lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CALCETrWWZy0hngPU8MCiQvnH+s0awpFE8wNBrYsf_c+nz6ZsDg@mail.gmail.com>
Date:	Tue, 10 May 2016 09:07:49 -0700
From:	Andy Lutomirski <luto@...capital.net>
To:	Dmitry Safonov <0x7f454c46@...il.com>,
	Ruslan Kabatsayev <b7.10110111@...il.com>,
	X86 ML <x86@...nel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	Borislav Petkov <bp@...en8.de>,
	Pavel Emelyanov <xemul@...allels.com>,
	Cyrill Gorcunov <gorcunov@...nvz.org>,
	Oleg Nesterov <oleg@...hat.com>
Subject: Getting rid of dynamic TASK_SIZE (on x86, at least)

Hi all-

I'm trying to get rid of x86's dynamic TASK_SIZE and just redefine it
to TASK_SIZE_MAX.  So far, these are the TASK_SIZE users that actually
seem to care about the task in question:

get_unmapped_area.  This is used by mmap, mremap, exec, uprobe XOL,
and maybe some other things.

 - mmap, mremap, etc: IMO this should check in_compat_syscall, not
TIF_ADDR32.  If a 64-bit task does an explicit 32-bit mmap (using int
$0x80, for example), it should get a 32-bit address back.

 - xol_add_vma: This one is weird: uprobes really is doing something
behind the task's back, and the addresses need to be consistent with
the address width.  I'm not quite sure what to do here.

 - exec.  This wants to set up mappings that are appropriate for the new task.

My inclination would be add a new 'limit' parameter to all the
get_unmapped_area variants and possible to vm_brk and friends and to
thus push the decision into the callers.  For the syscalls, we could
add:

static inline unsigned long this_syscall_addr_limit(void) { return TASK_SIZE; }

and override it on x86.

I'm not super excited to write that patch, though...

--Andy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