From: Hans Liljestrand <ishkamiel@gmail.com>
To: kernel-hardening@lists.openwall.com
Cc: keescook@chromium.org, Elena Reshetova <elena.reshetova@intel.com>
Subject: Re: [kernel-hardening] [RFC v2 PATCH 00/13] HARDENED_ATOMIC
Date: Thu, 20 Oct 2016 16:13:50 +0300 [thread overview]
Message-ID: <20161020131350.GA18331@thigreal> (raw)
In-Reply-To: <1476959131-6153-1-git-send-email-elena.reshetova@intel.com>
On Thu, Oct 20, 2016 at 01:25:18PM +0300, Elena Reshetova wrote:
> Changes since RFC v1:
>
> - documentation added: Documentation/security/hardened-atomic.txt
> - percpu-refcount diversion from PaX/Grsecurity explained better
> - arch. independent base has full functional coverage for atomic,
> atomic-long and atomic64 types.
> - arch. independent base is better structured and organized
> - lkdtm: tests are now defined using macros
> - x86 implementation added for missing functions
> - fixed trap handling on x86 and overall reporting
> - many small polishing and fixes
>
> Open items:
>
> - performance measurements: we are still waiting for numbers
> - arch. independent implementation doesn't have coverage for
> local_wrap_t type in cases when include/asm-generic/local.h
> is not used (meaning architecture does provide its implementation
> but does not yet provide *_wrap functions). We haven't yet
> find a nice way of doing it in arch. independent definitions,
> since some kernel code includes asm/local.h directly and we
> are not sure where to place new definitions (new file under
> inlcude/linux/local_wrap.h (to be inline with include/linux/
> atomic.h) + definition of local_wrap_t to include/linux/types.h?)
> Ideas and suggestions on this are very warlmy welcomed!
>
> Compilation and testing results:
>
> - CONFIG_HARDENED_ATOMIC=y, arch=x86_64 or x86_32, full x86 coverage implementation: compiles, lkdtm atomic tests PASS
> - CONFIG_HARDENED_ATOMIC=n, arch=x86_64 or x86_32, full x86 coverage implementation: compiles, feature not enabled, so tests not run
> - CONFIG_HARDENED_ATOMIC=n, arch=x86_64 or x86_32, with x86 hardening implementation removed
> (simulate not implemented for arch. case): compile does not yet pass due to issues with local_wrap_t decribed above
As noted our current implementation fails on local_t without arch support (at
least in kernel/trace/ring_buffer.c where local_wrap_t is used). It seems that
local_t is almost never used, which is also what the related documentation
recommends (at Documentation/local_ops.txt). I would be inclined to drop local_t
support and switch the generic implementation to use atomic_long_wrap_t instead
of atomic_long_t.
So my question is then, do we actually want to provide a protected version of
local_t, or can we just drop this support?
>
> This series brings the PaX/Grsecurity PAX_REFCOUNT
> feature support to the upstream kernel. All credit for the
> feature goes to the feature authors.
>
> The name of the upstream feature is HARDENED_ATOMIC
> and it is configured using CONFIG_HARDENED_ATOMIC and
> HAVE_ARCH_HARDENED_ATOMIC.
>
> This series only adds x86 support; other architectures are expected
> to add similar support gradually.
I have some worries on the generic arch independent implementation of
atomic64_t/atomic64_wrap_t (include/asm-generic/atomic64.h). We provide _wrap
versions for atomic64, but protection is dependant on arch implementation and
config. That is, one could possibly implement HARDENED_ATOMIC support while
leaving atomic64_t unprotected depending on specific configs, for instance by
then defaulting to CONFIG_GENERIC_ATOMIC64 (in linuc/hardened/atomic.h:676). Or
maybe I'm just under-/overthinking this?
