lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 15 Dec 2017 17:10:58 -0800
From:   Linus Torvalds <>
To:     Dan Williams <>
Cc:     Peter Zijlstra <>,
        Dave Hansen <>,
        Linux Kernel Mailing List <>,
        Thomas Gleixner <>,
        "the arch/x86 maintainers" <>,
        Andy Lutomirsky <>,
        Borislav Petkov <>,
        Greg KH <>,
        Kees Cook <>,
        Hugh Dickins <>,
        Brian Gerst <>,
        Josh Poimboeuf <>,
        Denys Vlasenko <>,
        Boris Ostrovsky <>,
        Juergen Gross <>,
        David Laight <>,
        Eduardo Valentin <>,
        "Liguori, Anthony" <>,
        Will Deacon <>,
        linux-mm <>,
        "Kirill A. Shutemov" <>
Subject: Re: [PATCH v2 01/17] mm/gup: Fixup p*_access_permitted()

On Fri, Dec 15, 2017 at 4:29 PM, Dan Williams <> wrote:
> So do you want to do a straight revert of these that went in for 4.15:

I think that's the right thing to do, but would want to verify that
there are no *other* issues than just the attempt at PKRU.

The commit message does talk about PAGE_USER, and as mentioned I do
think that's a good thing to check, I just don't think it should be
done this way,

Was there something else going behind these commits? Because if not,
let's revert and then perhaps later introduce a more targeted thing?

Also, aren't the protection keys encoded in the vma?

Because *if* we want to check protection keys, I think we should do
that at the vma layer, partly exactly because the exact implementation
of protection keys is so architecture-specific, and partly because I
don't think it makes sense to check them for every page anyway.


Powered by blists - more mailing lists