| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20160525153301.GE4420@pd.tnic>
Date: Wed, 25 May 2016 17:33:01 +0200
From: Borislav Petkov <bp@...en8.de>
To: Andy Lutomirski <luto@...nel.org>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org,
Kees Cook <keescook@...omium.org>,
Brian Gerst <brgerst@...il.com>
Subject: Re: [PATCH 7/7] x86/uaccess: OOPS or warn on a fault with KERNEL_DS
and !pagefault_disabled()
On Tue, May 24, 2016 at 03:48:44PM -0700, Andy Lutomirski wrote:
> + if (unlikely(!is_user_ds && !pagefault_disabled())) {
> + if (extra < TASK_SIZE_MAX) {
> + /*
> + * Accessing user address under KERNEL_DS. This is a
> + * bug and should be fixed, but OOPSing is not helpful
> + * for exploit mitigation.
> + */
> + WARN_ONCE(1, "BUG: uaccess fault at 0x%lx with KERNEL_DS\n",
WARN and BUG?
Also, let's have this string and the one below differ for finding out
where we are during debugging.
> + extra);
> + } else {
> + /*
> + * If a bug that allows user-controlled KERNEL_DS
> + * access exists, this will prevent it from being used
> + * to trivially bypass kASLR.
> + */
> + pr_crit("BUG: uaccess fault at 0x%lx with KERNEL_DS\n",
> + extra);
--
Regards/Gruss,
Boris.
ECO tip #101: Trim your mails when you reply.
Powered by blists - more mailing lists