* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS @ 2017-09-11 15:26 ` Mark Salyzyn 0 siblings, 0 replies; 8+ messages in thread From: Mark Salyzyn @ 2017-09-11 15:26 UTC (permalink / raw) To: linux-arm-kernel Make it possible to disable the kuser helpers by adding a KUSER_HELPERS config option (enabled by default). When disabled, all kuser helpers-related code is removed from the kernel and no mapping is done at the fixed high address (0xffff0000); any attempt to use a kuser helper from a 32-bit process will result in a segfault. Signed-off-by: Mark Salyzyn <salyzyn@android.com> v2: - vectors_page and compat_vdso_spec as array of 2 - free sigpage if vectors allocation failed - adjust makefile so one line for each of the assembler source modules - split off assembler changes to a new previous patch in series to reduce churn - modify slightly the feature documentation to reduce its reach - modify slightly the feature documentation to rationalize the yes default. - There are more ifdefs as a result of the rebase. v3: - rebase (minor conflicts) ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS @ 2017-09-11 15:26 ` Mark Salyzyn 0 siblings, 0 replies; 8+ messages in thread From: Mark Salyzyn @ 2017-09-11 15:26 UTC (permalink / raw) To: linux-kernel Cc: kevin.brodsky, catalin.marinas, will.deacon, mingo, borntraeger, james.morse, peterz, Dave.Martin, credmonster, zijun_hu, mark.rutland, jszhang, labbott, john.stultz, keescook, linux-arm-kernel, takahiro.akashi, mmarek, ard.biesheuvel, Mark Salyzyn Make it possible to disable the kuser helpers by adding a KUSER_HELPERS config option (enabled by default). When disabled, all kuser helpers-related code is removed from the kernel and no mapping is done at the fixed high address (0xffff0000); any attempt to use a kuser helper from a 32-bit process will result in a segfault. Signed-off-by: Mark Salyzyn <salyzyn@android.com> v2: - vectors_page and compat_vdso_spec as array of 2 - free sigpage if vectors allocation failed - adjust makefile so one line for each of the assembler source modules - split off assembler changes to a new previous patch in series to reduce churn - modify slightly the feature documentation to reduce its reach - modify slightly the feature documentation to rationalize the yes default. - There are more ifdefs as a result of the rebase. v3: - rebase (minor conflicts) ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS 2017-09-11 15:26 ` Mark Salyzyn @ 2017-09-19 22:02 ` Kees Cook -1 siblings, 0 replies; 8+ messages in thread From: Kees Cook @ 2017-09-19 22:02 UTC (permalink / raw) To: linux-arm-kernel On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote: > Make it possible to disable the kuser helpers by adding a KUSER_HELPERS > config option (enabled by default). When disabled, all kuser > helpers-related code is removed from the kernel and no mapping is done > at the fixed high address (0xffff0000); any attempt to use a kuser > helper from a 32-bit process will result in a segfault. > > Signed-off-by: Mark Salyzyn <salyzyn@android.com> > > v2: > - vectors_page and compat_vdso_spec as array of 2 > - free sigpage if vectors allocation failed > - adjust makefile so one line for each of the assembler source modules > - split off assembler changes to a new previous patch in series to reduce churn > - modify slightly the feature documentation to reduce its reach > - modify slightly the feature documentation to rationalize the yes default. > - There are more ifdefs as a result of the rebase. > > v3: > - rebase (minor conflicts) This looks great to me. I'd love to see kuser helpers gone. :) Catalin, Will, does this need anything else? -Kees -- Kees Cook Pixel Security ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS @ 2017-09-19 22:02 ` Kees Cook 0 siblings, 0 replies; 8+ messages in thread From: Kees Cook @ 2017-09-19 22:02 UTC (permalink / raw) To: Mark Salyzyn, Catalin Marinas, Will Deacon Cc: LKML, kevin.brodsky, Ingo Molnar, Christian Borntraeger, James Morse, Peter Zijlstra, Dave Martin, credmonster, zijun_hu, Mark Rutland, Jisheng Zhang, Laura Abbott, John Stultz, linux-arm-kernel@lists.infradead.org, AKASHI Takahiro, Michal Marek, Ard