RICTED_DEVMEM
> + default y
> + help
> + If this option is disabled, you allow userspace (root) access to all
> + of memory, including kernel and userspace memory. Accidental
> + access to this is obviously disastrous, but specific access can
> + be used by people debugging the kernel.
> +
> + If this option is switched on, the /dev/mem file restricts userspace
> + access to an architecture-specific subset of the physical address
> + space.
Great consolidation, thanks! I would probably expand this help text a
bit to include some of details mentioned in the x86 portion of the
option. For example:
If this option is switched on, the /dev/mem file restricts userspace
access to an architecture-specific subset of the physical address
space. For example on x86, PCI space and BIOS code and data
regions. This is sufficient for things like dosemu and non-KMS
Xorg and all common users of /dev/mem.
Thanks!
-Kees
> +
> + If in doubt, say Y.
> +
> config DEVKMEM
> bool "/dev/kmem virtual device support"
> default y
> --
> 1.7.10.4
>
--
Kees Cook
Chrome OS Security
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
On Tue, Nov 4, 2014 at 11:59 AM, Leif Lindholm wrote:
> On Tue, Nov 04, 2014 at 10:43:00AM -0800, Kees Cook wrote:
>> > diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
>> > index efefd12..39f7817 100644
>> > --- a/drivers/char/Kconfig
>> > +++ b/
oops_data_sz = oops_log_partition.size - sizeof(struct oops_log_info);
>
> - rc = nvram_pstore_init();
> -
> - if (!rc)
> - return;
> -
> /*
> * Figure compression (preceded by elimination of each line's
> * severity prefix) will reduce the oops/panic report to at most
> @@ -759,6 +858,11 @@ static void __init nvram_init_oops_partition(int
> rtas_partition_exists)
> stream.workspace = NULL;
> }
>
> + rc = nvram_pstore_init();
> +
> + if (!rc)
> + return;
> +
> rc = kmsg_dump_register(&nvram_kmsg_dumper);
> if (rc != 0) {
> pr_err("nvram: kmsg_dump_register() failed; returned %d\n",
> rc);
>
--
Kees Cook
Chrome OS Security
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
On Tue, Jun 25, 2013 at 12:04 AM, Aruna Balakrishnaiah
wrote:
> Hi Kees,
>
>
> On Monday 24 June 2013 11:27 PM, Kees Cook wrote:
>>
>> On Sun, Jun 23, 2013 at 11:23 PM, Aruna Balakrishnaiah
>> wrote:
>>>
>>> The patch set supports compression of oo
ing to ponder if we need to have some
kind of regular header structure that backends can extend, but that
doesn't need to be part of this series. :)
Acked-by: Kees Cook
Thanks,
-Kees
--
Kees Cook
Chrome OS Security
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
nel/ptrace.c | 39 +-
> include/linux/ptrace.h | 51
> kernel/ptrace.c| 38 ++
> 16 files changed, 116 insertions(+), 363 deletions(-)
> delete mode 100644 arch/sh/kernel/pt
haustive
> test one could repeat this sequence for every register in the architecture.
>
> This should work the same on all architectures supporting kprobes. You just
> have to use the appropriate register names for your architecture after the
> "%"
nfo;
> static volatile int TRAP_nr;
> static void TRAP_action(int nr, siginfo_t *info, void *void_context)
> {
> + fprintf(stderr, "in TRAP_action\n");
> + fprintf(stderr, "info->si_call_addr %p\n", i
"
> +#endif
Ah-ha! Yes, thanks. Could you change the #error to something that
describes the particular (impossible) failure condition? "wut? Unknown
__BYTE_ORDER?!". Not a huge deal, but I always like verbose errors. :)
Especially for "impossible" situations. :)
-Kees
>
>
On Wed, Jul 15, 2015 at 12:37 AM, Michael Ellerman wrote:
> Wire up the syscall number and regs so the tests work on powerpc.
