On Thu, Oct 13, 2016 at 7:08 AM, Paul Burton <paul.burton@xxxxxxxxxx> wrote:
> On Wednesday, 12 October 2016 23:36:28 BST Kees Cook wrote:
>> On Mon, Oct 10, 2016 at 6:26 AM, Ralf Baechle <ralf@xxxxxxxxxxxxxx> wrote:
>> > On Sat, Oct 08, 2016 at 10:47:14PM +0100, Paul Burton wrote:
>> >> Enable CONFIG_HARDENED_USERCOPY checks for MIPS, calling check_object
>> >> size in all of copy_{to,from}_user(), __copy_{to,from}_user() &
>> >> __copy_{to,from}_user_inatomic().
>>
>> Awesome! Thanks for hooking this up. (Were you able to test with
>> lkdtm's usercopy tests?)
>
> Hi Kees,
>
> Yes - they successfully failed with a v4.8-based kernel, except for the stack
> ones (because we don't yet have arch_within_stack_frames, which looks to be
> true of everyone but x86) and the heap flags ones, which I gather from your
> blog post[1] isn't expected to fail yet.
>
> [1] https://outflux.net/blog/archives/2016/10/04/security-things-in-linux-v4-8/
Yup, perfect, those all sound to have behaved as expected. :) Thanks!
-Kees
--
Kees Cook
Nexus Security