My concern is that this is a very easy place to include errors and
inconsistencies. We've been trying to cleanly fix this, but haven't really found
a satisfactory solution (e.g. one that actually works on different configs/arcs
and isn't a horrible mess). I recall that the hardened_atomic ARM implementation
already faced issues with atomic64, so this seems to be a real cause for
problems. Any suggestions on how to do this more cleanly?
In contrast to local_t issue, atomic64_t is in fact directly used in several
places, including some that we patch to use atomic64_wrap_t. The atomic_(long)_t
implementation is also possibly intertwined with atomic64_t, so I doubt just
dropping bare atomic64_t protections is a viable solution.
On that note, our lkdtm test are still lacking atomic64 tests, which would
probably be good idea to add.
Best Regards,
-hans
>
> More information about the feature can be found in the following
> commit messages.
>
> Special thank you goes to Kees Cook for pre-reviwing this feature
> and all the valuable feedback he provided to us.
>
> David Windsor (7):
> kernel: identify wrapping atomic usage
> mm: identify wrapping atomic usage
> fs: identify wrapping atomic usage
> net: identify wrapping atomic usage
> security: identify wrapping atomic usage
> drivers: identify wrapping atomic usage (part 1/2)
> drivers: identify wrapping atomic usage (part 2/2)
>
> Elena Reshetova (2):
> Add architecture independent hardened atomic base
> x86: implementation for HARDENED_ATOMIC
>
> Hans Liljestrand (4):
> percpu-refcount: leave atomic counter unprotected
> net: atm: identify wrapping atomic usage
> x86: identify wrapping atomic usage
> lkdtm: add tests for atomic over-/underflow
>
> Documentation/security/hardened-atomic.txt | 141 +++++++++
> arch/x86/Kconfig | 1 +
> arch/x86/include/asm/atomic.h | 323 ++++++++++++++++++++-
> arch/x86/include/asm/atomic64_32.h | 201 ++++++++++++-
> arch/x86/include/asm/atomic64_64.h | 228 ++++++++++++++-
> arch/x86/include/asm/bitops.h | 8 +-
> arch/x86/include/asm/cmpxchg.h | 39 +++
> arch/x86/include/asm/hw_irq.h | 4 +-
> arch/x86/include/asm/local.h | 89 +++++-
> arch/x86/include/asm/preempt.h | 2 +-
> arch/x86/include/asm/rmwcc.h | 82 +++++-
> arch/x86/include/asm/rwsem.h | 50 ++++
> arch/x86/kernel/apic/apic.c | 2 +-
> arch/x86/kernel/apic/io_apic.c | 4 +-
> arch/x86/kernel/cpu/mcheck/mce.c | 12 +-
> arch/x86/kernel/i8259.c | 2 +-
> arch/x86/kernel/irq.c | 8 +-
> arch/x86/kernel/kgdb.c | 6 +-
> arch/x86/kernel/pvclock.c | 8 +-
> arch/x86/kernel/tboot.c | 8 +-
> arch/x86/kernel/traps.c | 4 +
> arch/x86/lib/atomic64_386_32.S | 135 +++++++++