>
> Signed-off-by: Michael Ellerman
Acked-by: Kees Cook
-Kees
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 9 -
> 1 file cha
been updated to
> use force_successful_syscall_return().
>
> I have also checked all the powerpc specific syscalls, and believe that
> none of them expect to return a non-error value between -MAX_ERRNO and
> -516. So this change should be safe ...
>
> Acked-by: Benjamin Herren
t; is given.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
> arch/powerpc/kernel/entry_32.S | 4
> arch/powerpc/kernel/entry_64.S | 23 ++--
> arch/powerpc/kernel/ptrace.c | 48
> --
>
ompat, and doesn't deal with TIF_NOERROR.
>
> Although we could fix those, until it has a caller and it's clear what
> semantics the caller wants it's just untested code. So drop it.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
> ar
hough the value passed
> in is already negative.
>
> So remove the negation in syscall_set_return_value(), and expect the
> caller to do it like all other implementations do.
>
> Also add a comment about the ccr handling.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: K
ce to update.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
> arch/powerpc/include/asm/syscall.h | 19 ---
> 1 file changed, 8 insertions(+), 11 deletions(-)
>
> diff --git a/arch/powerpc/include/asm/syscall.h
> b/arch/p
d never modify it.
>
> Update syscall_set_arguments() while we're here, even though it's never
> used.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
> arch/powerpc/include/asm/syscall.h | 16 +---
> 1 file changed, 13 insert
e only
> user of SIGSYS in the kernel is seccomp filter, which we don't support
> yet.
>
> So before we enable seccomp filter, add compat handling for SIGSYS.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
> arch/powerpc/include/asm/compat.h
> parameter again. We do this restore using orig_gpr3, which may have been
> modified by seccomp, which allows seccomp to modify the first syscall
> paramater and allow the syscall to proceed.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
>
hack from samples/seccomp/bpf-helper.h which changes the offset
> on big endian to account for this.
>
> Signed-off-by: Michael Ellerman
Acked-by: Kees Cook
Thanks for fixing the error message! :)
-Kees
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 6 ++
> 1 file cha
call
> through seccomp.
>
> Signed-off-by: Michael Ellerman
Reviewed-by: Kees Cook
-Kees
> ---
> arch/powerpc/include/asm/syscall.h | 11 ---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/arch/powerpc/include/asm/syscall.h
> b/arc
ses syscall_restart? Seems like ARM remains
the odd-arch-out on this. :P)
Thanks!
-Kees
>
> Acked-by: Kees Cook
> Signed-off-by: Michael Ellerman
> ---
> tools/testing/selftests/seccomp/seccomp_bpf.c | 9 -
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
>
> parameter again. We do this restore using orig_gpr3, which may have been
> modified by seccomp, which allows seccomp to modify the first syscall
> paramater and allow the syscall to proceed.
>
> We need to #ifdef the the additional handling of r3 for seccomp, so move
> it all out
g accordingly.
>
> Signed-off-by: Aruna Balakrishnaiah
Nice work!
Acked-by: Kees Cook
--
Kees Cook
Chrome OS Security
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://lists.ozlabs.org/listinfo/linuxppc-dev
r addressing my issues from v1
Yeah, this is great. While I haven't tested it myself yet, the code
seems to be in good shape. I acked the ram piece separately, but
consider the entire series:
Reviewed-by: Kees Cook
Thanks!
-Kees
--
Kees Cook
Chrome OS Security
t; + case PSTORE_TYPE_PPC_OF:
> + sprintf(name, "of-%s-%lld", psname, id);
> + break;
> case PSTORE_TYPE_UNKNOWN:
> sprintf(name, "unknown-%s-%lld", psname, id);
> break;
> diff --git a
-
> fs/pstore/inode.c |9 +
> include/linux/pstore.h |4
> 3 files changed, 313 insertions(+), 53 deletions(-)
This series looks good! Other than the naming conventions (are these
new pstore typ
This makes sure format strings cannot leak into printk (the string has
already been correctly processed for format arguments).
