* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
@ 2017-09-11 15:26 ` Mark Salyzyn
0 siblings, 0 replies; 8+ messages in thread
From: Mark Salyzyn @ 2017-09-11 15:26 UTC (permalink / raw)
To: linux-kernel
Cc: kevin.brodsky, catalin.marinas, will.deacon, mingo, borntraeger,
james.morse, peterz, Dave.Martin, credmonster, zijun_hu,
mark.rutland, jszhang, labbott, john.stultz, keescook,
linux-arm-kernel, takahiro.akashi, mmarek, ard.biesheuvel,
Mark Salyzyn
Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
config option (enabled by default). When disabled, all kuser
helpers-related code is removed from the kernel and no mapping is done
at the fixed high address (0xffff0000); any attempt to use a kuser
helper from a 32-bit process will result in a segfault.
Signed-off-by: Mark Salyzyn <salyzyn@android.com>
v2:
- vectors_page and compat_vdso_spec as array of 2
- free sigpage if vectors allocation failed
- adjust makefile so one line for each of the assembler source modules
- split off assembler changes to a new previous patch in series to reduce churn
- modify slightly the feature documentation to reduce its reach
- modify slightly the feature documentation to rationalize the yes default.
- There are more ifdefs as a result of the rebase.
v3:
- rebase (minor conflicts)
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
@ 2017-09-11 15:26 ` Mark Salyzyn
0 siblings, 0 replies; 8+ messages in thread
From: Mark Salyzyn @ 2017-09-11 15:26 UTC (permalink / raw)
To: linux-arm-kernel
Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
config option (enabled by default). When disabled, all kuser
helpers-related code is removed from the kernel and no mapping is done
at the fixed high address (0xffff0000); any attempt to use a kuser
helper from a 32-bit process will result in a segfault.
Signed-off-by: Mark Salyzyn <salyzyn@android.com>
v2:
- vectors_page and compat_vdso_spec as array of 2
- free sigpage if vectors allocation failed
- adjust makefile so one line for each of the assembler source modules
- split off assembler changes to a new previous patch in series to reduce churn
- modify slightly the feature documentation to reduce its reach
- modify slightly the feature documentation to rationalize the yes default.
- There are more ifdefs as a result of the rebase.
v3:
- rebase (minor conflicts)
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
2017-09-11 15:26 ` Mark Salyzyn
@ 2017-09-19 22:02 ` Kees Cook
-1 siblings, 0 replies; 8+ messages in thread
From: Kees Cook @ 2017-09-19 22:02 UTC (permalink / raw)
To: Mark Salyzyn, Catalin Marinas, Will Deacon
Cc: LKML, kevin.brodsky, Ingo Molnar, Christian Borntraeger,
James Morse, Peter Zijlstra, Dave Martin, credmonster, zijun_hu,
Mark Rutland, Jisheng Zhang, Laura Abbott, John Stultz,
linux-arm-kernel, AKASHI Takahiro, Michal Marek, Ard Biesheuvel
On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote:
> Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
> config option (enabled by default). When disabled, all kuser
> helpers-related code is removed from the kernel and no mapping is done
> at the fixed high address (0xffff0000); any attempt to use a kuser
> helper from a 32-bit process will result in a segfault.
>
> Signed-off-by: Mark Salyzyn <salyzyn@android.com>
>
> v2:
> - vectors_page and compat_vdso_spec as array of 2
> - free sigpage if vectors allocation failed
> - adjust makefile so one line for each of the assembler source modules
> - split off assembler changes to a new previous patch in series to reduce churn
> - modify slightly the feature documentation to reduce its reach
> - modify slightly the feature documentation to rationalize the yes default.
> - There are more ifdefs as a result of the rebase.
>
> v3:
> - rebase (minor conflicts)
This looks great to me. I'd love to see kuser helpers gone. :)
Catalin, Will, does this need anything else?
-Kees
--
Kees Cook
Pixel Security
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
@ 2017-09-19 22:02 ` Kees Cook
0 siblings, 0 replies; 8+ messages in thread
From: Kees Cook @ 2017-09-19 22:02 UTC (permalink / raw)
To: linux-arm-kernel
On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote:
> Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
> config option (enabled by default). When disabled, all kuser
> helpers-related code is removed from the kernel and no mapping is done
> at the fixed high address (0xffff0000); any attempt to use a kuser
> helper from a 32-bit process will result in a segfault.
