From: Andrew Morton <akpm@linux-foundation.org>
To: Kees Cook <keescook@chromium.org>
Cc: Jessica Yu <jeyu@redhat.com>,
Rusty Russell <rusty@rustcorp.com.au>,
LKML <linux-kernel@vger.kernel.org>,
"kernel-hardening@lists.openwall.com"
<kernel-hardening@lists.openwall.com>,
Eddie Kovsky <ewk@edkovsky.org>
Subject: Re: [PATCH v5 0/2] provide check for ro_after_init memory sections
Date: Fri, 7 Apr 2017 15:23:19 -0700 [thread overview]
Message-ID: <20170407152319.f37c877c79c19cb52daf9ba1@linux-foundation.org> (raw)
In-Reply-To: <CAGXu5jJNPbcyYt3=WyM0pceoGpaUc=Nti7aD76uvjmAKwHZ58w@mail.gmail.com>
On Fri, 7 Apr 2017 15:15:36 -0700 Kees Cook <keescook@chromium.org> wrote:
> On Fri, Apr 7, 2017 at 3:12 PM, Andrew Morton <akpm@linux-foundation.org> wrote:
> > On Fri, 7 Apr 2017 14:53:23 -0700 Kees Cook <keescook@chromium.org> wrote:
> >
> >> > Eddie Kovsky (2):
> >> > module: verify address is read-only
> >> > extable: verify address is read-only
> >> >
> >> > include/linux/kernel.h | 2 ++
> >> > include/linux/module.h | 12 ++++++++++++
> >> > kernel/extable.c | 29 +++++++++++++++++++++++++++
> >> > kernel/module.c | 53 ++++++++++++++++++++++++++++++++++++++++++++++++++
> >> > 4 files changed, 96 insertions(+)
> >>
> >> Andrew, do you have these in your mailbox (it went to lkml), or should
> >> I resend them directly to you? Since they depend on the
> >> __start_ro_after_init naming fixes in -mm, it seemed like it'd be best
> >> to carry these two patches there. If so, please consider them both:
> >>
> >> Acked-by: Kees Cook <keescook@chromium.org>
> >>
> >> (And, from the thread on the module patch, Jessica has Acked that one too.)
> >
> > Well I grabbed them, but the patches don't actually do anything - they
> > add interfaces with no users. What's the plan here?
>
> I'd like to have a way for interfaces (especially the various
> *_register()) to be able to check that a structure is either const or
> __ro_after_init. My expectation is to add those and similar
> sanity-checks now that we can do so.
OK. But I'd rather sit on the patches until we have working, tested,
reviewed callers which are agreed to be useful.
next prev parent reply other threads:[~2017-04-07 22:23 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-06 3:35 [PATCH v5 0/2] provide check for ro_after_init memory sections Eddie Kovsky
2017-04-06 3:35 ` [PATCH v5 1/2] module: verify address is read-only Eddie Kovsky
2017-04-07 1:58 ` Jessica Yu
2017-04-07 20:46 ` Kees Cook
2017-04-06 3:35 ` [PATCH v5 2/2] extable: " Eddie Kovsky
2017-04-06 17:20 ` kbuild test robot
2017-04-06 17:41 ` kbuild test robot
2017-04-07 19:29 ` Eddie Kovsky
2017-04-07 20:45 ` Kees Cook
2017-04-07 21:53 ` [PATCH v5 0/2] provide check for ro_after_init memory sections Kees Cook
2017-04-07 22:12 ` Andrew Morton
2017-04-07 22:15 ` Kees Cook
2017-04-07 22:23 ` Andrew Morton [this message]
2017-04-07 22:47 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170407152319.f37c877c79c19cb52daf9ba1@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=ewk@edkovsky.org \
--cc=jeyu@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rusty@rustcorp.com.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox