Re: [kernel-hardening] [PATCH 09/38] usercopy: Mark kmalloc caches as usercopy caches

From: Kees Cook
Date: Mon Jan 27 2020 - 18:20:04 EST

Next message: Alexey Gladkov: "Re: [PATCH v7 07/11] proc: flush task dcache entries from all procfs instances"
Previous message: Kees Cook: "Re: [PATCH v2 1/1] lkdtm/stackleak: Make the test more verbose"
Next in thread: Christian Borntraeger: "Re: [kernel-hardening] [PATCH 09/38] usercopy: Mark kmalloc caches as usercopy caches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 23, 2020 at 09:14:20AM +0100, Jiri Slaby wrote:
> On 14. 11. 19, 22:27, Kees Cook wrote:
> > On Tue, Nov 12, 2019 at 01:21:54PM -0800, Kees Cook wrote:
> >> How is iucv the only network protocol that has run into this? Do others
> >> use a bounce buffer?
> >
> > Another solution would be to use a dedicated kmem cache (instead of the
> > shared kmalloc dma one)?
>
> Has there been any conclusion to this thread yet? For the time being, we
> disabled HARDENED_USERCOPY on s390...
>
> https://lore.kernel.org/kernel-hardening/9519edb7-456a-a2fa-659e-3e5a1ff89466@xxxxxxx/

I haven't heard anything new. What did people think of a separate kmem
cache?

--
Kees Cook

Next message: Alexey Gladkov: "Re: [PATCH v7 07/11] proc: flush task dcache entries from all procfs instances"
Previous message: Kees Cook: "Re: [PATCH v2 1/1] lkdtm/stackleak: Make the test more verbose"
Next in thread: Christian Borntraeger: "Re: [kernel-hardening] [PATCH 09/38] usercopy: Mark kmalloc caches as usercopy caches"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]