Re: [PATCH] mm: Prevent mapping slab pages to userspace

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Kees Cook <keescook@xxxxxxxxxxxx>
Subject: Re: [PATCH] mm: Prevent mapping slab pages to userspace
From: Christopher Lameter <cl@xxxxxxxxx>
Date: Mon, 28 Jan 2019 20:08:23 +0000
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Matthew Wilcox <willy@xxxxxxxxxxxxx>, Linux-MM <linux-mm@xxxxxxxxx>, LKML <linux-kernel@xxxxxxxxxxxxxxx>, Rik van Riel <riel@xxxxxxxxxxx>, Pekka Enberg <penberg@xxxxxxxxxx>, David Rientjes <rientjes@xxxxxxxxxx>, Joonsoo Kim <iamjoonsoo.kim@xxxxxxx>, Kernel Hardening <kernel-hardening@xxxxxxxxxxxxxxxxxx>, Michael Ellerman <mpe@xxxxxxxxxxxxxx>
Feedback-id: 1.us-east-1.fQZZZ0Xtj2+TD7V5apTT/NrT6QKuPgzCT/IC7XYgDKI=:AmazonSES
In-reply-to: <CAGXu5jJkf4pKr0WVUcFitZnnUbq3annautZxzYPC0TQaB5HaGA@mail.gmail.com>
References: <20190125173827.2658-1-willy@infradead.org> <20190128102055.5b0790549542891c4dca47a3@linux-foundation.org> <CAGXu5jJkf4pKr0WVUcFitZnnUbq3annautZxzYPC0TQaB5HaGA@mail.gmail.com>
User-agent: Alpine 2.21 (DEB 202 2017-01-01)

On Tue, 29 Jan 2019, Kees Cook wrote:

> It seems like a fatal condition to me? There's nothing to check that
> such a page wouldn't get freed by the slab while still mapped to
> userspace, right?

Lets just fail the code.  Currently this may work with SLUB. But SLAB and
SLOB overlay fields with mapcount. So you would have a corrupted page
struct if you mapped a slab page to user space.

References:
- [PATCH] mm: Prevent mapping slab pages to userspace
  - From: Matthew Wilcox
- Re: [PATCH] mm: Prevent mapping slab pages to userspace
  - From: Andrew Morton
- Re: [PATCH] mm: Prevent mapping slab pages to userspace
  - From: Kees Cook

Prev by Date: Re: [v2 PATCH] mm: ksm: do not block on page lock when searching stable tree
Next by Date: Re: [PATCH] mm,slab,vmscan: accumulate gradual pressure on small slabs
Previous by thread: Re: [PATCH] mm: Prevent mapping slab pages to userspace
Next by thread: Re: [PATCH] mm: Prevent mapping slab pages to userspace
Index(es):
- Date
- Thread

[Index of Archives] [Linux ARM Kernel] [Linux ARM] [Linux Omap] [Fedora ARM] [IETF Annouce] [Bugtraq] [Linux OMAP] [Linux MIPS] [eCos] [Asterisk Internet PBX] [Linux API]