Biesheuvel On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote: > Make it possible to disable the kuser helpers by adding a KUSER_HELPERS > config option (enabled by default). When disabled, all kuser > helpers-related code is removed from the kernel and no mapping is done > at the fixed high address (0xffff0000); any attempt to use a kuser > helper from a 32-bit process will result in a segfault. > > Signed-off-by: Mark Salyzyn <salyzyn@android.com> > > v2: > - vectors_page and compat_vdso_spec as array of 2 > - free sigpage if vectors allocation failed > - adjust makefile so one line for each of the assembler source modules > - split off assembler changes to a new previous patch in series to reduce churn > - modify slightly the feature documentation to reduce its reach > - modify slightly the feature documentation to rationalize the yes default. > - There are more ifdefs as a result of the rebase. > > v3: > - rebase (minor conflicts) This looks great to me. I'd love to see kuser helpers gone. :) Catalin, Will, does this need anything else? -Kees -- Kees Cook Pixel Security ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS 2017-09-19 22:02 ` Kees Cook @ 2017-09-20 9:15 ` Will Deacon -1 siblings, 0 replies; 8+ messages in thread From: Will Deacon @ 2017-09-20 9:15 UTC (permalink / raw) To: linux-arm-kernel On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote: > On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote: > > Make it possible to disable the kuser helpers by adding a KUSER_HELPERS > > config option (enabled by default). When disabled, all kuser > > helpers-related code is removed from the kernel and no mapping is done > > at the fixed high address (0xffff0000); any attempt to use a kuser > > helper from a 32-bit process will result in a segfault. > > > > Signed-off-by: Mark Salyzyn <salyzyn@android.com> > > > > v2: > > - vectors_page and compat_vdso_spec as array of 2 > > - free sigpage if vectors allocation failed > > - adjust makefile so one line for each of the assembler source modules > > - split off assembler changes to a new previous patch in series to reduce churn > > - modify slightly the feature documentation to reduce its reach > > - modify slightly the feature documentation to rationalize the yes default. > > - There are more ifdefs as a result of the rebase. > > > > v3: > > - rebase (minor conflicts) > > This looks great to me. I'd love to see kuser helpers gone. :) > > Catalin, Will, does this need anything else? I haven't had chance to look at the patches yet (buried in other stuff), but I aim to get to it in the next couple of weeks. Will ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS @ 2017-09-20 9:15 ` Will Deacon 0 siblings, 0 replies; 8+ messages in thread From: Will Deacon @ 2017-09-20 9:15 UTC (permalink / raw) To: Kees Cook Cc: Mark Salyzyn, Catalin Marinas, LKML, kevin.brodsky, Ingo Molnar, Christian Borntraeger, James Morse, Peter Zijlstra, Dave Martin, credmonster, zijun_hu, Mark Rutland, Jisheng Zhang, Laura Abbott, John Stultz, linux-arm-kernel@lists.infradead.org, AKASHI Takahiro, Michal Marek, Ard Biesheuvel On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote: > On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote: > > Make it possible to disable the kuser helpers by adding a KUSER_HELPERS > > config option (enabled by default). When disabled, all kuser > > helpers-related code is removed from the kernel and no mapping is done > > at the fixed high address (0xffff0000); any attempt to use a kuser > > helper from a 32-bit process will result in a segfault. > > > > Signed-off-by: Mark Salyzyn <salyzyn@android.com> > > > > v2: > > - vectors_page and compat_vdso_spec as array of 2 > > - free sigpage if vectors allocation failed > > - adjust makefile so one line for each of the assembler source modules > > - split off assembler changes to a new previous patch in series to reduce churn > > - modify slightly the feature documentation to reduce its reach > > - modify slightly the feature documentation to rationalize the yes default. > > - There are more ifdefs as a result of the rebase. > > > > v3: > > - rebase (minor conflicts) > > This looks great