| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171120105309.73i2sllqq5lfjlba@lakrids.cambridge.arm.com>
Date: Mon, 20 Nov 2017 11:26:20 +0000
From: Mark Rutland <mark.rutland@....com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: Catalin Marinas <catalin.marinas@....com>,
Ben Hutchings <ben.hutchings@...ethink.co.uk>,
linux-kernel@...r.kernel.org, stable@...r.kernel.org,
Will Deacon <will.deacon@....com>
Subject: Re: [PATCH 4.4 07/40] arm64: ensure __dump_instr() checks addr_limit
On Sun, Nov 19, 2017 at 11:29:35AM +0100, Greg Kroah-Hartman wrote:
> On Tue, Nov 14, 2017 at 04:18:23PM +0000, Mark Rutland wrote:
> > I agree that we need both patches. On its own (in the absence of PAN/UAO),
> > 57f4959bad0a154a wouldn't have any effect, but it is critical to ensure that we
> > can dump kernel instructions when we intend to, with 7a7003b1da010d2b
> > backported.
> >
> > Backporting 57f4959bad0a154a as a prerequisite makes sense to me.
>
> But that is a "new feature", are you sure about this?
Sorry, I copied the wrong commit ID when replying. I meant to say that
we should backport commit:
c5cea06be060f38e ("arm64: fix dump_instr when PAN and UAO are in use")
... which on its own does nothing, but will prevent 7a7003b1da010d2b
from breaking kernel dumps.
We should *not* backport commit:
57f4959bad0a154a ("arm64: kernel: Add support for User Access Override")
> So, just apply that one patch and we are all ok? Nothing else?
Just apply c5cea06be060f38e as a prerequisite for 7a7003b1da010d2b, and
I think we're good. I'm not aware of anything else we need.
> confused,
Sorry about that. Hopefully the above clarified things?
Thanks,
Mark.
Powered by blists - more mailing lists