lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20170218055844.1457-1-ewk@edkovsky.org>
Date:   Fri, 17 Feb 2017 22:58:41 -0700
From:   Eddie Kovsky <ewk@...ovsky.org>
To:     jeyu@...hat.com, rusty@...tcorp.com.au, keescook@...omium.org,
        kys@...rosoft.com, haiyangz@...rosoft.com, sthemmin@...rosoft.com
Cc:     linux-kernel@...r.kernel.org, kernel-hardening@...ts.openwall.com
Subject: [PATCH v2 0/3] provide check for ro_after_init memory sections

Provide a mechansim for other functions to verify that their arguments
are read-only. Use this mechansim in the vmbus register functions to
reject arguments that fail this test.

This implements a suggestion made by Kees Cook for the Kernel Self
Protection Project:

    * provide mechanism to check for ro_after_init memory areas, and
      reject structures not marked ro_after_init in vmbus_register()

      http://www.openwall.com/lists/kernel-hardening/2017/02/04/1

I have successfully compiled this series on next-20170215 for x86.

Eddie Kovsky (3):
  module: verify address is read-only
  extable: verify address is read-only
  Make vmbus register arguments read-only

 drivers/hv/vmbus_drv.c | 10 ++++++++++
 include/linux/kernel.h |  2 ++
 include/linux/module.h |  7 +++++++
 kernel/extable.c       | 29 +++++++++++++++++++++++++++++
 kernel/module.c        | 44 ++++++++++++++++++++++++++++++++++++++++++++
 5 files changed, 92 insertions(+)

--
2.11.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