All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 1/2] config: android-recommended: disable aio support
@ 2016-12-07 12:19 Amit Pundir
  2016-12-07 12:19 ` [PATCH 2/2] config: android-base: enable hardened usercopy and kernel ASLR Amit Pundir
  0 siblings, 1 reply; 3+ messages in thread
From: Amit Pundir @ 2016-12-07 12:19 UTC (permalink / raw)
  To: Andrew Morton
  Cc: Rob Herring, John Stultz, Android Kernel Team, lkml, Daniel Micay

From: Daniel Micay <danielmicay@gmail.com>

The aio interface adds substantial attack surface for a feature that's
not being exposed by Android at all. It's unlikely that anyone is using
the kernel feature directly either. This feature is rarely used even on
servers. The glibc POSIX aio calls really use thread pools. The lack of
widespread usage also means this is relatively poorly audited/tested.

The kernel's aio rarely provides performance benefits over using a
thread pool and is quite incomplete in terms of system call coverage
along with having edge cases where blocking can occur. Part of the
performance issue is the fact that it only supports direct io, not
buffered io. The existing API is considered fundamentally flawed
and it's unlikely it will be expanded, but rather replaced:

https://marc.info/?l=linux-aio&m=145255815216051&w=2

Since ext4 encryption means no direct io support, kernel aio isn't even
going to work properly on Android devices using file-based encryption.

Reviewed-at: https://android-review.googlesource.com/#/c/292158/

Signed-off-by: Daniel Micay <danielmicay@gmail.com>
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
---
 kernel/configs/android-recommended.config | 1 +
 1 file changed, 1 insertion(+)

diff --git a/kernel/configs/android-recommended.config b/kernel/configs/android-recommended.config
index 297756b..4719871 100644
--- a/kernel/configs/android-recommended.config
+++ b/kernel/configs/android-recommended.config
@@ -1,4 +1,5 @@
 #  KEEP ALPHABETICALLY SORTED
+# CONFIG_AIO is not set
 # CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS is not set
 # CONFIG_INPUT_MOUSE is not set
 # CONFIG_LEGACY_PTYS is not set
-- 
2.7.4

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [PATCH 2/2] config: android-base: enable hardened usercopy and kernel ASLR
  2016-12-07 12:19 [PATCH 1/2] config: android-recommended: disable aio support Amit Pundir
@ 2016-12-07 12:19 ` Amit Pundir
  2016-12-08 15:38   ` Rob Herring
  0 siblings, 1 reply; 3+ messages in thread
From: Amit Pundir @ 2016-12-07 12:19 UTC (permalink / raw)
  To: Andrew Morton; +Cc: Rob Herring, John Stultz, Android Kernel Team, lkml

Enable CONFIG_HARDENED_USERCOPY and CONFIG_RANDOMIZE_BASE in Android
base config fragment.

Reviewed-at: https://android-review.googlesource.com/#/c/283659/
Reviewed-at: https://android-review.googlesource.com/#/c/278133/

Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
---
 kernel/configs/android-base.config | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/kernel/configs/android-base.config b/kernel/configs/android-base.config
index 1a8f34f..26a06e0 100644
--- a/kernel/configs/android-base.config
+++ b/kernel/configs/android-base.config
@@ -21,6 +21,7 @@ CONFIG_CP15_BARRIER_EMULATION=y
 CONFIG_DEFAULT_SECURITY_SELINUX=y
 CONFIG_EMBEDDED=y
 CONFIG_FB=y
+CONFIG_HARDENED_USERCOPY=y
 CONFIG_HIGH_RES_TIMERS=y
 CONFIG_INET6_AH=y
 CONFIG_INET6_ESP=y
@@ -129,6 +130,7 @@ CONFIG_PPP_DEFLATE=y
 CONFIG_PPP_MPPE=y
 CONFIG_PREEMPT=y
 CONFIG_QUOTA=y
+CONFIG_RANDOMIZE_BASE=y
 CONFIG_RTC_CLASS=y
 CONFIG_RT_GROUP_SCHED=y
 CONFIG_SECCOMP=y
-- 
2.7.4

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH 2/2] config: android-base: enable hardened usercopy and kernel ASLR
  2016-12-07 12:19 ` [PATCH 2/2] config: android-base: enable hardened usercopy and kernel ASLR Amit Pundir
@ 2016-12-08 15:38   ` Rob Herring
  0 siblings, 0 replies; 3+ messages in thread
From: Rob Herring @ 2016-12-08 15:38 UTC (permalink / raw)
  To: Amit Pundir; +Cc: Andrew Morton, John Stultz, Android Kernel Team, lkml

On Wed, Dec 7, 2016 at 6:19 AM, Amit Pundir <amit.pundir@linaro.org> wrote:
> Enable CONFIG_HARDENED_USERCOPY and CONFIG_RANDOMIZE_BASE in Android
> base config fragment.

It would be good to note here if options are things Android wants
(i.e. will work without) or requires to function. These seem pretty
obvious to be the former.

Acked-by: Rob Herring <robh@kernel.org>

Rob

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2016-12-08 15:38 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-12-07 12:19 [PATCH 1/2] config: android-recommended: disable aio support Amit Pundir
2016-12-07 12:19 ` [PATCH 2/2] config: android-base: enable hardened usercopy and kernel ASLR Amit Pundir
2016-12-08 15:38   ` Rob Herring

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.