From: igor.stoppa@huawei.com (Igor Stoppa)
To: linux-security-module@vger.kernel.org
Subject: [RFC PATCH v21 0/6] mm: security: ro protection for dynamic data
Date: Tue, 27 Mar 2018 18:37:36 +0300 [thread overview]
Message-ID: <20180327153742.17328-1-igor.stoppa@huawei.com> (raw)
This patch-set introduces the possibility of protecting memory that has
been allocated dynamically.
The memory is managed in pools: when a memory pool is protected, all the
memory that is currently part of it, will become R/O.
A R/O pool can be expanded (adding more protectable memory).
It can also be destroyed, to recover its memory, but it cannot be
turned back into R/W mode.
This is intentional. This feature is meant for data that doesn't need
further modifications after initialization.
However the data might need to be released, for example as part of module
unloading. The pool, therefore, can be destroyed.
An example is provided, in the form of self-testing.
Changes since v20:
[http://www.openwall.com/lists/kernel-hardening/2018/03/27/2]
* removed the align_order parameter from allocation functions
* improved documentation with more explanation
* fixed lkdt test
* reworked the destroy function, removing a possible race with
use-after-free code.
Igor Stoppa (6):
struct page: add field for vm_struct
vmalloc: rename llist field in vmap_area
Protectable Memory
Pmalloc selftest
lkdtm: crash on overwriting protected pmalloc var
Documentation for Pmalloc
Documentation/core-api/index.rst | 1 +
Documentation/core-api/pmalloc.rst | 107 +++++++++++++++
drivers/misc/lkdtm.h | 1 +
drivers/misc/lkdtm_core.c | 3 +
drivers/misc/lkdtm_perms.c | 25 ++++
include/linux/mm_types.h | 1 +
include/linux/pmalloc.h | 166 +++++++++++++++++++++++
include/linux/test_pmalloc.h | 24 ++++
include/linux/vmalloc.h | 5 +-
init/main.c | 2 +
mm/Kconfig | 16 +++
mm/Makefile | 2 +
mm/pmalloc.c | 264 +++++++++++++++++++++++++++++++++++++
mm/test_pmalloc.c | 136 +++++++++++++++++++
mm/usercopy.c | 33 +++++
mm/vmalloc.c | 10 +-
16 files changed, 791 insertions(+), 5 deletions(-)
create mode 100644 Documentation/core-api/pmalloc.rst
create mode 100644 include/linux/pmalloc.h
create mode 100644 include/linux/test_pmalloc.h
create mode 100644 mm/pmalloc.c
create mode 100644 mm/test_pmalloc.c
--
2.14.1
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next reply other threads:[~2018-03-27 15:37 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-27 15:37 Igor Stoppa [this message]
2018-03-27 15:37 ` [PATCH 1/6] struct page: add field for vm_struct Igor Stoppa
2018-03-27 15:37 ` [PATCH 2/6] vmalloc: rename llist field in vmap_area Igor Stoppa
2018-03-27 15:37 ` [PATCH 3/6] Protectable Memory Igor Stoppa
2018-03-27 15:37 ` [PATCH 4/6] Pmalloc selftest Igor Stoppa
2018-03-27 15:37 ` [PATCH 5/6] lkdtm: crash on overwriting protected pmalloc var Igor Stoppa
2018-03-27 15:37 ` [PATCH 6/6] Documentation for Pmalloc Igor Stoppa
2018-03-27 16:55 ` [RFC PATCH v21 0/6] mm: security: ro protection for dynamic data Jonathan Corbet
2018-03-29 20:25 ` Igor Stoppa
2018-03-29 20:50 ` Jonathan Corbet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180327153742.17328-1-igor.stoppa@huawei.com \
--to=igor.stoppa@huawei.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).