> arch/x86/lib/atomic64_cx8_32.S | 78 ++++-
> arch/x86/mm/mmio-mod.c | 4 +-
> drivers/acpi/apei/ghes.c | 4 +-
> drivers/ata/libata-core.c | 5 +-
> drivers/ata/libata-scsi.c | 2 +-
> drivers/ata/libata.h | 2 +-
> drivers/atm/adummy.c | 2 +-
> drivers/atm/ambassador.c | 8 +-
> drivers/atm/atmtcp.c | 14 +-
> drivers/atm/eni.c | 10 +-
> drivers/atm/firestream.c | 8 +-
> drivers/atm/fore200e.c | 14 +-
> drivers/atm/he.c | 18 +-
> drivers/atm/horizon.c | 4 +-
> drivers/atm/idt77252.c | 36 +--
> drivers/atm/iphase.c | 34 +--
> drivers/atm/lanai.c | 12 +-
> drivers/atm/nicstar.c | 47 +--
> drivers/atm/solos-pci.c | 4 +-
> drivers/atm/suni.c | 5 +-
> drivers/atm/uPD98402.c | 16 +-
> drivers/atm/zatm.c | 7 +-
> drivers/base/power/wakeup.c | 8 +-
> drivers/block/drbd/drbd_bitmap.c | 2 +-
> drivers/block/drbd/drbd_int.h | 9 +-
> drivers/block/drbd/drbd_main.c | 15 +-
> drivers/block/drbd/drbd_nl.c | 16 +-
> drivers/block/drbd/drbd_receiver.c | 34 +--
> drivers/block/drbd/drbd_worker.c | 8 +-
> drivers/char/ipmi/ipmi_msghandler.c | 8 +-
> drivers/char/ipmi/ipmi_si_intf.c | 8 +-
> drivers/crypto/hifn_795x.c | 4 +-
> drivers/edac/edac_device.c | 4 +-
> drivers/edac/edac_pci.c | 4 +-
> drivers/edac/edac_pci_sysfs.c | 20 +-
> drivers/firewire/core-card.c | 4 +-
> drivers/firmware/efi/cper.c | 8 +-
> drivers/gpio/gpio-vr41xx.c | 2 +-
> drivers/gpu/drm/i810/i810_drv.h | 4 +-
> drivers/gpu/drm/mga/mga_drv.h | 4 +-
> drivers/gpu/drm/mga/mga_irq.c | 9 +-
> drivers/gpu/drm/qxl/qxl_cmd.c | 12 +-
> drivers/gpu/drm/qxl/qxl_debugfs.c | 8 +-
> drivers/gpu/drm/qxl/qxl_drv.h | 8 +-
> drivers/gpu/drm/qxl/qxl_irq.c | 16 +-
> drivers/gpu/drm/r128/r128_cce.c | 2 +-
> drivers/gpu/drm/r128/r128_drv.h | 4 +-
> drivers/gpu/drm/r128/r128_irq.c | 4 +-
> drivers/gpu/drm/r128/r128_state.c | 4 +-
> drivers/gpu/drm/via/via_drv.h | 4 +-
> drivers/gpu/drm/via/via_irq.c | 18 +-
> drivers/gpu/drm/vmwgfx/vmwgfx_drv.h | 2 +-
> drivers/gpu/drm/vmwgfx/vmwgfx_fifo.c | 6 +-
> drivers/gpu/drm/vmwgfx/vmwgfx_irq.c | 4 +-
> drivers/gpu/drm/vmwgfx/vmwgfx_marker.c | 2 +-
> drivers/hid/hid-core.c | 4 +-
> drivers/hv/channel.c | 4 +-
> drivers/hv/hv_balloon.c | 19 +-
> drivers/hv/hyperv_vmbus.h | 2 +-
> drivers/hwmon/sht15.c | 12 +-
> drivers/infiniband/core/cm.c | 52 ++--
> drivers/infiniband/core/fmr_pool.c | 23 +-
> drivers/infiniband/hw/cxgb4/mem.c | 4 +-
> drivers/infiniband/hw/mlx4/mad.c | 2 +-
> drivers/infiniband/hw/mlx4/mcg.c | 2 +-
> drivers/infiniband/hw/mlx4/mlx4_ib.h | 2 +-
> drivers/infiniband/hw/nes/nes.c | 4 +-
> drivers/infiniband/hw/nes/nes.h | 40 +--
> drivers/infiniband/hw/nes/nes_cm.c | 62 ++--
> drivers/infiniband/hw/nes/nes_mgt.c | 8 +-
