lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 22 Feb 2019 16:08:59 -0800 From: Linus Torvalds <torvalds@...ux-foundation.org> To: Alexei Starovoitov <alexei.starovoitov@...il.com> Cc: David Miller <davem@...emloft.net>, Masami Hiramatsu <mhiramat@...nel.org>, Steven Rostedt <rostedt@...dmis.org>, Andy Lutomirski <luto@...capital.net>, Linux List Kernel Mailing <linux-kernel@...r.kernel.org>, Ingo Molnar <mingo@...nel.org>, Andrew Morton <akpm@...ux-foundation.org>, stable <stable@...r.kernel.org>, Changbin Du <changbin.du@...il.com>, Jann Horn <jannh@...gle.com>, Kees Cook <keescook@...omium.org>, Andrew Lutomirski <luto@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Netdev <netdev@...r.kernel.org>, bpf@...r.kernel.org Subject: Re: [PATCH 1/2 v2] kprobe: Do not use uaccess functions to access kernel memory that can fault On Fri, Feb 22, 2019 at 3:56 PM Alexei Starovoitov <alexei.starovoitov@...il.com> wrote: > > It will preserve existing bpf_probe_read() behavior on x86. ... but that's the worst possible situation. It appears that people haven't understood that kernel and user addresses are distinct, and may have written programs that are fundamentally buggy. And we _want_ to make it clear that they are buggy on x86-64, exactly because x86-64 is the one that gets the most testing - by far. So if x86-64 continues working for buggy programs, then that only means that those bugs never get fixed. It would be much better to try to get those things fixed, and make the x86-64 implementation stricter, exactly so that people end up _realizing_ that they can't just think "a pointer is a pointer, and the context doesn't matter". >From a pure functional safety standpoint, I thought bpf already knew what kind of a pointer it had? Linus
Powered by blists - more mailing lists