Signed-off-by: Kees Cook
---
arch/powerpc/xmon/nonstdio.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/powerpc/xmon/nonstdio.c b/arch
ake timestamp related code y2038-safe
Thanks! I skimmed this, and it looks good to me.
Reviewed-by: Kees Cook
-Kees
>
>
> arch/powerpc/include/asm/nvram.h| 50 ++
> arch/powerpc/include/asm/rtas.h |5
> arch/powerpc/kernel/nvram_64.c
PIE linked application is loaded in a different area.
Thanks for working on this!
>
> We updated the "Fixing Offset2lib weakness" page:
> http://cybersecurity.upv.es/solutions/aslrv2/aslrv2.html
>
>
> Signed-off-by: Hector Marco-Gisbert
> Signed-off-by: Ismael Ripoll
it ... and will define mmap_rnd.
>
> Someone tell me how important Hector's patch is?
I consider it a reasonable improvement to userspace ASLR. I look at it
more as a new feature than a bug fix, but it could be argued as a bug
fix too.
>
>
> From: Andrew Morton
> Subject:
On Thu, Feb 26, 2015 at 4:11 PM, Kees Cook wrote:
> On Thu, Feb 26, 2015 at 4:06 PM, Andrew Morton
> wrote:
>> On Thu, 26 Feb 2015 15:37:37 -0800 Kees Cook wrote:
>>
>>> Agh, no, please let's avoid the CONFIG addition.
>>
>> That is precisely how we
Move logic for mmap ASLR into separate function.
Signed-off-by: Kees Cook
---
arch/arm/mm/mmap.c | 13 ++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/arch/arm/mm/mmap.c b/arch/arm/mm/mmap.c
index 5e85ed371364..0f8bc158f2c6 100644
--- a/arch/arm/mm/mmap.c
+++ b/arch
This moves s390's randomize_et_dyn base into ELF_ET_DYN_BASE, and removes
an unused arm64 extern.
Signed-off-by: Kees Cook
---
arch/arm64/include/asm/elf.h | 1 -
arch/s390/include/asm/elf.h | 9 +
arch/s390/mm/mmap.c | 11 ---
3 files changed, 5 insertions(+
This moves arch_mmap_rnd() into the ELF loader for handling ET_DYN ASLR
in a separate region from mmap ASLR, as already done on s390. Removes
CONFIG_BINFMT_ELF_RANDOMIZE_PIE.
Reported-by: Hector Marco-Gisbert
Signed-off-by: Kees Cook
---
arch/arm/Kconfig| 1 -
arch/arm64/Kconfig
On architectures that define CONFIG_ARCH_HAS_ELF_RANDOMIZE, collapse the
function declarations while continuing to handle CONFIG_COMPAT_BRK.
Signed-off-by: Kees Cook
---
arch/Kconfig | 1 +
arch/arm/include/asm/elf.h | 4
arch/arm64/include/asm/elf.h | 4
When an architecture fully supports randomizing the ELF load location, the
arch_mmap_rnd() function becomes available. Rename and expose these functions
where they exist. Introduces CONFIG_ARCH_HAS_ELF_RANDOMIZE.
Signed-off-by: Kees Cook
---
arch/Kconfig | 7 +++
arch/arm
This separates ET_DYN ASLR from mmap ASLR, as already done on s390. The
various architectures that are already randomizing mmap (arm, arm64, mips,
powerpc, s390, and x86), have their various forms of arch_mmap_rnd()
made available via the new CONFIG_ARCH_HAS_ELF_RANDOMIZE. For these
architectures,
Most architectures don't need to do anything special for the strict
seccomp syscall entries. Remove the redundant headers and reduce the
others.
