From: Thomas Garnier <thgarnie@google.com>
To: "Martin Schwidefsky" <schwidefsky@de.ibm.com>,
"Heiko Carstens" <heiko.carstens@de.ibm.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Dave Hansen" <dave.hansen@intel.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Thomas Garnier" <thgarnie@google.com>,
"David Howells" <dhowells@redhat.com>,
"René Nyffenegger" <mail@renenyffenegger.ch>,
"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
"Ingo Molnar" <mingo@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Oleg Nesterov" <oleg@redhat.com>,
"Stephen Smalley" <sds@tycho.nsa.gov>,
"Pavel Tikhomirov" <ptikhomirov@virtuozzo.com>,
"Ingo Molnar" <mingo@redhat.com>,
"H . Peter Anvin" <hpa@zytor.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Rik van Riel" <riel@redhat.com>,
"Josh Poimboeuf" <jpoimboe@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"Brian Gerst" <brgerst@gmail.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
"Christian Borntraeger" <borntraeger@de.ibm.com>,
"Russell King" <linux@armlinux.org.uk>,
"Will Deacon" <will.deacon@arm.com>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Mark Rutland" <mark.rutland@arm.com>,
"James Morse" <james.morse@arm.com>
Cc: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org, x86@kernel.org,
linux-arm-kernel@lists.infradead.org,
kernel-hardening@lists.openwall.com
Subject: [PATCH v7 3/4] arm/syscalls: Architecture specific pre-usermode check
Date: Mon, 10 Apr 2017 09:44:19 -0700 [thread overview]
Message-ID: <20170410164420.64003-3-thgarnie@google.com> (raw)
In-Reply-To: <20170410164420.64003-1-thgarnie@google.com>
Disable the generic pre-usermode check in favor of an optimized
implementation. This patch adds specific checks on user-mode return path
to make it faster and smaller.
The address limit is checked on each syscall return path to user-mode
path as well as the irq user-mode return function. If the address limit
was changed, a generic handler is called to stop the kernel on an
explicit check.
Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
Based on next-20170410
---
arch/arm/Kconfig | 1 +
arch/arm/kernel/entry-common.S | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index b0e8c9763e94..af0992debfd2 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -12,6 +12,7 @@ config ARM
select ARCH_HAVE_CUSTOM_GPIO_H
select ARCH_HAS_GCOV_PROFILE_ALL
select ARCH_MIGHT_HAVE_PC_PARPORT
+ select ARCH_NO_SYSCALL_VERIFY_PRE_USERMODE_STATE
select ARCH_OPTIONAL_KERNEL_RWX if ARCH_HAS_STRICT_KERNEL_RWX
select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT if CPU_V7
select ARCH_SUPPORTS_ATOMIC_RMW
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index eb5cd77bf1d8..c8a8ba5c22ad 100644
--- a/arch/arm/kernel/entry-common.S
+++ b/arch/arm/kernel/entry-common.S
@@ -12,6 +12,7 @@
#include <asm/unistd.h>
#include <asm/ftrace.h>
#include <asm/unwind.h>
+#include <asm/memory.h>
#ifdef CONFIG_AEABI
#include <asm/unistd-oabi.h>
#endif
@@ -27,7 +28,6 @@
#include "entry-header.S"
-
.align 5
#if !(IS_ENABLED(CONFIG_TRACE_IRQFLAGS) || IS_ENABLED(CONFIG_CONTEXT_TRACKING))
/*
@@ -40,9 +40,12 @@ ret_fast_syscall:
UNWIND(.fnstart )
