Re: [PATCH 7/7] x86/uaccess: OOPS or warn on a fault with KERNEL_DS and !pagefault_disabled()

From: Borislav Petkov
Date: Wed May 25 2016 - 11:33:14 EST

Next message: Thierry Reding: "[GIT PULL] pwm: Changes for v4.7-rc1"
Previous message: Frank Rowand: "Re: [PATCH] devicetree - document using aliases to set spi bus number."
In reply to: Andy Lutomirski: "[PATCH 7/7] x86/uaccess: OOPS or warn on a fault with KERNEL_DS and !pagefault_disabled()"
Next in thread: Andy Lutomirski: "Re: [PATCH 7/7] x86/uaccess: OOPS or warn on a fault with KERNEL_DS and !pagefault_disabled()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 24, 2016 at 03:48:44PM -0700, Andy Lutomirski wrote:
> + if (unlikely(!is_user_ds && !pagefault_disabled())) {
> + if (extra < TASK_SIZE_MAX) {
> + /*
> + * Accessing user address under KERNEL_DS. This is a
> + * bug and should be fixed, but OOPSing is not helpful
> + * for exploit mitigation.
> + */
> + WARN_ONCE(1, "BUG: uaccess fault at 0x%lx with KERNEL_DS\n",

WARN and BUG?

Also, let's have this string and the one below differ for finding out
where we are during debugging.

> + extra);
> + } else {
> + /*
> + * If a bug that allows user-controlled KERNEL_DS
> + * access exists, this will prevent it from being used
> + * to trivially bypass kASLR.
> + */
> + pr_crit("BUG: uaccess fault at 0x%lx with KERNEL_DS\n",
> + extra);

--
Regards/Gruss,
Boris.

ECO tip #101: Trim your mails when you reply.

Next message: Thierry Reding: "[GIT PULL] pwm: Changes for v4.7-rc1"
Previous message: Frank Rowand: "Re: [PATCH] devicetree - document using aliases to set spi bus number."
In reply to: Andy Lutomirski: "[PATCH 7/7] x86/uaccess: OOPS or warn on a fault with KERNEL_DS and !pagefault_disabled()"
Next in thread: Andy Lutomirski: "Re: [PATCH 7/7] x86/uaccess: OOPS or warn on a fault with KERNEL_DS and !pagefault_disabled()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]