Signed-off-by: Kees Cook
---
arch/arm/include/asm/seccomp.h | 12 +---
arch/microblaze/include/asm/seccomp.h
On Fri, Feb 27, 2015 at 5:36 PM, Stephen Rothwell wrote:
> Hi Kees,
>
> On Fri, 27 Feb 2015 16:52:29 -0800 Kees Cook wrote:
>>
>> diff --git a/arch/arm/include/asm/seccomp.h b/arch/arm/include/asm/seccomp.h
>> index 52b156b341f5..66ca6a30bf5c 100644
>> ---
On Mon, Mar 2, 2015 at 1:26 PM, Andrew Morton wrote:
> On Thu, 26 Feb 2015 19:07:09 -0800 Kees Cook wrote:
>
>> This separates ET_DYN ASLR from mmap ASLR, as already done on s390. The
>> various architectures that are already randomizing mmap (arm, arm64, mips,
>> power
Most architectures don't need to do anything special for the strict
seccomp syscall entries. Remove the redundant headers and reduce the
others.
Signed-off-by: Kees Cook
---
v2:
- use Kbuild "generic-y" instead of explicit #include lines (sfr)
---
arch/arm/include/asm/Kbuild
In preparation for exporting per-arch mmap randomization functions,
this moves the ASLR calculations for mmap on ARM into a separate routine.
Signed-off-by: Kees Cook
---
arch/arm/mm/mmap.c | 13 ++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/arch/arm/mm/mmap.c b
To address the "offset2lib" ASLR weakness[1], this separates ET_DYN
ASLR from mmap ASLR, as already done on s390. The architectures
that are already randomizing mmap (arm, arm64, mips, powerpc, s390,
and x86), have their various forms of arch_mmap_rnd() made available
via the new CONFIG_ARCH_HAS_EL
igned-off-by: Kees Cook
---
arch/Kconfig | 1 +
arch/arm/include/asm/elf.h | 4
arch/arm64/include/asm/elf.h | 4
arch/mips/include/asm/elf.h| 4
arch/powerpc/include/asm/elf.h | 4
arch/s390/include/asm/elf.h| 3 ---
arch/x86/include/asm/
loader for handling ET_DYN ASLR in a separate region from mmap ASLR,
as already done on s390. Removes CONFIG_BINFMT_ELF_RANDOMIZE_PIE, which
is no longer needed.
Reported-by: Hector Marco-Gisbert
Signed-off-by: Kees Cook
---
arch/arm/Kconfig| 1 -
arch/arm64/Kconfig | 1 -
(). Additionally introduces CONFIG_ARCH_HAS_ELF_RANDOMIZE
for describing this feature on architectures that support it (which is a
superset of ARCH_BINFMT_ELF_RANDOMIZE_PIE, since s390 already does this
witout the ARCH_BINFMT_ELF_RANDOMIZE_PIE logic).
Signed-off-by: Kees Cook
---
arch/Kconfig
n the same ET_DYN randomization on s390. Additionally removes
a copy/pasted unused arm64 extern.
Signed-off-by: Kees Cook
---
arch/arm64/include/asm/elf.h | 1 -
arch/s390/include/asm/elf.h | 9 +
arch/s390/mm/mmap.c | 11 ---
3 files changed, 5 insertions(+), 16 dele
On Tue, Mar 3, 2015 at 12:30 AM, Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
>> Most architectures don't need to do anything special for the strict
>> seccomp syscall entries. Remove the redundant headers and reduce the
>> others.
>
>> 19 files
On Mon, Mar 2, 2015 at 11:31 PM, Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
>> To address the "offset2lib" ASLR weakness[1], this separates ET_DYN
>> ASLR from mmap ASLR, as already done on s390. The architectures
>> that are already randomizing mmap (arm, a
To address the "offset2lib" ASLR weakness[1], this separates ET_DYN
ASLR from mmap ASLR, as already done on s390. The architectures
that are already randomizing mmap (arm, arm64, mips, powerpc, s390,
and x86), have their various forms of arch_mmap_rnd() made available
via the new CONFIG_ARCH_HAS_EL
In preparation for moving ET_DYN randomization into the ELF loader (which
requires a static ELF_ET_DYN_BASE), this redefines s390's existing ET_DYN
randomization in a call to arch_mmap_rnd(). This refactoring results in
the same ET_DYN randomization on s390.