UNWIND(.cantunwind )
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
bne fast_work_pending
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
/* perform architecture specific actions before user return */
arch_ret_to_user r1, lr
@@ -66,6 +69,7 @@ ret_fast_syscall:
UNWIND(.cantunwind )
str r0, [sp, #S_R0 + S_OFF]! @ save returned r0
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
beq no_work_pending
@@ -82,6 +86,7 @@ slow_work_pending:
mov r2, why @ 'syscall'
bl do_work_pending
cmp r0, #0
+ ldreq r2, [tsk, #TI_ADDR_LIMIT]
beq no_work_pending
movlt scno, #(__NR_restart_syscall - __NR_SYSCALL_BASE)
ldmia sp, {r0 - r6} @ have to reload r0 - r6
@@ -99,9 +104,12 @@ ret_slow_syscall:
disable_irq_notrace @ disable interrupts
ENTRY(ret_to_user_from_irq)
ldr r1, [tsk, #TI_FLAGS]
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
tst r1, #_TIF_WORK_MASK
bne slow_work_pending
no_work_pending:
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
asm_trace_hardirqs_on save = 0
/* perform architecture specific actions before user return */
--
2.12.2.715.g7642488e1d-goog
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Garnier <thgarnie@google.com>
To: "Martin Schwidefsky" <schwidefsky@de.ibm.com>,
"Heiko Carstens" <heiko.carstens@de.ibm.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Dave Hansen" <dave.hansen@intel.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Thomas Garnier" <thgarnie@google.com>,
"David Howells" <dhowells@redhat.com>,
"René Nyffenegger" <mail@renenyffenegger.ch>,
"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
"Ingo Molnar" <mingo@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Oleg Nesterov" <oleg@redhat.com>,
"Stephen Smalley" <sds@tycho.nsa.gov>,
"Pavel Tikhomirov" <ptikhomirov@virtuozzo.com>,
"Ingo Molnar" <mingo@redhat.com>,
"H . Peter Anvin" <hpa@zytor.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Rik van Riel" <riel@redhat.com>,
"Josh Poimboeuf" <jpoimboe@redhat.com>,
"Borislav Petkov" <bp@alien8.de>,
"Brian Gerst" <brgerst@gmail.com>,
"Kirill A . Shutemov" <kirill.shutemov@linux.intel.com>,
"Christian Borntraeger" <borntraeger@de.ibm.com>,
"Russell King" <linux@armlinux.org.uk>,
"Will Deacon" <will.deacon@arm.com>,
"Catalin Marinas" <catalin.marinas@arm.com>,
"Mark Rutland" <mark.rutland@arm.com>,
"James Morse" <james.morse@arm.com>
Cc: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org, x86@kernel.org,
linux-arm-kernel@lists.infradead.org,
kernel-hardening@lists.openwall.com
Subject: [kernel-hardening] [PATCH v7 3/4] arm/syscalls: Architecture specific pre-usermode check
Date: Mon, 10 Apr 2017 09:44:19 -0700 [thread overview]
Message-ID: <20170410164420.64003-3-thgarnie@google.com> (raw)
In-Reply-To: <20170410164420.64003-1-thgarnie@google.com>
Disable the generic pre-usermode check in favor of an optimized
implementation. This patch adds specific checks on user-mode return path
to make it faster and smaller.
The address limit is checked on each syscall return path to user-mode
path as well as the irq user-mode return function. If the address limit
was changed, a generic handler is called to stop the kernel on an
explicit check.
Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
Based on next-20170410
---
arch/arm/Kconfig | 1 +
arch/arm/kernel/entry-common.S | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index b0e8c9763e94..af0992debfd2 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -12,6 +12,7 @@ config ARM
select ARCH_HAVE_CUSTOM_GPIO_H
select ARCH_HAS_GCOV_PROFILE_ALL
select ARCH_MIGHT_HAVE_PC_PARPORT
+ select ARCH_NO_SYSCALL_VERIFY_PRE_USERMODE_STATE
select ARCH_OPTIONAL_KERNEL_RWX if ARCH_HAS_STRICT_KERNEL_RWX
select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT if CPU_V7
select ARCH_SUPPORTS_ATOMIC_RMW
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index eb5cd77bf1d8..c8a8ba5c22ad 100644
--- a/arch/arm/kernel/entry-common.S
+++ b/arch/arm/kernel/entry-common.S
@@ -12,6 +12,7 @@
#include <asm/unistd.h>
#include <asm/ftrace.h>
#include <asm/unwind.h>
+#include <asm/memory.h>
#ifdef CONFIG_AEABI
#include <asm/unistd-oabi.h>
#endif
@@ -27,7 +28,6 @@
#include "entry-header.S"
-
.align 5
#if !(IS_ENABLED(CONFIG_TRACE_IRQFLAGS) || IS_ENABLED(CONFIG_CONTEXT_TRACKING))
/*
@@ -40,9 +40,12 @@ ret_fast_syscall:
UNWIND(.fnstart )
UNWIND(.cantunwind )
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
bne fast_work_pending
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
/* perform architecture specific actions before user return */
arch_ret_to_user r1, lr
@@ -66,6 +69,7 @@ ret_fast_syscall:
UNWIND(.cantunwind )
str r0, [sp, #S_R0 + S_OFF]! @ save returned r0
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
beq no_work_pending
@@ -82,6 +86,7 @@ slow_work_pending:
mov r2, why @ 'syscall'
bl do_work_pending
cmp r0, #0
+ ldreq r2, [tsk, #TI_ADDR_LIMIT]
beq no_work_pending
movlt scno, #(__NR_restart_syscall - __NR_SYSCALL_BASE)
ldmia sp, {r0 - r6} @ have to reload r0 - r6
@@ -99,9 +104,12 @@ ret_slow_syscall:
disable_irq_notrace @ disable interrupts
ENTRY(ret_to_user_from_irq)
ldr r1, [tsk, #TI_FLAGS]
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
tst r1, #_TIF_WORK_MASK
bne slow_work_pending
no_work_pending:
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
asm_trace_hardirqs_on save = 0
/* perform architecture specific actions before user return */
--
2.12.2.715.g7642488e1d-goog
WARNING: multiple messages have this Message-ID (diff)
From: Thomas Garnier <thgarnie@google.com>
To: "Martin Schwidefsky" <schwidefsky@de.ibm.com>,
"Heiko Carstens" <heiko.carstens@de.ibm.com>,
"Arnd Bergmann" <arnd@arndb.de>,
"Dave Hansen" <dave.hansen@intel.com>,
"Andrew Morton" <akpm@linux-foundation.org>,
"Thomas Garnier" <thgarnie@google.com>,
"David Howells" <dhowells@redhat.com>,
"René Nyffenegger" <mail@renenyffenegger.ch>,
"Paul E . McKenney" <paulmck@linux.vnet.ibm.com>,
"Ingo Molnar" <mingo@kernel.org>,
"Thomas Gleixner" <tglx@linutronix.de>,
"Oleg Nesterov" <oleg@redhat.com>,
"Stephen Smalley" <sds@tycho.nsa.gov>,
"Pavel Tikhomirov" <ptikhomirov@virtuozzo.com>,
"Ingo Molnar" <mingo@redhat.com>,
"H . Peter Anvin" <hpa@zytor.com>,
"Andy Lutomirski" <luto@kernel.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Kees Cook" <keescook@chromium.org>,
"Rik van Riel" <riel@redhat.com>,
"Josh Poimboeuf" <jpoimboe@redhat.com>,
"Borislav Petkov" <bp@alien8.de>, "Brian Gerst" <brgerst@gma>
Cc: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-api@vger.kernel.org, x86@kernel.org,
linux-arm-kernel@lists.infradead.org,
kernel-hardening@lists.openwall.com
Subject: [PATCH v7 3/4] arm/syscalls: Architecture specific pre-usermode check
Date: Mon, 10 Apr 2017 09:44:19 -0700 [thread overview]
Message-ID: <20170410164420.64003-3-thgarnie@google.com> (raw)
In-Reply-To: <20170410164420.64003-1-thgarnie@google.com>
Disable the generic pre-usermode check in favor of an optimized
implementation. This patch adds specific checks on user-mode return path
to make it faster and smaller.
The address limit is checked on each syscall return path to user-mode
path as well as the irq user-mode return function. If the address limit
was changed, a generic handler is called to stop the kernel on an
explicit check.
Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
Based on next-20170410
---
arch/arm/Kconfig | 1 +
arch/arm/kernel/entry-common.S | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index b0e8c9763e94..af0992debfd2 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -12,6 +12,7 @@ config ARM
select ARCH_HAVE_CUSTOM_GPIO_H
select ARCH_HAS_GCOV_PROFILE_ALL
select ARCH_MIGHT_HAVE_PC_PARPORT
+ select ARCH_NO_SYSCALL_VERIFY_PRE_USERMODE_STATE
select ARCH_OPTIONAL_KERNEL_RWX if ARCH_HAS_STRICT_KERNEL_RWX
select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT if CPU_V7
select ARCH_SUPPORTS_ATOMIC_RMW
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index eb5cd77bf1d8..c8a8ba5c22ad 100644
--- a/arch/arm/kernel/entry-common.S
+++ b/arch/arm/kernel/entry-common.S
@@ -12,6 +12,7 @@
#include <asm/unistd.h>
#include <asm/ftrace.h>
#include <asm/unwind.h>
+#include <asm/memory.h>
#ifdef CONFIG_AEABI
#include <asm/unistd-oabi.h>
#endif
@@ -27,7 +28,6 @@
#include "entry-header.S"
-
.align 5
#if !(IS_ENABLED(CONFIG_TRACE_IRQFLAGS) || IS_ENABLED(CONFIG_CONTEXT_TRACKING))
/*
@@ -40,9 +40,12 @@ ret_fast_syscall:
UNWIND(.fnstart )
UNWIND(.cantunwind )
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
bne fast_work_pending
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
/* perform architecture specific actions before user return */
arch_ret_to_user r1, lr
@@ -66,6 +69,7 @@ ret_fast_syscall:
UNWIND(.cantunwind )
str r0, [sp, #S_R0 + S_OFF]! @ save returned r0
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
beq no_work_pending
@@ -82,6 +86,7 @@ slow_work_pending:
mov r2, why @ 'syscall'
bl do_work_pending
cmp r0, #0
+ ldreq r2, [tsk, #TI_ADDR_LIMIT]
beq no_work_pending
movlt scno, #(__NR_restart_syscall - __NR_SYSCALL_BASE)
ldmia sp, {r0 - r6} @ have to reload r0 - r6
@@ -99,9 +104,12 @@ ret_slow_syscall:
disable_irq_notrace @ disable interrupts
ENTRY(ret_to_user_from_irq)
ldr r1, [tsk, #TI_FLAGS]
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
tst r1, #_TIF_WORK_MASK
bne slow_work_pending
no_work_pending:
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
asm_trace_hardirqs_on save = 0
/* perform architecture specific actions before user return */
--
2.12.2.715.g7642488e1d-goog
WARNING: multiple messages have this Message-ID (diff)
From: thgarnie@google.com (Thomas Garnier)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v7 3/4] arm/syscalls: Architecture specific pre-usermode check
Date: Mon, 10 Apr 2017 09:44:19 -0700 [thread overview]
Message-ID: <20170410164420.64003-3-thgarnie@google.com> (raw)
In-Reply-To: <20170410164420.64003-1-thgarnie@google.com>
Disable the generic pre-usermode check in favor of an optimized
implementation. This patch adds specific checks on user-mode return path
to make it faster and smaller.
The address limit is checked on each syscall return path to user-mode
path as well as the irq user-mode return function. If the address limit
was changed, a generic handler is called to stop the kernel on an
explicit check.
