Received: by 10.223.185.116 with SMTP id b49csp1680102wrg; Thu, 22 Feb 2018 01:03:06 -0800 (PST) X-Google-Smtp-Source: AH8x224SlD8OK+5DyFHa4RGZveQb5IhXYamsIJbGzTl6DHiEuOvWLiUzKxQGIuwD/m88fx0tyw8x X-Received: by 10.167.129.195 with SMTP id c3mr6196696pfn.14.1519290186069; Thu, 22 Feb 2018 01:03:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519290186; cv=none; d=google.com; s=arc-20160816; b=B/locxq12fX7wEkhiJYd0I5XY2roVUjDW0xzbvDMNflWCZJNeNdXxi8f60YYilmrIF fF4qUOltgkqpIxm6Qc++imbjuqHMRLVf1MNm30q5sNBpH2XGIcZUDd74D+U3CddXSGbp Y0C8oH3+J9W7PiGPra3OxJjJqzLKWQ4LoOK4IhDj7zjG6A8D1hiutIHkJhGx1d2kEyAB yLMyhNoglUYa4Js9TEKwQMr8y36t8kyaO6NeX25BVpgYQtB8yKLiaS9aProlXwDZ9cSP DzVXqcoMttRUh2s4C5NIinBZ/fyvF3v6mgEwpmZn7z5AFxjwtxc/YZUDQRxK5W7DDeVU RHAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=4HK1vHimG8F3Is+Dipa8BgmL36UXFZsL4lUHCKeIFEE=; b=rrI/F5mXtvpP3SQhnZINzGtz5H+EDJDQpMwXMw0J+ysSNluiCIxBiJ672fQQBqJgje a8q/wKgcWoy4Mfpvai9AV6sqxDzQajsDiIiQEBevGr12kQ9SpoKDZXEgCAAiC63BauDB lYHkideaZfR5KVD3zG5qaNJcBSIwBbLJuHwquMeeJgv5xC6HRd/78wN2PQXDbd74Uzsb qKnCKqBhUcKXC7+xf0B0GyXjlnL+f8kOo91AYGF01V1Squs41h6BW9/hmn3LaEaqWDzi YEdYqryb29d8tgjI0ybmMiHDNzrTE5FjerVmQ0foOdsdiX2460bzJ1z1iKXwHe009OUD OTzA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u12-v6si1199103plr.462.2018.02.22.01.02.51; Thu, 22 Feb 2018 01:03:06 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752860AbeBVJBl (ORCPT + 99 others); Thu, 22 Feb 2018 04:01:41 -0500 Received: from lhrrgout.huawei.com ([194.213.3.17]:27132 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752644AbeBVJBk (ORCPT ); Thu, 22 Feb 2018 04:01:40 -0500 Received: from LHREML712-CAH.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 785BA5A962481; Thu, 22 Feb 2018 09:01:37 +0000 (GMT) Received: from [10.122.225.51] (10.122.225.51) by smtpsuk.huawei.com (10.201.108.35) with Microsoft SMTP Server (TLS) id 14.3.361.1; Thu, 22 Feb 2018 09:01:34 +0000 Subject: Re: [PATCH 5/6] Pmalloc: self-test To: Kees Cook CC: Matthew Wilcox , Randy Dunlap , Jonathan Corbet , Michal Hocko , Laura Abbott , Jerome Glisse , Christoph Hellwig , "Christoph Lameter" , linux-security-module , Linux-MM , LKML , Kernel Hardening References: <20180212165301.17933-1-igor.stoppa@huawei.com> <20180212165301.17933-6-igor.stoppa@huawei.com> From: Igor Stoppa Message-ID: Date: Thu, 22 Feb 2018 11:01:09 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.122.225.51] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 22/02/18 00:24, Kees Cook wrote: > On Tue, Feb 20, 2018 at 8:40 AM, Igor Stoppa wrote: [...] >> sorry for being dense ... are you proposing that I do something to >> lkdtm_rodata.c ? An example would probably help me understand. > > It would likely live in lkdtm_perms.c (or maybe lkdtm_heap.c). Namely, > use the pmalloc API and then attempt to write to a read-only variable > in the pmalloc region (to prove that the permission adjustment > actually happened). Likely a good example is > lkdtm_WRITE_RO_AFTER_INIT(). ok, thanks for the explanation, I will do it -- igor