Signed-off-by: Kees Cook
---
In preparation for splitting out ET_DYN ASLR, this refactors the use of
mmap_rnd() to be used similarly to arm and x86.
Signed-off-by: Kees Cook
---
Can mmap ASLR be safely enabled in the legacy mmap case here? Other archs
use "mm->mmap_base = TASK_UNMAPPED_BASE + random_factor&quo
In preparation for splitting out ET_DYN ASLR, this moves the ASLR calculations
for mmap on ARM into a separate routine, similar to x86. This also removes
the redundant check of personality (PF_RANDOMIZE is already set before calling
arch_pick_mmap_layout).
Signed-off-by: Kees Cook
---
arch/arm
In preparation for splitting out ET_DYN ASLR, this refactors the use of
mmap_rnd() to be used similarly to arm, and extracts the checking of
PF_RANDOMIZE.
Signed-off-by: Kees Cook
---
arch/x86/mm/mmap.c | 36
1 file changed, 20 insertions(+), 16 deletions
igned-off-by: Kees Cook
---
arch/Kconfig | 1 +
arch/arm/include/asm/elf.h | 4
arch/arm64/include/asm/elf.h | 4
arch/mips/include/asm/elf.h| 4
arch/powerpc/include/asm/elf.h | 4
arch/s390/include/asm/elf.h| 3 ---
arch/x86/include/asm/
declaration of an unused function.
Signed-off-by: Kees Cook
---
arch/arm64/include/asm/elf.h | 1 -
arch/arm64/mm/mmap.c | 18 +++---
2 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h
index 1f65be393139
(). Additionally introduces CONFIG_ARCH_HAS_ELF_RANDOMIZE
for describing this feature on architectures that support it
(which is a superset of ARCH_BINFMT_ELF_RANDOMIZE_PIE, since s390
already supports a separated ET_DYN ASLR from mmap ASLR without the
ARCH_BINFMT_ELF_RANDOMIZE_PIE logic).
Signed-off-by: Kees
In preparation for splitting out ET_DYN ASLR, extract the mmap ASLR
selection into a separate function.
Signed-off-by: Kees Cook
---
arch/mips/mm/mmap.c | 24
1 file changed, 16 insertions(+), 8 deletions(-)
diff --git a/arch/mips/mm/mmap.c b/arch/mips/mm/mmap.c
index
loader for handling ET_DYN ASLR in a separate region from mmap ASLR,
as was already done on s390. Removes CONFIG_BINFMT_ELF_RANDOMIZE_PIE,
which is no longer needed.
Reported-by: Hector Marco-Gisbert
Signed-off-by: Kees Cook
---
arch/arm/Kconfig| 1 -
arch/arm64/Kconfig |
In preparation for splitting out ET_DYN ASLR, this refactors the use of
mmap_rnd() to be used similarly to arm and x86, and extracts the checking
of PF_RANDOMIZE.
Signed-off-by: Kees Cook
---
arch/s390/mm/mmap.c | 34 +++---
1 file changed, 23 insertions(+), 11
In preparation for splitting out ET_DYN ASLR, this refactors the use of
mmap_rnd() to be used similarly to arm and x86, and extracts the checking
of PF_RANDOMIZE.
Signed-off-by: Kees Cook
---
arch/s390/mm/mmap.c | 34 +++---
1 file changed, 23 insertions(+), 11
In preparation for splitting out ET_DYN ASLR, this refactors the use of
mmap_rnd() to be used similarly to arm, and extracts the checking of
PF_RANDOMIZE.
Signed-off-by: Kees Cook
---
arch/x86/mm/mmap.c | 36
1 file changed, 20 insertions(+), 16 deletions
declaration of an unused function.