Signed-off-by: Thomas Garnier <thgarnie@google.com>
---
Based on next-20170410
---
arch/arm/Kconfig | 1 +
arch/arm/kernel/entry-common.S | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig
index b0e8c9763e94..af0992debfd2 100644
--- a/arch/arm/Kconfig
+++ b/arch/arm/Kconfig
@@ -12,6 +12,7 @@ config ARM
select ARCH_HAVE_CUSTOM_GPIO_H
select ARCH_HAS_GCOV_PROFILE_ALL
select ARCH_MIGHT_HAVE_PC_PARPORT
+ select ARCH_NO_SYSCALL_VERIFY_PRE_USERMODE_STATE
select ARCH_OPTIONAL_KERNEL_RWX if ARCH_HAS_STRICT_KERNEL_RWX
select ARCH_OPTIONAL_KERNEL_RWX_DEFAULT if CPU_V7
select ARCH_SUPPORTS_ATOMIC_RMW
diff --git a/arch/arm/kernel/entry-common.S b/arch/arm/kernel/entry-common.S
index eb5cd77bf1d8..c8a8ba5c22ad 100644
--- a/arch/arm/kernel/entry-common.S
+++ b/arch/arm/kernel/entry-common.S
@@ -12,6 +12,7 @@
#include <asm/unistd.h>
#include <asm/ftrace.h>
#include <asm/unwind.h>
+#include <asm/memory.h>
#ifdef CONFIG_AEABI
#include <asm/unistd-oabi.h>
#endif
@@ -27,7 +28,6 @@
#include "entry-header.S"
-
.align 5
#if !(IS_ENABLED(CONFIG_TRACE_IRQFLAGS) || IS_ENABLED(CONFIG_CONTEXT_TRACKING))
/*
@@ -40,9 +40,12 @@ ret_fast_syscall:
UNWIND(.fnstart )
UNWIND(.cantunwind )
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
bne fast_work_pending
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
/* perform architecture specific actions before user return */
arch_ret_to_user r1, lr
@@ -66,6 +69,7 @@ ret_fast_syscall:
UNWIND(.cantunwind )
str r0, [sp, #S_R0 + S_OFF]! @ save returned r0
disable_irq_notrace @ disable interrupts
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
ldr r1, [tsk, #TI_FLAGS] @ re-check for syscall tracing
tst r1, #_TIF_SYSCALL_WORK | _TIF_WORK_MASK
beq no_work_pending
@@ -82,6 +86,7 @@ slow_work_pending:
mov r2, why @ 'syscall'
bl do_work_pending
cmp r0, #0
+ ldreq r2, [tsk, #TI_ADDR_LIMIT]
beq no_work_pending
movlt scno, #(__NR_restart_syscall - __NR_SYSCALL_BASE)
ldmia sp, {r0 - r6} @ have to reload r0 - r6
@@ -99,9 +104,12 @@ ret_slow_syscall:
disable_irq_notrace @ disable interrupts
ENTRY(ret_to_user_from_irq)
ldr r1, [tsk, #TI_FLAGS]
+ ldr r2, [tsk, #TI_ADDR_LIMIT]
tst r1, #_TIF_WORK_MASK
bne slow_work_pending
no_work_pending:
+ cmp r2, #TASK_SIZE
+ blne address_limit_check_failed
asm_trace_hardirqs_on save = 0
/* perform architecture specific actions before user return */
--
2.12.2.715.g7642488e1d-goog
next prev parent reply other threads:[~2017-04-10 17:51 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-10 16:44 [PATCH v7 1/4] syscalls: Restore address limit after a syscall Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` [kernel-hardening] " Thomas Garnier
2017-04-10 16:44 ` [PATCH v7 2/4] x86/syscalls: Architecture specific pre-usermode check Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` [kernel-hardening] " Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier [this message]
