From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 9C513C27C4F for ; Fri, 21 Jun 2024 08:13:49 +0000 (UTC) Authentication-Results: lists.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=RXX1h3br; dkim-atps=neutral Received: from boromir.ozlabs.org (localhost [IPv6:::1]) by lists.ozlabs.org (Postfix) with ESMTP id 4W599Q6xbcz3cYh for ; Fri, 21 Jun 2024 18:13:46 +1000 (AEST) Authentication-Results: lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=RXX1h3br; dkim-atps=neutral Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.158.5; helo=mx0b-001b2d01.pphosted.com; envelope-from=anjalik@linux.ibm.com; receiver=lists.ozlabs.org) Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com [148.163.158.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4W598c348pz3bpN for ; Fri, 21 Jun 2024 18:13:03 +1000 (AEST) Received: from pps.filterd (m0353723.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 45L5xLu9012669; Fri, 21 Jun 2024 08:12:51 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h= message-id:date:mime-version:from:subject:to:cc:references :in-reply-to:content-type:content-transfer-encoding; s=pp1; bh=/ vbnCchyql67f25u4XOkStNtVtFpGi8RbqjNGblWcME=; b=RXX1h3brjv5on6Wm0 Ta4GVZprDTPePQaOmvkpUW5hBduGz+dTIdRtDbuCPoUDKHRr0/tif1ZiynL9P8Fq PV6iFZtYjGOw3H4eWQg8z4FwwQZG/nzDpaf+na27hsUzW10arwR4X605KBq3zRlX llrt0zqUWWZHTw4EIAFE7cy19h7g54PSDr6+5T+lfnMwznpxey3mKgkMQNnQGlam w+di21Y2SAvOuV6QOYY5A3mMoHD7ccWAqBdMZT9VCyXYsLLvtcR6HJAbxCY0LD6n ajahmGeg+2ciK5AO1oByjbfOwTZmZX+nf/FjT6DLX4m829kuNY4TMSLmbV1O4h2o 8+fVw== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3yw3ungb03-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 Jun 2024 08:12:51 +0000 (GMT) Received: from m0353723.ppops.net (m0353723.ppops.net [127.0.0.1]) by pps.reinject (8.18.0.8/8.18.0.8) with ESMTP id 45L8CpPM029964; Fri, 21 Jun 2024 08:12:51 GMT Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 3yw3ungayy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 Jun 2024 08:12:51 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.17.1.19/8.17.1.19) with ESMTP id 45L7MDJi030888; Fri, 21 Jun 2024 08:12:50 GMT Received: from smtprelay01.fra02v.mail.ibm.com ([9.218.2.227]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 3yvrsswr7a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 21 Jun 2024 08:12:50 +0000 Received: from smtpav07.fra02v.mail.ibm.com (smtpav07.fra02v.mail.ibm.com [10.20.54.106]) by smtprelay01.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 45L8CklF57541026 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 21 Jun 2024 08:12:48 GMT Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3C17920040; Fri, 21 Jun 2024 08:12:46 +0000 (GMT) Received: from smtpav07.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id ED9FC20043; Fri, 21 Jun 2024 08:12:43 +0000 (GMT) Received: from [9.43.93.55] (unknown [9.43.93.55]) by smtpav07.fra02v.mail.ibm.com (Postfix) with ESMTP; Fri, 21 Jun 2024 08:12:43 +0000 (GMT) Message-ID: <45c38d92-8d7c-466c-833d-0c2aa389eeda@linux.ibm.com> Date: Fri, 21 Jun 2024 13:42:42 +0530 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird From: Anjali K Subject: Re: [PATCH] powerpc/pseries: Whitelist dtl slub object for copying to userspace To: Michael Ellerman , Kees Cook References: <20240614173844.746818-1-anjalik@linux.ibm.com> <202406171053.F72BF013@keescook> <87cyoe67zg.fsf@mail.lhotse> Content-Language: en-US In-Reply-To: <87cyoe67zg.fsf@mail.lhotse> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-ORIG-GUID: wP1kKg1TvwOi1Uj2GnB9_HzSX-0Wu5hY X-Proofpoint-GUID: 5B84yCCjDt4JNbSfv_WsQfFI5P_6w1E- X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-06-21_02,2024-06-20_04,2024-05-17_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 suspectscore=0 spamscore=0 impostorscore=0 bulkscore=0 mlxscore=0 lowpriorityscore=0 adultscore=0 mlxlogscore=913 clxscore=1015 malwarescore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.19.0-2406140001 definitions=main-2406210058 X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: npiggin@gmail.com, naveen@kernel.org, christophe.leroy@csgroup.eu, gustavoars@kernel.org, linux-hardening@vger.kernel.org, vishalc@linux.ibm.com, linuxppc-dev@lists.ozlabs.org Errors-To: linuxppc-dev-bounces+linuxppc-dev=archiver.kernel.org@lists.ozlabs.org Sender: "Linuxppc-dev" Hi Michael On 18/06/24 12:41, Michael Ellerman wrote: > I guess there isn't a kmem_cache_create_user_readonly() ? Thank you for your review.                                                     My understanding of the question is whether there's a way to whitelist a    region such that it can be copied to userspace, but not written to using    copy_from_user().                                                              No, we don't have a function to whitelist only for copy_to_user() and not   copy_from_user(). Thank you Anjali K