27 ` Al Viro
2017-05-10 7:35 ` Christoph Hellwig
2017-05-10 7:35 ` Christoph Hellwig
2017-05-10 7:35 ` Christoph Hellwig
2017-05-10 6:49 ` Christoph Hellwig
2017-05-10 6:49 ` Christoph Hellwig
2017-05-10 6:49 ` Christoph Hellwig
2017-05-10 7:28 ` Arnd Bergmann
2017-05-10 7:28 ` Arnd Bergmann
2017-05-10 7:28 ` Arnd Bergmann
2017-05-10 7:35 ` Christoph Hellwig
2017-05-10 7:35 ` Christoph Hellwig
2017-05-10 7:35 ` Christoph Hellwig
2017-05-09 16:05 ` Brian Gerst
2017-05-09 16:05 ` Brian Gerst
2017-05-09 16:05 ` Brian Gerst
2017-05-10 7:37 ` [kernel-hardening] " Arnd Bergmann
2017-05-10 7:37 ` Arnd Bergmann
2017-05-10 7:37 ` Arnd Bergmann
2017-05-10 8:08 ` Al Viro
2017-05-10 8:08 ` Al Viro
2017-05-10 8:08 ` Al Viro
2017-05-10 8:14 ` Christoph Hellwig
2017-05-10 8:14 ` Christoph Hellwig
2017-05-10 8:14 ` Christoph Hellwig
2017-05-11 0:18 ` Andy Lutomirski
2017-05-11 0:18 ` Andy Lutomirski
2017-05-11 0:18 ` Andy Lutomirski
2017-05-12 7:00 ` Ingo Molnar
2017-05-12 7:00 ` Ingo Molnar
2017-05-12 7:00 ` Ingo Molnar
2017-05-12 7:15 ` Al Viro
2017-05-12 7:15 ` Al Viro
2017-05-12 7:15 ` Al Viro
2017-05-12 7:35 ` Christoph Hellwig
2017-05-12 7:35 ` Christoph Hellwig
2017-05-12 7:35 ` Christoph Hellwig
2017-05-12 8:07 ` Christoph Hellwig
2017-05-12 8:07 ` Christoph Hellwig
2017-05-12 8:07 ` Christoph Hellwig
2017-05-12 8:23 ` Greg KH
2017-05-12 8:23 ` Greg KH
2017-05-12 8:23 ` Greg KH
2017-05-12 7:43 ` [kernel-hardening] " Arnd Bergmann
2017-05-12 7:43 ` Arnd Bergmann
2017-05-12 7:43 ` Arnd Bergmann
2017-05-12 8:11 ` Christoph Hellwig
2017-05-12 8:11 ` Christoph Hellwig
2017-05-12 8:11 ` Christoph Hellwig
2017-05-12 8:16 ` Al Viro
2017-05-12 8:16 ` Al Viro
2017-05-12 8:16 ` Al Viro
2017-05-12 8:11 ` Al Viro
2017-05-12 8:11 ` Al Viro
2017-05-12 8:11 ` Al Viro
2017-05-12 8:20 ` Arnd Bergmann
2017-05-12 8:20 ` Arnd Bergmann
2017-05-12 8:20 ` Arnd Bergmann
2017-05-12 23:20 ` Andy Lutomirski
2017-05-12 23:20 ` Andy Lutomirski
2017-05-12 23:20 ` Andy Lutomirski
2017-05-08 13:09 ` Kees Cook
2017-05-08 13:09 ` Kees Cook
2017-05-08 13:09 ` Kees Cook
2017-05-08 13:09 ` Kees Cook
2017-05-08 14:02 ` [kernel-hardening] " Ingo Molnar
2017-05-08 14:02 ` Ingo Molnar
2017-05-08 14:02 ` Ingo Molnar
2017-05-08 14:02 ` Ingo Molnar
2017-05-08 14:06 ` [kernel-hardening] " Jann Horn
2017-05-08 14:06 ` Jann Horn
2017-05-08 14:06 ` Jann Horn
2017-05-08 14:06 ` Jann Horn
2017-05-08 20:48 ` [kernel-hardening] " Al Viro
2017-05-08 20:48 ` Al Viro
2017-05-08 20:48 ` Al Viro
2017-05-08 20:48 ` Al Viro
2017-05-12 23:15 ` [kernel-hardening] " Andy Lutomirski
2017-05-12 23:15 ` Andy Lutomirski
2017-05-12 23:15 ` Andy Lutomirski
2017-05-12 23:15 ` Andy Lutomirski
2017-05-08 15:24 ` [kernel-hardening] " Kees Cook
2017-05-08 15:24 ` Kees Cook
2017-05-08 15:24 ` Kees Cook
2017-05-08 15:24 ` Kees Cook
2017-05-09 6:34 ` [kernel-hardening] " Ingo Molnar
2017-05-09 6:34 ` Ingo Molnar
2017-05-09 6:34 ` Ingo Molnar
2017-05-09 6:34 ` Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170509064522.anusoikaalvlux3w@gmail.com \
--to=mingo@kernel.org \
--cc=a.p.zijlstra@chello.nl \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=borntraeger@de.ibm.com \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=catalin.marinas@arm.com \
--cc=dave.hansen@intel.com \
--cc=dhowells@redhat.com \
--cc=ebiederm@xmission.com \
--cc=greg@kroah.com \
--cc=heiko.carstens@de.ibm.com \
--cc=hpa@zytor.com \
--cc=james.morse@arm.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=luto@kernel.org \
--cc=mail@renenyffenegger.ch \
--cc=mark.rutland@arm.com \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=ptikhomirov@virtuozzo.com \
--cc=riel@redhat.com \
--cc=schwidefsky@de.ibm.com \
--cc=tglx@linutronix.de \
--cc=thgarnie@google.com \
--cc=torvalds@linux-foundation.org \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.