On Mon, Sep 16, 2019 at 05:32:09PM -0700, Matthew Wilcox wrote: > On Mon, Sep 16, 2019 at 02:32:56PM -0700, Kees Cook wrote: > > When running on a system with >512MB RAM with a 32-bit kernel built with: > > > > CONFIG_DEBUG_VIRTUAL=y > > CONFIG_HIGHMEM=y > > CONFIG_HARDENED_USERCOPY=y > > > > all execve()s will fail due to argv copying into kmap()ed pages, and on > > usercopy checking the calls ultimately of virt_to_page() will be looking > > for "bad" kmap (highmem) pointers due to CONFIG_DEBUG_VIRTUAL=y: > > I don't understand why you want to skip the check. We must not cross a > page boundary of a kmapped page. That requires a new test which hasn't existed before. First I need to fix the bug, and then we can add a new test and get that into -next, etc. -- Kees Cook