> drivers/infiniband/hw/nes/nes_nic.c | 40 +--
> drivers/infiniband/hw/nes/nes_verbs.c | 10 +-
> drivers/input/gameport/gameport.c | 4 +-
> drivers/input/input.c | 4 +-
> drivers/input/misc/ims-pcu.c | 4 +-
> drivers/input/serio/serio.c | 4 +-
> drivers/input/serio/serio_raw.c | 4 +-
> drivers/isdn/capi/capi.c | 11 +-
> drivers/md/dm-core.h | 4 +-
> drivers/md/dm-raid.c | 3 +-
> drivers/md/dm-raid1.c | 18 +-
> drivers/md/dm-stripe.c | 11 +-
> drivers/md/dm.c | 12 +-
> drivers/md/md.c | 32 ++-
> drivers/md/md.h | 15 +-
> drivers/md/raid1.c | 8 +-
> drivers/md/raid10.c | 20 +-
> drivers/md/raid5.c | 17 +-
> drivers/media/pci/ivtv/ivtv-driver.c | 2 +-
> drivers/media/pci/solo6x10/solo6x10-p2m.c | 3 +-
> drivers/media/pci/solo6x10/solo6x10.h | 2 +-
> drivers/media/pci/tw68/tw68-core.c | 2 +-
> drivers/media/radio/radio-maxiradio.c | 2 +-
> drivers/media/radio/radio-shark.c | 2 +-
> drivers/media/radio/radio-shark2.c | 2 +-
> drivers/media/radio/radio-si476x.c | 2 +-
> drivers/media/v4l2-core/v4l2-device.c | 4 +-
> drivers/misc/lis3lv02d/lis3lv02d.c | 8 +-
> drivers/misc/lis3lv02d/lis3lv02d.h | 2 +-
> drivers/misc/lkdtm.h | 17 ++
> drivers/misc/lkdtm_bugs.c | 122 ++++++--
> drivers/misc/lkdtm_core.c | 17 ++
> drivers/misc/sgi-gru/gruhandles.c | 4 +-
> drivers/misc/sgi-gru/gruprocfs.c | 8 +-
> drivers/misc/sgi-gru/grutables.h | 158 +++++-----
> drivers/net/hyperv/hyperv_net.h | 2 +-
> drivers/net/hyperv/rndis_filter.c | 4 +-
> drivers/net/ipvlan/ipvlan_core.c | 2 +-
> drivers/net/macvlan.c | 2 +-
> drivers/net/usb/sierra_net.c | 4 +-
> drivers/net/wireless/ralink/rt2x00/rt2x00.h | 2 +-
> drivers/net/wireless/ralink/rt2x00/rt2x00queue.c | 4 +-
> drivers/oprofile/buffer_sync.c | 8 +-
> drivers/oprofile/event_buffer.c | 2 +-
> drivers/oprofile/oprof.c | 2 +-
> drivers/oprofile/oprofile_stats.c | 10 +-
> drivers/oprofile/oprofile_stats.h | 10 +-
> drivers/oprofile/oprofilefs.c | 8 +-
> drivers/regulator/core.c | 4 +-
> drivers/scsi/fcoe/fcoe_sysfs.c | 12 +-
> drivers/scsi/libfc/fc_exch.c | 54 ++--
> drivers/scsi/lpfc/lpfc.h | 8 +-
> drivers/scsi/lpfc/lpfc_debugfs.c | 18 +-
> drivers/scsi/lpfc/lpfc_scsi.c | 10 +-
> drivers/scsi/pmcraid.c | 24 +-
> drivers/scsi/pmcraid.h | 8 +-
> drivers/scsi/qla4xxx/ql4_def.h | 3 +-
> drivers/scsi/qla4xxx/ql4_os.c | 7 +-
> drivers/scsi/scsi_lib.c | 8 +-
> drivers/scsi/scsi_sysfs.c | 2 +-
> drivers/scsi/scsi_transport_fc.c | 6 +-
> drivers/scsi/scsi_transport_iscsi.c | 7 +-
> drivers/scsi/scsi_transport_srp.c | 6 +-
> drivers/scsi/sd.c | 2 +-
> drivers/target/sbp/sbp_target.c | 4 +-
> drivers/tty/hvc/hvsi.c | 12 +-
> drivers/tty/hvc/hvsi_lib.c | 4 +-
