[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGXu5j+X6dWCGocG=P7pszTY-5OZ6Jmp-RsnDKox75M5rmVe4g@mail.gmail.com>
Date: Thu, 21 Sep 2017 08:40:00 -0700
From: Kees Cook <keescook@...omium.org>
To: Christopher Lameter <cl@...ux.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
David Windsor <dave@...lcore.net>,
Pekka Enberg <penberg@...nel.org>,
David Rientjes <rientjes@...gle.com>,
Joonsoo Kim <iamjoonsoo.kim@....com>,
Andrew Morton <akpm@...ux-foundation.org>,
Linux-MM <linux-mm@...ck.org>, linux-xfs@...r.kernel.org,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
Network Development <netdev@...r.kernel.org>,
"kernel-hardening@...ts.openwall.com"
<kernel-hardening@...ts.openwall.com>
Subject: Re: [kernel-hardening] Re: [PATCH v3 03/31] usercopy: Mark kmalloc
caches as usercopy caches
On Thu, Sep 21, 2017 at 8:27 AM, Christopher Lameter <cl@...ux.com> wrote:
> On Wed, 20 Sep 2017, Kees Cook wrote:
>
>> --- a/mm/slab.c
>> +++ b/mm/slab.c
>> @@ -1291,7 +1291,8 @@ void __init kmem_cache_init(void)
>> */
>> kmalloc_caches[INDEX_NODE] = create_kmalloc_cache(
>> kmalloc_info[INDEX_NODE].name,
>> - kmalloc_size(INDEX_NODE), ARCH_KMALLOC_FLAGS);
>> + kmalloc_size(INDEX_NODE), ARCH_KMALLOC_FLAGS,
>> + 0, kmalloc_size(INDEX_NODE));
>> slab_state = PARTIAL_NODE;
>> setup_kmalloc_cache_index_table();
>
> Ok this presumes that at some point we will be able to restrict the number
> of bytes writeable and thus set the offset and size field to different
> values. Is that realistic?
>
> We already whitelist all kmalloc caches (see first patch).
>
> So what is the point of this patch?
The DMA kmalloc caches are not whitelisted:
>> kmalloc_dma_caches[i] = create_kmalloc_cache(n,
>> - size, SLAB_CACHE_DMA | flags);
>> + size, SLAB_CACHE_DMA | flags, 0, 0);
So this is creating the distinction between the kmallocs that go to
userspace and those that don't. The expectation is that future work
can start to distinguish between "for userspace" and "only kernel"
kmalloc allocations, as is already done here for DMA.
-Kees
--
Kees Cook
Pixel Security
Powered by blists - more mailing lists