[PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
@ 2017-12-01 20:10 Kees Cook
  2017-12-01 20:46 ` Laura Abbott
                   ` (3 more replies)
  0 siblings, 4 replies; 6+ messages in thread
From: Kees Cook @ 2017-12-01 20:10 UTC (permalink / raw)
  To: Andrew Morton
  Cc: linux-kernel, kernel-hardening, Mark Rutland, Will Deacon,
	Laura Abbott, x86

Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
is probably time to flip this default for x86 and arm64.

Signed-off-by: Kees Cook <keescook@chromium.org>
---
 lib/Kconfig.debug | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 947d3e2ed5c2..39b123d04a36 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
 	bool "Filter access to /dev/mem"
 	depends on MMU && DEVMEM
 	depends on ARCH_HAS_DEVMEM_IS_ALLOWED
-	default y if TILE || PPC
+	default y if TILE || PPC || X86 || ARM64
 	---help---
 	  If this option is disabled, you allow userspace (root) access to all
 	  of memory, including kernel and userspace memory. Accidental
-- 
2.7.4


-- 
Kees Cook
Pixel Security

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
  2017-12-01 20:10 [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64 Kees Cook
@ 2017-12-01 20:46 ` Laura Abbott
  2017-12-04 15:56 ` Will Deacon
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 6+ messages in thread
From: Laura Abbott @ 2017-12-01 20:46 UTC (permalink / raw)
  To: Kees Cook, Andrew Morton
  Cc: linux-kernel, kernel-hardening, Mark Rutland, Will Deacon, x86

On 12/01/2017 12:10 PM, Kees Cook wrote:
> Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
> is probably time to flip this default for x86 and arm64.
> 

With my Fedora hat on,

Acked-by: Laura Abbott <labbott@redhat.com

> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>   lib/Kconfig.debug | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> index 947d3e2ed5c2..39b123d04a36 100644
> --- a/lib/Kconfig.debug
> +++ b/lib/Kconfig.debug
> @@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
>   	bool "Filter access to /dev/mem"
>   	depends on MMU && DEVMEM
>   	depends on ARCH_HAS_DEVMEM_IS_ALLOWED
> -	default y if TILE || PPC
> +	default y if TILE || PPC || X86 || ARM64
>   	---help---
>   	  If this option is disabled, you allow userspace (root) access to all
>   	  of memory, including kernel and userspace memory. Accidental
> 

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
  2017-12-01 20:10 [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64 Kees Cook
  2017-12-01 20:46 ` Laura Abbott
@ 2017-12-04 15:56 ` Will Deacon
  2017-12-04 18:19   ` Kees Cook
  2017-12-12 10:56 ` [tip:core/debug] " tip-bot for Kees Cook
  2017-12-19 13:33 ` [kernel-hardening] [PATCH] " Ard Biesheuvel
  3 siblings, 1 reply; 6+ messages in thread
From: Will Deacon @ 2017-12-04 15:56 UTC (permalink / raw)
  To: Kees Cook
  Cc: Andrew Morton, linux-kernel, kernel-hardening, Mark Rutland,
	Laura Abbott, x86

On Fri, Dec 01, 2017 at 12:10:00PM -0800, Kees Cook wrote:
> Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
> is probably time to flip this default for x86 and arm64.

Should we be defaulting IO_STRICT_DEVMEM on as well?

Will

> Signed-off-by: Kees Cook <keescook@chromium.org>
> ---
>  lib/Kconfig.debug | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> index 947d3e2ed5c2..39b123d04a36 100644
> --- a/lib/Kconfig.debug
> +++ b/lib/Kconfig.debug
> @@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
>  	bool "Filter access to /dev/mem"
>  	depends on MMU && DEVMEM
>  	depends on ARCH_HAS_DEVMEM_IS_ALLOWED
> -	default y if TILE || PPC
> +	default y if TILE || PPC || X86 || ARM64
>  	---help---
>  	  If this option is disabled, you allow userspace (root) access to all
>  	  of memory, including kernel and userspace memory. Accidental
> -- 
> 2.7.4
> 
> 
> -- 
> Kees Cook
> Pixel Security

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
  2017-12-04 15:56 ` Will Deacon
@ 2017-12-04 18:19   ` Kees Cook
  0 siblings, 0 replies; 6+ messages in thread
From: Kees Cook @ 2017-12-04 18:19 UTC (permalink / raw)
  To: Will Deacon
  Cc: Andrew Morton, LKML, kernel-hardening, Mark Rutland, Laura Abbott,
	X86 ML

On Mon, Dec 4, 2017 at 7:56 AM, Will Deacon <will.deacon@arm.com> wrote:
> On Fri, Dec 01, 2017 at 12:10:00PM -0800, Kees Cook wrote:
>> Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
>> is probably time to flip this default for x86 and arm64.
>
> Should we be defaulting IO_STRICT_DEVMEM on as well?