> drivers/tty/serial/ioc4_serial.c | 6 +-
> drivers/tty/serial/msm_serial.c | 4 +-
> drivers/uio/uio.c | 13 +-
> drivers/usb/atm/usbatm.c | 24 +-
> drivers/usb/core/devices.c | 6 +-
> drivers/usb/core/hcd.c | 4 +-
> drivers/usb/core/sysfs.c | 2 +-
> drivers/usb/core/usb.c | 2 +-
> drivers/usb/host/ehci-hub.c | 4 +-
> drivers/usb/misc/appledisplay.c | 4 +-
> drivers/usb/usbip/vhci.h | 2 +-
> drivers/usb/usbip/vhci_hcd.c | 6 +-
> drivers/usb/usbip/vhci_rx.c | 2 +-
> drivers/usb/wusbcore/wa-hc.h | 4 +-
> drivers/usb/wusbcore/wa-xfer.c | 2 +-
> drivers/video/fbdev/hyperv_fb.c | 4 +-
> drivers/video/fbdev/udlfb.c | 32 +--
> fs/afs/inode.c | 4 +-
> fs/btrfs/delayed-inode.c | 6 +-
> fs/btrfs/delayed-inode.h | 4 +-
> fs/cachefiles/daemon.c | 4 +-
> fs/cachefiles/internal.h | 16 +-
> fs/cachefiles/namei.c | 6 +-
> fs/cachefiles/proc.c | 12 +-
> fs/ceph/super.c | 4 +-
> fs/cifs/cifs_debug.c | 14 +-
> fs/cifs/cifsfs.c | 4 +-
> fs/cifs/cifsglob.h | 55 ++--
> fs/cifs/misc.c | 4 +-
> fs/cifs/smb1ops.c | 80 +++---
> fs/cifs/smb2ops.c | 84 +++---
> fs/coda/cache.c | 10 +-
> fs/coredump.c | 6 +-
> fs/ext4/ext4.h | 20 +-
> fs/ext4/mballoc.c | 44 +--
> fs/fscache/cookie.c | 40 +--
> fs/fscache/internal.h | 202 ++++++-------
> fs/fscache/object.c | 26 +-
> fs/fscache/operation.c | 38 +--
> fs/fscache/page.c | 110 +++----
> fs/fscache/stats.c | 348 +++++++++++------------
> fs/inode.c | 5 +-
> fs/kernfs/file.c | 12 +-
> fs/lockd/clntproc.c | 4 +-
> fs/namespace.c | 4 +-
> fs/nfs/inode.c | 6 +-
> fs/notify/notification.c | 4 +-
> fs/ocfs2/localalloc.c | 2 +-
> fs/ocfs2/ocfs2.h | 10 +-
> fs/ocfs2/suballoc.c | 12 +-
> fs/ocfs2/super.c | 20 +-
> fs/proc/meminfo.c | 2 +-
> fs/quota/netlink.c | 4 +-
> fs/reiserfs/do_balan.c | 2 +-
> fs/reiserfs/procfs.c | 2 +-
> fs/reiserfs/reiserfs.h | 4 +-
> include/asm-generic/atomic-long.h | 264 ++++++++++++++---
> include/asm-generic/atomic.h | 56 ++++
> include/asm-generic/atomic64.h | 13 +
> include/asm-generic/bug.h | 7 +
> include/asm-generic/local.h | 15 +
> include/linux/atmdev.h | 2 +-
> include/linux/atomic.h | 114 ++++++++
> include/linux/blktrace_api.h | 2 +-
> include/linux/fscache-cache.h | 2 +-
> include/linux/genhd.h | 2 +-
> include/linux/irqdesc.h | 2 +-
> include/linux/kgdb.h | 2 +-
> include/linux/mm.h | 2 +-
> include/linux/mmzone.h | 4 +-
> include/linux/netdevice.h | 8 +-
> include/linux/oprofile.h | 2 +-
> include/linux/padata.h | 2 +-
> include/linux/percpu-refcount.h | 18 +-
> include/linux/perf_event.h | 10 +-
> include/linux/sched.h | 2 +-
> include/linux/slab_def.h | 8 +-
> include/linux/sonet.h | 2 +-
> include/linux/sunrpc/svc_rdma.h | 18 +-
