From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1754794AbbJ1AMp (ORCPT <rfc822;w@1wt.eu>);
	Tue, 27 Oct 2015 20:12:45 -0400
Received: from mail.linuxfoundation.org ([140.211.169.12]:38417 "EHLO
	mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1754046AbbJ1AMo (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 27 Oct 2015 20:12:44 -0400
Date: Wed, 28 Oct 2015 09:12:40 +0900
From: Greg KH <gregkh@linuxfoundation.org>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: keescook@chromium.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH] lkdtm: fix ACCESS_USERSPACE test
Message-ID: <20151028001240.GA2971@kroah.com>
References: <1445978873-20870-1-git-send-email-sds@tycho.nsa.gov>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1445978873-20870-1-git-send-email-sds@tycho.nsa.gov>
User-Agent: Mutt/1.5.24 (2015-08-30)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Tue, Oct 27, 2015 at 04:47:53PM -0400, Stephen Smalley wrote:
> Add a copy_to_user() call to the ACCESS_USERSPACE test
> prior to attempting direct dereferencing of the user
> address to ensure the page is present.  Otherwise,
> a fault occurs on arm kernels even prior to the introduction
> of CONFIG_CPU_SW_DOMAIN_PAN, and there is no difference in
> behavior for CONFIG_CPU_SW_DOMAIN_PAN=n vs CONFIG_CPU_SW_DOMAIN_PAN=y.
> 
> Before this change, for any value of CONFIG_CPU_SW_DOMAIN_PAN:
> lkdtm: Performing direct entry ACCESS_USERSPACE
> lkdtm: attempting bad read at b6fe8000
> Unable to handle kernel paging request at virtual address b6fe8000
> 
> After this change, for CONFIG_CPU_SW_DOMAIN_PAN=n:
> lkdtm: Performing direct entry ACCESS_USERSPACE
> lkdtm: attempting bad read at b6efc000
> lkdtm: attempting bad write at b6efc000
> 
> After this change, for CONFIG_CPU_SW_DOMAIN_PAN=y:
> lkdtm: Performing direct entry ACCESS_USERSPACE
> lkdtm: attempting bad read at b6f7d000
> Unhandled fault: page domain fault (0x01b) at 0xb6f7d000
> ...
> 
> Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
> ---
>  drivers/misc/lkdtm.c | 8 +++++++-
>  1 file changed, 7 insertions(+), 1 deletion(-)

Should this also be applied to older kernels (i.e. a stable fix)?

thanks,

greg k-h