I'd love to see that, but I haven't seen a long history on this
setting yet. It may be that arm64 can do it, since it doesn't have the
x86 hardware legacy stuff ... If you're willing to give it a shot, I'm
all for it. :)

-Kees

>
> Will
>
>> Signed-off-by: Kees Cook <keescook@chromium.org>
>> ---
>>  lib/Kconfig.debug | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
>> index 947d3e2ed5c2..39b123d04a36 100644
>> --- a/lib/Kconfig.debug
>> +++ b/lib/Kconfig.debug
>> @@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
>>       bool "Filter access to /dev/mem"
>>       depends on MMU && DEVMEM
>>       depends on ARCH_HAS_DEVMEM_IS_ALLOWED
>> -     default y if TILE || PPC
>> +     default y if TILE || PPC || X86 || ARM64
>>       ---help---
>>         If this option is disabled, you allow userspace (root) access to all
>>         of memory, including kernel and userspace memory. Accidental
>> --
>> 2.7.4
>>
>>
>> --
>> Kees Cook
>> Pixel Security



-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 6+ messages in thread

* [tip:core/debug] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
  2017-12-01 20:10 [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64 Kees Cook
  2017-12-01 20:46 ` Laura Abbott
  2017-12-04 15:56 ` Will Deacon
@ 2017-12-12 10:56 ` tip-bot for Kees Cook
  2017-12-19 13:33 ` [kernel-hardening] [PATCH] " Ard Biesheuvel
  3 siblings, 0 replies; 6+ messages in thread
From: tip-bot for Kees Cook @ 2017-12-12 10:56 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: linux-kernel, keescook, will.deacon, torvalds, labbott, akpm,
	mark.rutland, hpa, mingo, tglx, peterz

Commit-ID:  0f7cda2b824bb2afe0d75716a8664117fa03f5e0
Gitweb:     https://git.kernel.org/tip/0f7cda2b824bb2afe0d75716a8664117fa03f5e0
Author:     Kees Cook <keescook@chromium.org>
AuthorDate: Fri, 1 Dec 2017 12:10:00 -0800
Committer:  Ingo Molnar <mingo@kernel.org>
CommitDate: Mon, 11 Dec 2017 18:41:26 +0100

Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64

Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
is probably time to flip this default for x86 and arm64.

Signed-off-by: Kees Cook <keescook@chromium.org>
Acked-by: Laura Abbott <labbott@redhat.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Will Deacon <will.deacon@arm.com>
Cc: kernel-hardening@lists.openwall.com
Link: http://lkml.kernel.org/r/20171201201000.GA44539@beast
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
 lib/Kconfig.debug | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
index 947d3e2..39b123d 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
 	bool "Filter access to /dev/mem"
 	depends on MMU && DEVMEM
 	depends on ARCH_HAS_DEVMEM_IS_ALLOWED
-	default y if TILE || PPC
+	default y if TILE || PPC || X86 || ARM64
 	---help---
 	  If this option is disabled, you allow userspace (root) access to all
 	  of memory, including kernel and userspace memory. Accidental

^ permalink raw reply related	[flat|nested] 6+ messages in thread

* Re: [kernel-hardening] [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64
  2017-12-01 20:10 [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64 Kees Cook
                   ` (2 preceding siblings ...)
  2017-12-12 10:56 ` [tip:core/debug] " tip-bot for Kees Cook
@ 2017-12-19 13:33 ` Ard Biesheuvel
  3 siblings, 0 replies; 6+ messages in thread
From: Ard Biesheuvel @ 2017-12-19 13:33 UTC (permalink / raw)
  To: Kees Cook
  Cc: Andrew Morton, linux-kernel, Kernel Hardening, Mark Rutland,
	Will Deacon, Laura Abbott, x86

On 1 December 2017 at 20:10, Kees Cook <keescook@chromium.org> wrote:
> Distros have been shipping with CONFIG_STRICT_DEVMEM=y for years now. It
> is probably time to flip this default for x86 and arm64.
>
> Signed-off-by: Kees Cook <keescook@chromium.org>

Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

> ---
>  lib/Kconfig.debug | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
> index 947d3e2ed5c2..39b123d04a36 100644
> --- a/lib/Kconfig.debug
> +++ b/lib/Kconfig.debug
> @@ -1985,7 +1985,7 @@ config STRICT_DEVMEM
>         bool "Filter access to /dev/mem"
>         depends on MMU && DEVMEM
>         depends on ARCH_HAS_DEVMEM_IS_ALLOWED
> -       default y if TILE || PPC
> +       default y if TILE || PPC || X86 || ARM64
>         ---help---
>           If this option is disabled, you allow userspace (root) access to all
>           of memory, including kernel and userspace memory. Accidental
> --
> 2.7.4
>
>
> --
> Kees Cook
> Pixel Security

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2017-12-19 13:33 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-12-01 20:10 [PATCH] Kconfig: Make STRICT_DEVMEM default-y on x86 and arm64 Kees Cook
2017-12-01 20:46 ` Laura Abbott
2017-12-04 15:56 ` Will Deacon
2017-12-04 18:19   ` Kees Cook
2017-12-12 10:56 ` [tip:core/debug] " tip-bot for Kees Cook
2017-12-19 13:33 ` [kernel-hardening] [PATCH] " Ard Biesheuvel

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox