lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 8 Dec 2014 18:20:16 +0000 From: Al Viro <viro@...IV.linux.org.uk> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: "Kirill A. Shutemov" <kirill@...temov.name>, Linux Kernel Mailing List <linux-kernel@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Network Development <netdev@...r.kernel.org> Subject: Re: [RFC][PATCHES] iov_iter.c rewrite On Mon, Dec 08, 2014 at 10:14:13AM -0800, Linus Torvalds wrote: > For a vmalloc() address, you'd have to actually walk the page tables. > Which is a f*cking horrible idea. Don't do it. We do have a > "vmalloc_to_page()" that does it, but the basic issue is that you damn > well shouldn't do IO on vmalloc'ed addresses. vmalloc'ed addresses > only exist in the first place to give a linear *virtual* mapping, if > you want physical pages you shouldn't have mixed it up with vmalloc in > the first place! > > Where the hell does this crop up, and who does this insane thing > anyway? It's wrong. How did it ever work before? finit_module() with O_DIRECT descriptor. And I suspect that "not well" is the answer - it used to call get_user_pages_fast() in that case. I certainly had missed that insanity during the analysis - we don't do a lot of O_DIRECT IO to/from kernel addresses of any sort... This codepath allows it ;-/ Ability to trigger it is equivalent to ability to run any code in kernel mode, so it's not an additional security hole, but... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists