Hi Kees, On Wed, Aug 17, 2016 at 4:52 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: > On Wed, Aug 17, 2016 at 5:13 AM, Geert Uytterhoeven > <geert@xxxxxxxxxxxxxx> wrote: >> Saw this when using NFS root on r8a7791/koelsch, using a tree based on >> renesas-drivers-2016-08-16-v4.8-rc2: >> >> usercopy: kernel memory exposure attempt detected from c01ff000 >> (<kernel text>) (4096 bytes) > > Hmmm, the kernel text exposure on ARM usually means the hardened > usercopy patchset was applied to an ARM tree without the _etext patch: > http://git.kernel.org/linus/14c4a533e0996f95a0a64dfd0b6252d788cebc74 > > If you _do_ have this patch already (and based on the comment below, I > suspect you do: usually the missing _etext makes the system entirely > unbootable), then we need to dig further. Yes, I do have that patch. >> Despite the BUG(), the system continues working. > > I assume exim4 got killed, though? Possibly. I don't really use email on the development boards. Just a debootstrapped Debian NFS root. > If you can figure out what bytes are present at c01ff000, that may > give us a clue. I've added a print_hex_dump(), so we'll find out when it happens again... Thanks! Gr{oetje,eeting}s, Geert -- Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx In personal conversations with technical people, I call myself a hacker. But when I'm talking to journalists I just say "programmer" or something like that. -- Linus Torvalds -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx"> email@xxxxxxxxx </a>