Signed-off-by: Kees Cook
---
arch/arm64/include/asm/elf.h | 1 -
arch/arm64/mm/mmap.c | 18 +++---
2 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h
index 1f65be393139
In preparation for splitting out ET_DYN ASLR, extract the mmap ASLR
selection into a separate function.
Signed-off-by: Kees Cook
---
It seems the entropy gets smaller as the PAGE_SIZE increases. Is this
intentional?
---
arch/mips/mm/mmap.c | 24
1 file changed, 16
igned-off-by: Kees Cook
---
arch/Kconfig | 1 +
arch/arm/include/asm/elf.h | 4
arch/arm64/include/asm/elf.h | 4
arch/mips/include/asm/elf.h| 4
arch/powerpc/include/asm/elf.h | 4
arch/s390/include/asm/elf.h| 3 ---
arch/x86/include/asm/
In preparation for splitting out ET_DYN ASLR, this refactors the use of
mmap_rnd() to be used similarly to arm and x86.
Signed-off-by: Kees Cook
Acked-by: Michael Ellerman
---
Can mmap ASLR be safely enabled in the legacy mmap case here? Other archs
use "mm->mmap_base = TASK_UNMAP
On Tue, Mar 3, 2015 at 8:16 PM, Michael Ellerman wrote:
> On Mon, 2015-03-02 at 16:19 -0800, Kees Cook wrote:
>> This fixes the "offset2lib" weakness in ASLR for arm, arm64, mips,
>> powerpc, and x86. The problem is that if there is a leak of ASLR from
>> the execu
In preparation for splitting out ET_DYN ASLR, this moves the ASLR calculations
for mmap on ARM into a separate routine, similar to x86. This also removes
the redundant check of personality (PF_RANDOMIZE is already set before calling
arch_pick_mmap_layout).
Signed-off-by: Kees Cook
---
arch/arm
(). Additionally introduces CONFIG_ARCH_HAS_ELF_RANDOMIZE
for describing this feature on architectures that support it
(which is a superset of ARCH_BINFMT_ELF_RANDOMIZE_PIE, since s390
already supports a separated ET_DYN ASLR from mmap ASLR without the
ARCH_BINFMT_ELF_RANDOMIZE_PIE logic).
Signed-off-by: Kees
To address the "offset2lib" ASLR weakness[1], this separates ET_DYN
ASLR from mmap ASLR, as already done on s390. The architectures
that are already randomizing mmap (arm, arm64, mips, powerpc, s390,
and x86), have their various forms of arch_mmap_rnd() made available
via the new CONFIG_ARCH_HAS_EL
On Wed, Mar 4, 2015 at 1:54 PM, Ingo Molnar wrote:
>
> * Kees Cook wrote:
>
>> To address the "offset2lib" ASLR weakness[1], this separates ET_DYN
>> ASLR from mmap ASLR, as already done on s390. The architectures
>> that are already randomizing mmap (arm, a
ly created arch_mmap_rnd() into the
ELF loader for handling ET_DYN ASLR in a separate region from mmap ASLR,
as was already done on s390. Removes CONFIG_BINFMT_ELF_RANDOMIZE_PIE,
which is no longer needed.
Reported-by: Hector Marco-Gisbert
Signed-off-by: Kees Cook
---
arch/arm/Kconfig
In preparation for moving ET_DYN randomization into the ELF loader (which
requires a static ELF_ET_DYN_BASE), this redefines s390's existing ET_DYN
randomization in a call to arch_mmap_rnd(). This refactoring results in
the same ET_DYN randomization on s390.
Signed-off-by: Kees Cook
---
Switch to using the newly created asm-generic/seccomp.h for the seccomp
strict mode syscall definitions. Definitions were identical.
Signed-off-by: Kees Cook
---
arch/arm/include/asm/Kbuild| 1 +
arch/arm/include/asm/seccomp.h | 11 ---
2 files changed, 1 insertion(+), 11 deletions
identical.
