From mboxrd@z Thu Jan 1 00:00:00 1970 From: linux@arm.linux.org.uk (Russell King - ARM Linux) Date: Mon, 24 Aug 2015 18:47:36 +0100 Subject: [PATCH v2 5/5] arm64: add KASan support In-Reply-To: References: <55AE56DB.4040607@samsung.com> <20150824131557.GB7557@n2100.arm.linux.org.uk> Message-ID: <20150824174736.GD7557@n2100.arm.linux.org.uk> To: linux-arm-kernel@lists.infradead.org List-Id: linux-arm-kernel.lists.infradead.org On Mon, Aug 24, 2015 at 05:15:22PM +0300, Andrey Ryabinin wrote: > Yes, ~130Mb (3G/1G split) should work. 512Mb shadow is optional. > The only advantage of 512Mb shadow is better handling of user memory > accesses bugs > (access to user memory without copy_from_user/copy_to_user/strlen_user etc API). No need for that to be handed by KASan. I have patches in linux-next, now acked by Will, which prevent the kernel accessing userspace with zero memory footprint. No need for remapping, we have a way to quickly turn off access to userspace mapped pages on non-LPAE 32-bit CPUs. (LPAE is not supported yet - Catalin will be working on that using the hooks I'm providing once he returns.) This isn't a debugging thing, it's a security hardening thing. Some use-after-free bugs are potentially exploitable from userspace. See the recent blackhat conference paper. -- FTTC broadband for 0.8mile line: currently at 10.5Mbps down 400kbps up according to speedtest.net.