> include/linux/swapops.h | 10 +-
> include/linux/types.h | 17 ++
> include/linux/uio_driver.h | 2 +-
> include/linux/usb.h | 2 +-
> include/linux/vmstat.h | 38 +--
> include/media/v4l2-device.h | 2 +-
> include/net/bonding.h | 2 +-
> include/net/caif/cfctrl.h | 4 +-
> include/net/flow.h | 2 +-
> include/net/gro_cells.h | 2 +-
> include/net/inetpeer.h | 3 +-
> include/net/ip_fib.h | 2 +-
> include/net/ip_vs.h | 4 +-
> include/net/iucv/af_iucv.h | 2 +-
> include/net/net_namespace.h | 12 +-
> include/net/netns/ipv4.h | 4 +-
> include/net/netns/ipv6.h | 4 +-
> include/net/netns/xfrm.h | 2 +-
> include/net/sock.h | 8 +-
> include/net/tcp.h | 2 +-
> include/net/xfrm.h | 2 +-
> include/scsi/scsi_device.h | 6 +-
> include/video/udlfb.h | 12 +-
> kernel/audit.c | 8 +-
> kernel/auditsc.c | 4 +-
> kernel/debug/debug_core.c | 16 +-
> kernel/events/core.c | 27 +-
> kernel/irq/manage.c | 2 +-
> kernel/irq/spurious.c | 2 +-
> kernel/locking/lockdep.c | 2 +-
> kernel/padata.c | 4 +-
> kernel/panic.c | 11 +
> kernel/profile.c | 14 +-
> kernel/rcu/rcutorture.c | 61 ++--
> kernel/rcu/tree.c | 36 +--
> kernel/rcu/tree.h | 10 +-
> kernel/rcu/tree_exp.h | 2 +-
> kernel/rcu/tree_plugin.h | 12 +-
> kernel/rcu/tree_trace.c | 14 +-
> kernel/sched/auto_group.c | 4 +-
> kernel/time/timer_stats.c | 11 +-
> kernel/trace/blktrace.c | 6 +-
> kernel/trace/ftrace.c | 4 +-
> kernel/trace/ring_buffer.c | 98 +++----
> kernel/trace/trace_clock.c | 4 +-
> kernel/trace/trace_functions_graph.c | 4 +-
> kernel/trace/trace_mmiotrace.c | 8 +-
> lib/percpu-refcount.c | 12 +-
> lib/show_mem.c | 3 +-
> mm/backing-dev.c | 4 +-
> mm/memory-failure.c | 2 +-
> mm/slab.c | 16 +-
> mm/sparse.c | 2 +-
> mm/swapfile.c | 12 +-
> mm/vmstat.c | 26 +-
> net/atm/atm_misc.c | 8 +-
> net/atm/proc.c | 8 +-
> net/atm/resources.c | 4 +-
> net/batman-adv/bat_iv_ogm.c | 8 +-
> net/batman-adv/fragmentation.c | 3 +-
> net/batman-adv/soft-interface.c | 6 +-
> net/batman-adv/types.h | 6 +-
> net/caif/cfctrl.c | 11 +-
> net/ceph/messenger.c | 4 +-
> net/core/datagram.c | 2 +-
> net/core/dev.c | 18 +-
> net/core/flow.c | 9 +-
> net/core/net-sysfs.c | 2 +-
> net/core/netpoll.c | 4 +-
> net/core/rtnetlink.c | 2 +-
> net/core/sock.c | 14 +-
> net/core/sock_diag.c | 8 +-
> net/ipv4/devinet.c | 4 +-
> net/ipv4/fib_frontend.c | 6 +-
> net/ipv4/fib_semantics.c | 2 +-
> net/ipv4/inet_connection_sock.c | 4 +-
> net/ipv4/inet_timewait_sock.c | 3 +-
> net/ipv4/inetpeer.c | 2 +-
> net/ipv4/ip_fragment.c | 2 +-
> net/ipv4/ping.c | 2 +-
> net/ipv4/raw.c | 5 +-
> net/ipv4/route.c | 12 +-
> net/ipv4/tcp_input.c | 2 +-
> net/ipv4/udp.c | 10 +-
> net/ipv6/addrconf.c | 7 +-
