Re: [RFC PATCH v1 1/1] exec: seal system mappings

On Mon, Oct 7, 2024 at 4:42 PM Randy Dunlap wrote: > > Hi Jeff, > > On 10/4/24 9:31 AM, jef...@chromium.org wrote: > > From: Jeff Xu > > > > Seal vdso, vvar, sigpage, uprobes and vsyscall. > > > > > > > Signed-off-by: Jeff Xu > > --- > > .../admin-guide/kernel-parameters.txt | 9 >

[PATCH] mseal.rst additional fix

From: Jeff Xu Change "overwrite" to overwrites" Signed-off-by: Jeff Xu --- Documentation/userspace-api/mseal.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Documentation/userspace-api/mseal.rst b/Documentation/userspace-api/mseal.rst index 41102f74c5e2..54bbcce330ec 1

[PATCH v3 1/1] mseal: update mseal.rst

From: Jeff Xu Update doc after in-loop change: mprotect/madvise can have partially updated and munmap is atomic. Fix indentation and clarify some sections to improve readability. Signed-off-by: Jeff Xu Fixes: df2a7df9a9aa ("mm/munmap: replace can_modify_mm with can_modify_vma") Fixes: 4a2dd02b

[PATCH v3 0/1] update mseal.rst

From: Jeff Xu Pedro Falcato's optimization [1] for checking sealed VMAs, which replaces the can_modify_mm() function with an in-loop check, necessitates an update to the mseal.rst documentation to reflect this change. Furthermore, the document has received offline comments regarding the code sam

Re: [RFC PATCH v1 0/1] seal system mappings

* jef...@chromium.org [241004 12:32]: > From: Jeff Xu > > Seal vdso, vvar, sigpage, uprobes and vsyscall. > > Those mappings are readonly or executable only, sealing can protect > them from ever changing during the life time of the process. > > System mappings such as vdso, vvar, and sigpage (

Re: [RFC PATCH v1 1/1] exec: seal system mappings

Hi Jeff, On 10/4/24 9:31 AM, jef...@chromium.org wrote: > From: Jeff Xu > > Seal vdso, vvar, sigpage, uprobes and vsyscall. > > > Signed-off-by: Jeff Xu > --- > .../admin-guide/kernel-parameters.txt | 9 > arch/x86/entry/vsyscall/vsyscall_64.c | 9 +++- > fs/exec.c

[PATCH v2 2/2] wifi: mwifiex: Annotate mwifiex_ie_types_wildcard_ssid_params with __counted_by()

Add the __counted_by compiler attribute to the flexible array member `ssid` to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Signed-off-by: Alper Nebi Yasak --- I've mimicked the commit messages from `git log -S"__counted_by("`. Since they refer to UBSAN I trie

[PATCH v2 1/2] wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()

Replace one-element array with a flexible-array member in `struct mwifiex_ie_types_wildcard_ssid_params` to fix the following warning on a MT8173 Chromebook (mt8173-elm-hana): [ 356.775250] [ cut here ] [ 356.784543] memcpy: detected field-spanning write (size 6) of singl

Re: [PATCH v2 1/1] mseal: update mseal.rst

Hi Theo On Fri, Oct 4, 2024 at 6:04 PM Theo de Raadt wrote: > > Randy Dunlap wrote: > > > On 10/4/24 9:52 AM, Jeff Xu wrote: > > >> above is not a sentence but I don't know how to fix it. > > >> > > > Would below work ? > > > > > > Certain destructive madvise behaviors, specifically MADV_DONTNEE

Re: [PATCH v2 1/1] mseal: update mseal.rst

Hi Theo On Fri, Oct 4, 2024 at 12:11 PM Theo de Raadt wrote: > > Jeff Xu wrote: > > > > > + replacement with a new mapping with new set of attributes, or can > > > > + overwrite the existing mapping with another mapping. > > > > + > > > > + mprotect and pkey_mprotect are blocked because th

Re: [PATCH v2 1/1] mseal: update mseal.rst

Hi Randy On Fri, Oct 4, 2024 at 4:52 PM Randy Dunlap wrote: > > > > On 10/4/24 9:52 AM, Jeff Xu wrote: > >> above is not a sentence but I don't know how to fix it. > >> > > Would below work ? > > > > Certain destructive madvise behaviors, specifically MADV_DONTNEED, > > MADV_FREE, MADV_DONTNEED_L

Re: [RFC PATCH v1 1/1] exec: seal system mappings

On Sat, Oct 5, 2024 at 1:08 PM Oleg Nesterov wrote: > > On 10/04, jef...@chromium.org wrote: > > > > It is important to note that the CHECKPOINT_RESTORE feature (CRIU) may > > alter the mapping of vdso, vvar, and sigpage during restore > > operations. Consequently, this feature cannot be universal

Re: [RFC PATCH v1 1/1] exec: seal system mappings

On Sat, Oct 5, 2024 at 1:21 PM Oleg Nesterov wrote: > > Sorry for the noise, forgot to mention... > > On 10/04, jef...@chromium.org wrote: > > > > --- a/Documentation/admin-guide/kernel-parameters.txt > > +++ b/Documentation/admin-guide/kernel-parameters.txt > > @@ -1535,6 +1535,15 @@ > >

[RESEND PATCH] ext4: Annotate struct fname with __counted_by()

Add the __counted_by compiler attribute to the flexible array member name to improve access bounds-checking via CONFIG_UBSAN_BOUNDS and CONFIG_FORTIFY_SOURCE. Inline and use struct_size() to calculate the number of bytes to allocate for new_fn and remove the local variable len. Signed-off-by: Tho

[RESEND PATCH] MAINTAINERS: Add kernel hardening keywords __counted_by{_le|_be}

In addition to __counted_by, also match the keywords __counted_by_le and __counted_by_be. Signed-off-by: Thorsten Blum --- MAINTAINERS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MAINTAINERS b/MAINTAINERS index 84086d47db69..475387503391 100644 --- a/MAINTAINERS +++ b/MAI

[PATCH v2] pstore: Fix uaf when backend is unregistered

when unload pstore_blk, we will unlink the pstore file and set pos->dentry to NULL, but simple_unlink(d_inode(root), pos->dentry) may free inode of pos->dentry and free pos by free_pstore_private, this may trigger uaf. kasan report: kernel: =