On Fri, Aug 19, 2016 at 12:41 PM, Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > On Wed, Aug 17, 2016 at 3:29 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote: >> When an allocator does not mark all allocations as PageSlab, or does not >> mark multipage allocations with __GFP_COMP, hardened usercopy cannot >> correctly validate the allocation. SLOB lacks this, so short-circuit >> the checking for the allocators that aren't marked with >> CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR. This also updates the config >> help and corrects a typo in the usercopy comments. > > I think I'm going to instead do just this: > > diff --git a/security/Kconfig b/security/Kconfig > index df28f2b6f3e1..da10d9b573a4 100644 > --- a/security/Kconfig > +++ b/security/Kconfig > @@ -136,6 +136,7 @@ config HAVE_ARCH_HARDENED_USERCOPY > config HARDENED_USERCOPY > bool "Harden memory copies between kernel and userspace" > depends on HAVE_ARCH_HARDENED_USERCOPY > + depends on HAVE_HARDENED_USERCOPY_ALLOCATOR > select BUG > help > This option checks for obviously wrong memory regions when > > which basically disables the hardened usercopy for SLOB systems. > Nobody cares, because nobody should use SLOB anyway, and certainly > wouldn't use it with hardening. Okay, I can live with that. I'd hoped to keep the general split between the other checks (i.e. stack) and the allocator, but if this is preferred, that's cool. :) > Let's see if we get any other warnings with that.. Another report came back on NFS root, but it didn't stop the system from booting, and may be a legit memory exposure report. I'm still investigating that. -Kees -- Kees Cook Nexus Security -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxx. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>