> net/ipv6/af_inet6.c | 2 +-
> net/ipv6/datagram.c | 2 +-
> net/ipv6/ip6_fib.c | 4 +-
> net/ipv6/raw.c | 6 +-
> net/ipv6/udp.c | 6 +-
> net/iucv/af_iucv.c | 5 +-
> net/key/af_key.c | 4 +-
> net/l2tp/l2tp_eth.c | 38 +--
> net/netfilter/ipvs/ip_vs_conn.c | 6 +-
> net/netfilter/ipvs/ip_vs_core.c | 8 +-
> net/netfilter/ipvs/ip_vs_ctl.c | 12 +-
> net/netfilter/ipvs/ip_vs_sync.c | 6 +-
> net/netfilter/ipvs/ip_vs_xmit.c | 4 +-
> net/netfilter/nfnetlink_log.c | 4 +-
> net/netfilter/xt_statistic.c | 9 +-
> net/netlink/af_netlink.c | 4 +-
> net/packet/af_packet.c | 4 +-
> net/phonet/pep.c | 6 +-
> net/phonet/socket.c | 2 +-
> net/rds/cong.c | 6 +-
> net/rds/ib.h | 2 +-
> net/rds/ib_cm.c | 2 +-
> net/rds/ib_recv.c | 4 +-
> net/rxrpc/af_rxrpc.c | 2 +-
> net/rxrpc/ar-internal.h | 4 +-
> net/rxrpc/call_object.c | 2 +-
> net/rxrpc/conn_event.c | 4 +-
> net/rxrpc/conn_object.c | 2 +-
> net/rxrpc/local_object.c | 2 +-
> net/rxrpc/output.c | 4 +-
> net/rxrpc/peer_object.c | 2 +-
> net/rxrpc/proc.c | 2 +-
> net/rxrpc/rxkad.c | 4 +-
> net/sched/sch_generic.c | 4 +-
> net/sctp/sctp_diag.c | 2 +-
> net/sunrpc/auth_gss/svcauth_gss.c | 4 +-
> net/sunrpc/sched.c | 4 +-
> net/sunrpc/xprtrdma/svc_rdma.c | 36 +--
> net/sunrpc/xprtrdma/svc_rdma_recvfrom.c | 8 +-
> net/sunrpc/xprtrdma/svc_rdma_sendto.c | 2 +-
> net/sunrpc/xprtrdma/svc_rdma_transport.c | 2 +-
> net/xfrm/xfrm_policy.c | 11 +-
> net/xfrm/xfrm_state.c | 4 +-
> security/Kconfig | 19 ++
> security/integrity/ima/ima.h | 4 +-
> security/integrity/ima/ima_api.c | 2 +-
> security/integrity/ima/ima_fs.c | 4 +-
> security/integrity/ima/ima_queue.c | 2 +-
> security/selinux/avc.c | 7 +-
> security/selinux/include/xfrm.h | 2 +-
> 373 files changed, 3964 insertions(+), 2035 deletions(-)
> create mode 100644 Documentation/security/hardened-atomic.txt
>
> --
> 2.7.4
>
next prev parent reply other threads:[~2016-10-20 13:13 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-20 10:25 [kernel-hardening] [RFC v2 PATCH 00/13] HARDENED_ATOMIC Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 01/13] Add architecture independent hardened atomic base Elena Reshetova
2016-10-24 23:04 ` [kernel-hardening] " Kees Cook
2016-10-25 0:28 ` Kees Cook
2016-10-25 7:57 ` [kernel-hardening] " Reshetova, Elena
2016-10-25 8:51 ` [kernel-hardening] " AKASHI Takahiro
2016-10-25 9:46 ` Hans Liljestrand
2016-10-26 7:38 ` AKASHI Takahiro
2016-10-27 13:47 ` Hans Liljestrand
2016-10-25 18:20 ` Reshetova, Elena
2016-10-25 22:18 ` Kees Cook
2016-10-26 10:27 ` Reshetova, Elena
2016-10-26 20:44 ` Kees Cook
2016-10-25 22:16 ` Kees Cook