Signed-off-by: Kees Cook
---
arch/microblaze/include/asm/seccomp.h | 8 +---
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/arch/microblaze/include/asm/seccomp.h
b/arch/microblaze/include/asm/seccomp.h
index 0d912758a0d7..204618a2ce84 100644
--- a/arch/microblaze/include
Switch to using the newly created asm-generic/seccomp.h for the seccomp
strict mode syscall definitions. The obsolete sigreturn in COMPAT mode
is retained as an override. Remaining definitions are identical. Also
corrected missing #define for header reinclusion protection.
Signed-off-by: Kees
Switch to using the newly created asm-generic/seccomp.h for the seccomp
strict mode syscall definitions. COMPAT definitions retain their overrides
and the remaining definitions were identical.
Signed-off-by: Kees Cook
---
arch/mips/include/asm/seccomp.h | 7 ++-
1 file changed, 2 insertions
Switch to using the newly created asm-generic/seccomp.h for the seccomp
strict mode syscall definitions. The obsolete sigreturn in COMPAT mode
is retained as an override. Remaining definitions are identical, though
they incorrectly appeared in uapi, which has been corrected.
Signed-off-by: Kees
Some architectures may need to override the compat sigreturn definition,
as is already possible in the non-compat case.
Signed-off-by: Kees Cook
---
include/asm-generic/seccomp.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/include/asm-generic/seccomp.h b/include/asm-generic/seccomp.h
Switch to using the newly created asm-generic/seccomp.h for the seccomp
strict mode syscall definitions. Definitions were identical.
Signed-off-by: Kees Cook
---
arch/parisc/include/asm/Kbuild| 1 +
arch/parisc/include/asm/seccomp.h | 16
2 files changed, 1 insertion
Most architectures don't need to do much special for the strict-mode
seccomp syscall entries. Remove the redundant headers and reduce the
others.
Signed-off-by: Kees Cook
---
v3:
- split patch series by architecture
- fix up architectures that need sigreturn overrides (ingo)
v2:
- use K
Switch to using the newly created asm-generic/seccomp.h for the seccomp
strict mode syscall definitions. The obsolete sigreturn syscall override
is retained in 32-bit mode, and the ia32 syscall overrides are used in
the compat case. Remaining definitions were identical.
Signed-off-by: Kees Cook
On Mon, Mar 9, 2015 at 9:19 AM, Russell King - ARM Linux
wrote:
> On Tue, Mar 03, 2015 at 06:10:15PM -0800, Kees Cook wrote:
>> To address the "offset2lib" ASLR weakness[1], this separates ET_DYN
>> ASLR from mmap ASLR, as already done on s390. The architectures
>&g
On Wed, Mar 4, 2015 at 5:27 PM, Kees Cook wrote:
> Most architectures don't need to do much special for the strict-mode
> seccomp syscall entries. Remove the redundant headers and reduce the
> others.
>
> Signed-off-by: Kees Cook
Hi Andrew,
Just a quick ping: are you
On Tue, Mar 17, 2015 at 7:47 AM, Will Deacon wrote:
> On Wed, Mar 04, 2015 at 09:10:47PM +0000, Kees Cook wrote:
>> In preparation for splitting out ET_DYN ASLR, this refactors the use of
>> mmap_rnd() to be used similarly to arm and x86. This additionally enables
>> mma
400 KB for a KALLSYMS_ALL build, and about 100 KB
> reduction in compressed size. (with CONFIG_RELOCATABLE=y)
>
> Signed-off-by: Ard Biesheuvel
Tested-by: Kees Cook
-Kees
> ---
> I tested this with my Ubuntu Wily box's config-4.2.0-23-generic, and
> got the following resu
racted from the runtime
> address of _text to produce the actual address. Positive values are used as
> they are found in the table.
>
> Support for the above is enabled by setting CONFIG_KALLSYMS_TEXT_RELATIVE.
>
> Signed-off-by: Ard Biesheuvel
Reviewed-by: Kees Cook
ubject to dynamic relocation when the build time and runtime
> offsets of the kernel image are different"?
