On Mon, Sep 16, 2019 at 02:32:56PM -0700, Kees Cook wrote: > When running on a system with >512MB RAM with a 32-bit kernel built with: > > CONFIG_DEBUG_VIRTUAL=y > CONFIG_HIGHMEM=y > CONFIG_HARDENED_USERCOPY=y > > all execve()s will fail due to argv copying into kmap()ed pages, and on > usercopy checking the calls ultimately of virt_to_page() will be looking > for "bad" kmap (highmem) pointers due to CONFIG_DEBUG_VIRTUAL=y: I don't understand why you want to skip the check. We must not cross a page boundary of a kmapped page.