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 02/13] percpu-refcount: leave atomic counter unprotected Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 03/13] kernel: identify wrapping atomic usage Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 04/13] mm: " Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 05/13] fs: " Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 06/13] net: " Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 07/13] net: atm: " Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 08/13] security: " Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 09/13] drivers: identify wrapping atomic usage (part 1/2) Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 10/13] drivers: identify wrapping atomic usage (part 2/2) Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 11/13] x86: identify wrapping atomic usage Elena Reshetova
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 12/13] x86: implementation for HARDENED_ATOMIC Elena Reshetova
2016-10-26 5:06 ` AKASHI Takahiro
2016-10-26 6:55 ` David Windsor
2016-10-26 11:15 ` Reshetova, Elena
2016-10-26 20:51 ` Kees Cook
2016-10-26 21:48 ` David Windsor
2016-10-26 21:52 ` Kees Cook
2016-10-20 10:25 ` [kernel-hardening] [RFC v2 PATCH 13/13] lkdtm: add tests for atomic over-/underflow Elena Reshetova
2016-10-24 23:14 ` Kees Cook
2016-10-25 8:56 ` AKASHI Takahiro
2016-10-25 9:04 ` Colin Vidal
2016-10-25 9:11 ` Hans Liljestrand
2016-10-25 18:30 ` Kees Cook
2016-10-20 13:13 ` Hans Liljestrand [this message]
2016-10-24 22:38 ` [kernel-hardening] [RFC v2 PATCH 00/13] HARDENED_ATOMIC Kees Cook
2016-10-25 9:05 ` Hans Liljestrand
2016-10-25 17:18 ` Colin Vidal
2016-10-25 17:51 ` David Windsor
2016-10-25 20:53 ` Colin Vidal
2016-10-26 8:17 ` Reshetova, Elena
2016-10-26 8:44 ` Colin Vidal
2016-10-26 9:46 ` Reshetova, Elena
2016-10-26 18:52 ` Colin Vidal
2016-10-26 19:47 ` Colin Vidal
2016-10-26 19:52 ` Kees Cook
2016-10-26 20:07 ` Colin Vidal
2016-10-27 7:35 ` Reshetova, Elena
2016-10-27 12:00 ` Reshetova, Elena
[not found] ` <CAEXv5_jDAPAqHp7vfOzU+WqN_h3g00_VUOz2_xxp9nJNzzFjxg@mail.gmail.com>
2016-10-27 13:03 ` David Windsor
2016-10-28 13:02 ` Reshetova, Elena
2016-10-28 15:20 ` David Windsor
2016-10-28 19:51 ` Reshetova, Elena
2016-10-29 5:27 ` David Windsor
2016-10-29 10:31 ` Reshetova, Elena
2016-10-29 11:48 ` David Windsor
2016-10-29 17:56 ` Reshetova, Elena
2016-10-29 18:05 ` David Windsor
2016-10-29 18:08 ` Reshetova, Elena
2016-10-28 8:37 ` Colin Vidal
2016-10-26 19:49 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161020131350.GA18331@thigreal \
--to=ishkamiel@gmail.com \
--cc=elena.reshetova@intel.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.