From: Kees Cook <keescook@chromium.org>
To: Geert Uytterhoeven <geert@linux-m68k.org>
Cc: David Laight <David.Laight@aculab.com>,
linux-m68k <linux-m68k@lists.linux-m68k.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
"linux-hardening@vger.kernel.org"
<linux-hardening@vger.kernel.org>
Subject: Re: [PATCH] m68k: Implement "current_stack_pointer"
Date: Fri, 25 Feb 2022 09:37:23 -0800 [thread overview]
Message-ID: <202202250936.BA139C4@keescook> (raw)
In-Reply-To: <CAMuHMdU6msvi0j=mS28GFYbm+uMRk7PkYe+zOM4sDmOVxeibLQ@mail.gmail.com>
On Thu, Feb 24, 2022 at 10:56:09AM +0100, Geert Uytterhoeven wrote:
> Hi David, Kees,
>
> On Thu, Feb 24, 2022 at 10:54 AM David Laight <David.Laight@aculab.com> wrote:
> > From: Geert Uytterhoeven <geert@linux-m68k.org>
> > > Sent: 24 February 2022 09:17
> > >
> > > On Thu, Feb 24, 2022 at 10:12 AM David Laight <David.Laight@aculab.com> wrote:
> > > > From: Geert Uytterhoeven
> > > > > Sent: 24 February 2022 08:59
> > > > ...
> > > > > > +register unsigned long current_stack_pointer __asm__("sp");
> > > > >
> > > > > I don't know what HARDENED_USERCOPY does, so I don't know if you need
> > > > > "usp" (see rdusp()) or "sp"?
> > > >
> > > > HARDENED_USERCOPY significantly slows down some systems calls
> > > > (especially things like sendmsg()) by trying to run-time verify
> > > > that the kernel buffer doesn't overrun a stack frame or kmalloc()ed
> > >
> > > Kernel stack frame of user stack frame?
> >
> > Kernel, the kernel doesn't care if the user stack gets trashed.
Right, this is strictly a kernel-side check in mm/usercopy.c:
https://lore.kernel.org/linux-hardening/20220225173345.3358109-1-keescook@chromium.org/
>
> OK.
>
> Reviewed-by: Geert Uytterhoeven <geert@linux-m68k.org>
>
> Kees: Do you want me to queue this in the m68k for-v5.18 branch, or do
> you want to take it yourself, together with the HARDENED_USERCOPY work?
> In case of the latter:
> Acked-by: Geert Uytterhoeven <geert@linux-m68k.org>
>
> Please let me know. Thanks!
Yeah, I'll take it via my tree, just so it's all together.
Thanks!
-Kees
--
Kees Cook
prev parent reply other threads:[~2022-02-25 17:37 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-24 6:04 [PATCH] m68k: Implement "current_stack_pointer" Kees Cook
2022-02-24 8:59 ` Geert Uytterhoeven
2022-02-24 9:12 ` David Laight
2022-02-24 9:16 ` Geert Uytterhoeven
2022-02-24 9:54 ` David Laight
2022-02-24 9:56 ` Geert Uytterhoeven
2022-02-25 17:37 ` Kees Cook [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202202250936.BA139C4@keescook \
--to=keescook@chromium.org \
--cc=David.Laight@aculab.com \
--cc=geert@linux-m68k.org \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-m68k@lists.linux-m68k.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.