| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 May 2016 09:07:49 -0700
From: Andy Lutomirski <luto@...capital.net>
To: Dmitry Safonov <0x7f454c46@...il.com>,
Ruslan Kabatsayev <b7.10110111@...il.com>,
X86 ML <x86@...nel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-mm@...ck.org" <linux-mm@...ck.org>,
Borislav Petkov <bp@...en8.de>,
Pavel Emelyanov <xemul@...allels.com>,
Cyrill Gorcunov <gorcunov@...nvz.org>,
Oleg Nesterov <oleg@...hat.com>
Subject: Getting rid of dynamic TASK_SIZE (on x86, at least)
Hi all-
I'm trying to get rid of x86's dynamic TASK_SIZE and just redefine it
to TASK_SIZE_MAX. So far, these are the TASK_SIZE users that actually
seem to care about the task in question:
get_unmapped_area. This is used by mmap, mremap, exec, uprobe XOL,
and maybe some other things.
- mmap, mremap, etc: IMO this should check in_compat_syscall, not
TIF_ADDR32. If a 64-bit task does an explicit 32-bit mmap (using int
$0x80, for example), it should get a 32-bit address back.
- xol_add_vma: This one is weird: uprobes really is doing something
behind the task's back, and the addresses need to be consistent with
the address width. I'm not quite sure what to do here.
- exec. This wants to set up mappings that are appropriate for the new task.
My inclination would be add a new 'limit' parameter to all the
get_unmapped_area variants and possible to vm_brk and friends and to
thus push the decision into the callers. For the syscalls, we could
add:
static inline unsigned long this_syscall_addr_limit(void) { return TASK_SIZE; }
and override it on x86.
I'm not super excited to write that patch, though...
--Andy
Powered by blists - more mailing lists