IIUC, this means that the relocation work done after decompression now
doesn't have to do relocation updates for all these values, which
means a smaller relocation table
nges to this patch.
>
> Ard Biesheuvel (3):
> x86: kallsyms: disable absolute percpu symbols on !SMP
> kallsyms: don't overload absolute symbol type for percpu symbols
> kallsyms: add support for relative offsets in kallsyms address table
Still works for me!
Reviewed-by:
Some callers of strtobool were passing a pointer to unterminated strings.
This fixes the issue and consolidates some logic in cifs.
Signed-off-by: Kees Cook
Cc: Amitkumar Karwar
Cc: Nishant Sarmukadam
Cc: Kalle Valo
Cc: Steve French
Cc: linux-c...@vger.kernel.org
---
drivers/net/wireless
This consolidates logic for handling "on"/"off" parsing for bools into
the existing strtobool function. This requires making sure callers are
passing NULL-terminated strings.
-Kees
___
Linuxppc-dev mailing list
Linuxppc-dev@lists.ozlabs.org
https://list
Several places in the kernel expect to use "on" and "off" for their
boolean signifiers, so add them to strtobool.
Signed-off-by: Kees Cook
Cc: Rasmus Villemoes
Cc: Daniel Borkmann
---
lib/string.c | 24 +---
1 file changed, 21 insertions(+), 3 deleti
This changes several users of manual "on"/"off" parsing to use strtobool.
Signed-off-by: Kees Cook
Cc: x...@kernel.org
Cc: linuxppc-dev@lists.ozlabs.org
Cc: linux-s...@vger.kernel.org
---
arch/powerpc/kernel/rtasd.c | 10 +++---
arch/powerpc/platforms/p
On Mon, Feb 1, 2016 at 5:17 AM, Andy Shevchenko
wrote:
> On Thu, Jan 28, 2016 at 4:17 PM, Kees Cook wrote:
>> Some callers of strtobool were passing a pointer to unterminated strings.
>> This fixes the issue and consolidates some logic in cifs.
>
> My comments below.
>
Add support for "on" and "off" when converting to boolean.
Signed-off-by: Kees Cook
---
lib/kstrtox.c | 14 ++
1 file changed, 14 insertions(+)
diff --git a/lib/kstrtox.c b/lib/kstrtox.c
index e18f088704d7..09e83a19a96d 100644
--- a/lib/kstrtox.c
+++ b/lib
This changes several users of manual "on"/"off" parsing to use strtobool.
(Which means they will now parse y/n/1/0 meaningfully too.)
Signed-off-by: Kees Cook
Acked-by: Heiko Carstens
Acked-by: Michael Ellerman
Cc: x...@kernel.org
Cc: linuxppc-dev@lists.oz
This consolidates logic for handling "on"/"off" parsing for bools into
the strtobool function, by way of moving it into kstrtobool (with helpers),
and updating various callers.
arch/powerpc/kernel/rtasd.c|9 ---
arch/powerpc/platforms/pseries/hotplug-cpu.c | 10
a
Create the kstrtobool_from_user helper and moves strtobool logic into
the new kstrtobool (matching all the other kstrto* functions). Provides
an inline wrapper for existing strtobool callers.
Signed-off-by: Kees Cook
---
include/linux/kernel.h | 3 +++
include/linux/string.h | 6 +-
lib
Some callers of strtobool were passing a pointer to unterminated strings.
In preparation of adding multi-character processing to kstrtobool, update
the callers to not pass single-character pointers, and switch to using the
new kstrtobool_from_user helper where possible.
Signed-off-by: Kees Cook
On Thu, Feb 4, 2016 at 2:43 PM, Andy Shevchenko
wrote:
> On Thu, Feb 4, 2016 at 11:00 PM, Kees Cook wrote:
>> Create the kstrtobool_from_user helper and moves strtobool logic into
>> the new kstrtobool (matching all the other kstrto* functions). Provides
>> an inline
1 - 100 of 762 matches
Mail list logo