>
> Signed-off-by: Mark Salyzyn <salyzyn@android.com>
>
> v2:
> - vectors_page and compat_vdso_spec as array of 2
> - free sigpage if vectors allocation failed
> - adjust makefile so one line for each of the assembler source modules
> - split off assembler changes to a new previous patch in series to reduce churn
> - modify slightly the feature documentation to reduce its reach
> - modify slightly the feature documentation to rationalize the yes default.
> - There are more ifdefs as a result of the rebase.
>
> v3:
> - rebase (minor conflicts)
This looks great to me. I'd love to see kuser helpers gone. :)
Catalin, Will, does this need anything else?
-Kees
--
Kees Cook
Pixel Security
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
2017-09-19 22:02 ` Kees Cook
@ 2017-09-20 9:15 ` Will Deacon
-1 siblings, 0 replies; 8+ messages in thread
From: Will Deacon @ 2017-09-20 9:15 UTC (permalink / raw)
To: Kees Cook
Cc: Mark Salyzyn, Catalin Marinas, LKML, kevin.brodsky, Ingo Molnar,
Christian Borntraeger, James Morse, Peter Zijlstra, Dave Martin,
credmonster, zijun_hu, Mark Rutland, Jisheng Zhang, Laura Abbott,
John Stultz, linux-arm-kernel, AKASHI Takahiro, Michal Marek,
Ard Biesheuvel
On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote:
> On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote:
> > Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
> > config option (enabled by default). When disabled, all kuser
> > helpers-related code is removed from the kernel and no mapping is done
> > at the fixed high address (0xffff0000); any attempt to use a kuser
> > helper from a 32-bit process will result in a segfault.
> >
> > Signed-off-by: Mark Salyzyn <salyzyn@android.com>
> >
> > v2:
> > - vectors_page and compat_vdso_spec as array of 2
> > - free sigpage if vectors allocation failed
> > - adjust makefile so one line for each of the assembler source modules
> > - split off assembler changes to a new previous patch in series to reduce churn
> > - modify slightly the feature documentation to reduce its reach
> > - modify slightly the feature documentation to rationalize the yes default.
> > - There are more ifdefs as a result of the rebase.
> >
> > v3:
> > - rebase (minor conflicts)
>
> This looks great to me. I'd love to see kuser helpers gone. :)
>
> Catalin, Will, does this need anything else?
I haven't had chance to look at the patches yet (buried in other stuff), but
I aim to get to it in the next couple of weeks.
Will
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
@ 2017-09-20 9:15 ` Will Deacon
0 siblings, 0 replies; 8+ messages in thread
From: Will Deacon @ 2017-09-20 9:15 UTC (permalink / raw)
To: linux-arm-kernel
On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote:
> On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote:
> > Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
> > config option (enabled by default). When disabled, all kuser
> > helpers-related code is removed from the kernel and no mapping is done
> > at the fixed high address (0xffff0000); any attempt to use a kuser
> > helper from a 32-bit process will result in a segfault.
> >
> > Signed-off-by: Mark Salyzyn <salyzyn@android.com>
> >
> > v2:
> > - vectors_page and compat_vdso_spec as array of 2
> > - free sigpage if vectors allocation failed
> > - adjust makefile so one line for each of the assembler source modules
> > - split off assembler changes to a new previous patch in series to reduce churn
> > - modify slightly the feature documentation to reduce its reach
> > - modify slightly the feature documentation to rationalize the yes default.
> > - There are more ifdefs as a result of the rebase.
> >
> > v3:
> > - rebase (minor conflicts)
>
> This looks great to me. I'd love to see kuser helpers gone. :)
>
> Catalin, Will, does this need anything else?
I haven't had chance to look at the patches yet (buried in other stuff), but
I aim to get to it in the next couple of weeks.
