Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751514AbdH3Szz (ORCPT <rfc822;w@1wt.eu>);
        Wed, 30 Aug 2017 14:55:55 -0400
Received: from mx1.redhat.com ([209.132.183.28]:51678 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751284AbdH3Szx (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 30 Aug 2017 14:55:53 -0400
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 1BF49C058EA9
Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=fail smtp.mailfrom=riel@redhat.com
Message-ID: <1504119351.26846.79.camel@redhat.com>
Subject: Re: [kernel-hardening] [PATCH v2 25/30] fork: Define usercopy
 region in thread_stack slab caches
From: Rik van Riel <riel@redhat.com>
To: Kees Cook <keescook@chromium.org>, linux-kernel@vger.kernel.org
Cc: David Windsor <dave@nullcore.net>, Ingo Molnar <mingo@kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        Thomas Gleixner <tglx@linutronix.de>,
        Andy Lutomirski <luto@kernel.org>, linux-mm@kvack.org,
        kernel-hardening@lists.openwall.com
Date: Wed, 30 Aug 2017 14:55:51 -0400
In-Reply-To: <1503956111-36652-26-git-send-email-keescook@chromium.org>
References: <1503956111-36652-1-git-send-email-keescook@chromium.org>
         <1503956111-36652-26-git-send-email-keescook@chromium.org>
Content-Type: multipart/signed; micalg="pgp-sha256";
        protocol="application/pgp-signature"; boundary="=-5yNfw2/9DwlhFVGK3aNK"
Mime-Version: 1.0
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Wed, 30 Aug 2017 18:55:53 +0000 (UTC)
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1350
Lines: 39


--=-5yNfw2/9DwlhFVGK3aNK
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Mon, 2017-08-28 at 14:35 -0700, Kees Cook wrote:
> From: David Windsor <dave@nullcore.net>
>=20
> In support of usercopy hardening, this patch defines a region in the
> thread_stack slab caches in which userspace copy operations are
> allowed.
> Since the entire thread_stack needs to be available to userspace, the
> entire slab contents are whitelisted. Note that the slab-based thread
> stack is only present on systems with THREAD_SIZE < PAGE_SIZE and
> !CONFIG_VMAP_STACK.
>=20

Acked-by: Rik van Riel <riel@redhat.com>

--=20
All rights reversed
--=-5yNfw2/9DwlhFVGK3aNK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAABCAAGBQJZpwo3AAoJEM553pKExN6DTIAIAICxbgOqL7sjfwNyLMbbVJnN
UrgRUrD2Hx7/6O7LWTaS8sWotYyl5bPxKSBajvhqLEs+H2LRYhpjPXmHH5sA5e8T
2o8NV7Li3EjqUgRm5tYP0lz3ejdk7OJPpI8Tc6lMgGRW7B7f9mI8WlR7f6cV9fVx
p2hA2wLF1IxMOtI99O/JyeAaDleKuLjc+TUN5j5HM/UZ97EZkXAag2eLxtrMWyHF
jOSuYe7Jf0gXggS2KyWIGo7fxhERhqRuLsLTJexDGb5LZsxGDDr2sJebv59Q8reS
oL70reLJLvcoVkgXzeKay1nYChEv/rH4+N1AwJOCXJ4ny79k7O/vp0ESvRgTA+Y=
=uqD+
-----END PGP SIGNATURE-----

--=-5yNfw2/9DwlhFVGK3aNK--