2017-04-10 16:44 ` [PATCH v7 3/4] arm/syscalls: " Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` [kernel-hardening] " Thomas Garnier
2017-04-10 16:44 ` [PATCH v7 4/4] arm64/syscalls: " Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` Thomas Garnier
2017-04-10 16:44 ` [kernel-hardening] " Thomas Garnier
2017-04-10 17:12 ` Catalin Marinas
2017-04-10 17:12 ` Catalin Marinas
2017-04-10 17:12 ` Catalin Marinas
2017-04-10 17:12 ` [kernel-hardening] " Catalin Marinas
2017-04-10 20:06 ` Thomas Garnier
2017-04-10 20:06 ` Thomas Garnier
2017-04-10 20:06 ` Thomas Garnier
2017-04-10 20:06 ` [kernel-hardening] " Thomas Garnier
2017-04-10 20:09 ` Thomas Garnier
2017-04-10 20:09 ` Thomas Garnier
2017-04-10 20:09 ` Thomas Garnier
2017-04-10 20:09 ` [kernel-hardening] " Thomas Garnier
2017-04-10 20:07 ` Thomas Garnier
2017-04-10 20:07 ` Thomas Garnier
2017-04-10 20:07 ` Thomas Garnier
2017-04-10 20:07 ` [kernel-hardening] " Thomas Garnier
2017-04-24 23:57 ` [PATCH v7 1/4] syscalls: Restore address limit after a syscall Kees Cook
2017-04-24 23:57 ` Kees Cook
2017-04-24 23:57 ` Kees Cook
2017-04-24 23:57 ` [kernel-hardening] " Kees Cook
2017-04-25 6:23 ` Ingo Molnar
2017-04-25 6:23 ` Ingo Molnar
2017-04-25 6:23 ` Ingo Molnar
2017-04-25 6:23 ` [kernel-hardening] " Ingo Molnar
2017-04-25 14:12 ` Thomas Garnier
2017-04-25 14:12 ` Thomas Garnier
2017-04-25 14:12 ` Thomas Garnier
2017-04-25 14:12 ` [kernel-hardening] " Thomas Garnier
2017-04-25 6:33 ` Ingo Molnar
2017-04-25 6:33 ` Ingo Molnar
2017-04-25 6:33 ` Ingo Molnar
2017-04-25 6:33 ` [kernel-hardening] " Ingo Molnar
2017-04-25 14:18 ` Thomas Garnier
2017-04-25 14:18 ` Thomas Garnier
2017-04-25 14:18 ` Thomas Garnier
2017-04-25 14:18 ` [kernel-hardening] " Thomas Garnier
2017-04-26 8:12 ` Ingo Molnar
2017-04-26 8:12 ` Ingo Molnar
2017-04-26 8:12 ` Ingo Molnar
2017-04-26 8:12 ` [kernel-hardening] " Ingo Molnar
2017-04-26 14:09 ` Thomas Garnier
2017-04-26 14:09 ` Thomas Garnier
2017-04-26 14:09 ` Thomas Garnier
2017-04-26 14:09 ` [kernel-hardening] " Thomas Garnier
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170410164420.64003-3-thgarnie@google.com \
--to=thgarnie@google.com \
--cc=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=borntraeger@de.ibm.com \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=catalin.marinas@arm.com \
--cc=dave.hansen@intel.com \
--cc=dhowells@redhat.com \
--cc=heiko.carstens@de.ibm.com \
--cc=hpa@zytor.com \
--cc=james.morse@arm.com \
--cc=jpoimboe@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=luto@kernel.org \
--cc=mail@renenyffenegger.ch \
--cc=mark.rutland@arm.com \
--cc=mingo@kernel.org \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=ptikhomirov@virtuozzo.com \
--cc=riel@redhat.com \
--cc=schwidefsky@de.ibm.com \
--cc=sds@tycho.nsa.gov \
--cc=tglx@linutronix.de \
--cc=will.deacon@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.