Will
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
2017-09-20 9:15 ` Will Deacon
@ 2017-10-31 18:42 ` Mark Salyzyn
-1 siblings, 0 replies; 8+ messages in thread
From: Mark Salyzyn @ 2017-10-31 18:42 UTC (permalink / raw)
To: Will Deacon, Kees Cook
Cc: Catalin Marinas, LKML, kevin.brodsky, Ingo Molnar,
Christian Borntraeger, James Morse, Peter Zijlstra, Dave Martin,
credmonster, zijun_hu, Mark Rutland, Jisheng Zhang, Laura Abbott,
John Stultz, linux-arm-kernel, AKASHI Takahiro, Michal Marek,
Ard Biesheuvel
On 09/20/2017 02:15 AM, Will Deacon wrote:
> On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote:
>> On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote:
>>> Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
>>> config option (enabled by default). When disabled, all kuser
>>> helpers-related code is removed from the kernel and no mapping is done
>>> at the fixed high address (0xffff0000); any attempt to use a kuser
>>> helper from a 32-bit process will result in a segfault.
>>>
>>> Signed-off-by: Mark Salyzyn <salyzyn@android.com>
>>>
>>> v2:
>>> - vectors_page and compat_vdso_spec as array of 2
>>> - free sigpage if vectors allocation failed
>>> - adjust makefile so one line for each of the assembler source modules
>>> - split off assembler changes to a new previous patch in series to reduce churn
>>> - modify slightly the feature documentation to reduce its reach
>>> - modify slightly the feature documentation to rationalize the yes default.
>>> - There are more ifdefs as a result of the rebase.
>>>
>>> v3:
>>> - rebase (minor conflicts)
>> This looks great to me. I'd love to see kuser helpers gone. :)
>>
>> Catalin, Will, does this need anything else?
> I haven't had chance to look at the patches yet (buried in other stuff), but
> I aim to get to it in the next couple of weeks.
>
> Will
Ping?
^ permalink raw reply [flat|nested] 8+ messages in thread
* [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS
@ 2017-10-31 18:42 ` Mark Salyzyn
0 siblings, 0 replies; 8+ messages in thread
From: Mark Salyzyn @ 2017-10-31 18:42 UTC (permalink / raw)
To: linux-arm-kernel
On 09/20/2017 02:15 AM, Will Deacon wrote:
> On Tue, Sep 19, 2017 at 03:02:22PM -0700, Kees Cook wrote:
>> On Mon, Sep 11, 2017 at 8:26 AM, Mark Salyzyn <salyzyn@android.com> wrote:
>>> Make it possible to disable the kuser helpers by adding a KUSER_HELPERS
>>> config option (enabled by default). When disabled, all kuser
>>> helpers-related code is removed from the kernel and no mapping is done
>>> at the fixed high address (0xffff0000); any attempt to use a kuser
>>> helper from a 32-bit process will result in a segfault.
>>>
>>> Signed-off-by: Mark Salyzyn <salyzyn@android.com>
>>>
>>> v2:
>>> - vectors_page and compat_vdso_spec as array of 2
>>> - free sigpage if vectors allocation failed
>>> - adjust makefile so one line for each of the assembler source modules
>>> - split off assembler changes to a new previous patch in series to reduce churn
>>> - modify slightly the feature documentation to reduce its reach
>>> - modify slightly the feature documentation to rationalize the yes default.
>>> - There are more ifdefs as a result of the rebase.
>>>
>>> v3:
>>> - rebase (minor conflicts)
>> This looks great to me. I'd love to see kuser helpers gone. :)
>>
>> Catalin, Will, does this need anything else?
> I haven't had chance to look at the patches yet (buried in other stuff), but
> I aim to get to it in the next couple of weeks.
>
> Will
Ping?
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2017-10-31 18:42 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-11 15:26 [PATCH v3 0/3] arm64: Add CONFIG_KUSER_HELPERS Mark Salyzyn
2017-09-11 15:26 ` Mark Salyzyn
2017-09-19 22:02 ` Kees Cook
2017-09-19 22:02 ` Kees Cook
2017-09-20 9:15 ` Will Deacon
2017-09-20 9:15 ` Will Deacon
2017-10-31 18:42 ` Mark Salyzyn
2017-10-31 18:42 ` Mark Salyzyn
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.