On Tue, Sep 17, 2019 at 09:36:06AM -0700, Matthew Wilcox wrote:
> If the copy has the correct bounds, the 'wholly within one base page'
> check will pass and it'll return. If the copy does span a page,
> the virt_to_head_page(end) call will return something bogus, then the
> PageReserved and CMA t
On Mon, Sep 16, 2019 at 08:05:00PM -0700, Kees Cook wrote:
> On Mon, Sep 16, 2019 at 05:32:09PM -0700, Matthew Wilcox wrote:
> > On Mon, Sep 16, 2019 at 02:32:56PM -0700, Kees Cook wrote:
> > > When running on a system with >512MB RAM with a 32-bit kernel built with:
> > >
> > > CONFIG_DEBUG_VIR
On Mon, Sep 16, 2019 at 05:32:09PM -0700, Matthew Wilcox wrote:
> On Mon, Sep 16, 2019 at 02:32:56PM -0700, Kees Cook wrote:
> > When running on a system with >512MB RAM with a 32-bit kernel built with:
> >
> > CONFIG_DEBUG_VIRTUAL=y
> > CONFIG_HIGHMEM=y
> > CONFIG_HARDENED_USERCOPY=y
On Mon, Sep 16, 2019 at 02:32:56PM -0700, Kees Cook wrote:
> When running on a system with >512MB RAM with a 32-bit kernel built with:
>
> CONFIG_DEBUG_VIRTUAL=y
> CONFIG_HIGHMEM=y
> CONFIG_HARDENED_USERCOPY=y
>
> all execve()s will fail due to argv copying into kmap()ed pages,
When running on a system with >512MB RAM with a 32-bit kernel built with:
CONFIG_DEBUG_VIRTUAL=y
CONFIG_HIGHMEM=y
CONFIG_HARDENED_USERCOPY=y
all execve()s will fail due to argv copying into kmap()ed pages, and on
usercopy checking the calls ultimately of virt_to_page() wil
5 matches
Mail list logo