to me. I'd love to see kuser helpers gone. :) > > Catalin, Will, does this need anything else? I haven't had chance to look at the patches yet (buried in other stuff), but I aim to get to it in the next couple of weeks. Will ^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS 2017-09-20 9:15 ` Will Deacon @ 2017-10-31 18:42 ` Mark Salyzyn -1 siblings, 0 replies; 8+ messages in thread From: Mark Salyzyn @ 2017-10-31 18:42 UTC (permalink / raw) To: linux-arm-kernel On 09/20/2017 02:15 AM, Will Deacon wrote: > On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote: >> On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote: >>> Make it possible to disable the kuser helpers by adding a KUSER_HELPERS >>> config option (enabled by default). When disabled, all kuser >>> helpers-related code is removed from the kernel and no mapping is done >>> at the fixed high address (0xffff0000); any attempt to use a kuser >>> helper from a 32-bit process will result in a segfault. >>> >>> Signed-off-by: Mark Salyzyn <salyzyn@android.com> >>> >>> v2: >>> - vectors_page and compat_vdso_spec as array of 2 >>> - free sigpage if vectors allocation failed >>> - adjust makefile so one line for each of the assembler source modules >>> - split off assembler changes to a new previous patch in series to reduce churn >>> - modify slightly the feature documentation to reduce its reach >>> - modify slightly the feature documentation to rationalize the yes default. >>> - There are more ifdefs as a result of the rebase. >>> >>> v3: >>> - rebase (minor conflicts) >> This looks great to me. I'd love to see kuser helpers gone. :) >> >> Catalin, Will, does this need anything else? > I haven't had chance to look at the patches yet (buried in other stuff), but > I aim to get to it in the next couple of weeks. > > Will Ping? ^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS @ 2017-10-31 18:42 ` Mark Salyzyn 0 siblings, 0 replies; 8+ messages in thread From: Mark Salyzyn @ 2017-10-31 18:42 UTC (permalink / raw) To: Will Deacon, Kees Cook Cc: Catalin Marinas, LKML, kevin.brodsky, Ingo Molnar, Christian Borntraeger, James Morse, Peter Zijlstra, Dave Martin, credmonster, zijun_hu, Mark Rutland, Jisheng Zhang, Laura Abbott, John Stultz, linux-arm-kernel@lists.infradead.org, AKASHI Takahiro, Michal Marek, Ard Biesheuvel On 09/20/2017 02:15 AM, Will Deacon wrote: > On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote: >> On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote: >>> Make it possible to disable the kuser helpers by adding a KUSER_HELPERS >>> config option (enabled by default). When disabled, all kuser >>> helpers-related code is removed from the kernel and no mapping is done >>> at the fixed high address (0xffff0000); any attempt to use a kuser >>> helper from a 32-bit process will result in a segfault. >>> >>> Signed-off-by: Mark Salyzyn <salyzyn@android.com> >>> >>> v2: >>> - vectors_page and compat_vdso_spec as array of 2 >>> - free sigpage if vectors allocation failed >>> - adjust makefile so one line for each of the assembler source modules >>> - split off assembler changes to a new previous patch in series to reduce churn >>> - modify slightly the feature documentation to reduce its reach >>> - modify slightly the feature documentation to rationalize the yes default. >>> - There are more ifdefs as a result of the rebase. >>> >>> v3: >>> - rebase (minor conflicts) >> This looks great to me. I'd love to see kuser helpers gone. :) >> >> Catalin, Will, does this need anything else? > I haven't had chance to look at the patches yet (buried in other stuff), but > I aim to get to it in the next couple of weeks. > > Will Ping? ^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2017-10-31 18:42 UTC | newest] Thread overview: 8+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2017-09-11 15:26 [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS Mark Salyzyn 2017-09-11 15:26 ` Mark Salyzyn 2017-09-19 22:02 ` Kees Cook 2017-09-19 22:02 ` Kees Cook 2017-09-20 9:15 ` Will Deacon 2017-09-20 9:15 ` Will Deacon 2017-10-31 18:42 ` Mark Salyzyn 2017-10-31 18:42 ` Mark Salyzyn
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.