Received: by 10.223.185.116 with SMTP id b49csp3689289wrg;
        Tue, 6 Mar 2018 03:24:28 -0800 (PST)
X-Google-Smtp-Source: AG47ELuF1ukOTGh+ttteCtWqZBot1s21IW/5Z630FdY093GxRWIpS0/vmiHwY83kscGMdzZIYT//
X-Received: by 2002:a17:902:7608:: with SMTP id k8-v6mr16173706pll.95.1520335468592;
        Tue, 06 Mar 2018 03:24:28 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1520335468; cv=none;
        d=google.com; s=arc-20160816;
        b=sQVGJGRrufheUKctSZDrCbsqXLmlH7S/pc7gwYfuw5LM8h+sBA727t8RnkZBwCMKq5
         JwtZRRD6evol3uddXIWTHAkvMsDmHh0mkori7bW2Gtk71KuMUHt8FnaSO+MHpjQouP2c
         mGWdI2H8ZMsPFQO6Chf/pY1ehqsV6QLxCAGYyLaiD+fJ6i9KQDaCU56foaCLW3IYGeoR
         /oDOXkkxLkQBXaGoOttOSs8lAc4X7VGuLNXsGCeu3MCYLCpvLy0zgqzrf3/hArMou7ed
         prSyfAtVtImn3uRHJOCe+Po3hlJbT23XpMB3g5SCmNELhk7m0Yw3CAVzOeOcCB5OfDSh
         vDeg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:content-disposition
         :mime-version:message-id:subject:cc:to:from:date:dkim-signature
         :arc-authentication-results;
        bh=PB5p/v89tu0o4I175OEjSoX/f0w7bSlM0/LZNjgFgEU=;
        b=BnrNWpilkDd7YsC/wvQb+1Oq4PAWBJ6ZIv7s0uWMjHyJ1qV3fQFf4cKSRu1Zl3r8D0
         sCZBGLg7zPt1O+F/UWe3oj4XjPIrUUtbEQJnsV8c424Kl3Gfd5A27njBcDeeo/4HAlQk
         A4aLIeQEuEk0YOviMBEM79HbixVhuGEuqm03O4U5GxNuU0dndScPZDygD3WeqKPJaTyu
         esfKYHuskUHoCkTrARfr+GJW1iaDwmgA5CjniGyJYXuFbRcH5o9af0nSScUZECr3lKeg
         9nGwwOzkhkQrSLaMYW77GvUyImTaR9u1tMncX3c5ydC1z3/KgqiXEzIZKhB3wP5kVfo/
         s57Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=MWxx6H13;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c4si9649179pgu.355.2018.03.06.03.24.13;
        Tue, 06 Mar 2018 03:24:28 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=MWxx6H13;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753564AbeCFLWw (ORCPT <rfc822;huangleihappily@gmail.com>
        + 99 others); Tue, 6 Mar 2018 06:22:52 -0500
Received: from mail-pg0-f65.google.com ([74.125.83.65]:45028 "EHLO
        mail-pg0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753305AbeCFLWu (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 6 Mar 2018 06:22:50 -0500
Received: by mail-pg0-f65.google.com with SMTP id l4so8133603pgp.11
        for <linux-kernel@vger.kernel.org>; Tue, 06 Mar 2018 03:22:50 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:mime-version:content-disposition
         :user-agent;
        bh=PB5p/v89tu0o4I175OEjSoX/f0w7bSlM0/LZNjgFgEU=;
        b=MWxx6H13FD3o1jtVTKeO1ckDk3VtxqM5enbRsPQwYI38A3LsqKIBXwfhiQ80sFlemM
         biHYEbwiprqxOF07Y8KermQWGoKPS2cT7tKe8OEPlNm0XDRuxVCflGzd2bQ4iB/JbN9R
         SFjBu7hpSpZAoj+ok9dwyOSmIO9WgL3aEIDdPPnhQZpL4jZojyqEeaADzb+KFJX1BQJc
         Y4X6Vd1biCqt5AtdlgvfCW7QuC2uewBFJK38ofyz+yG7uQpSxOcxQyJBQH1MbC35S8iV
         ln5yNDM9URc7WvZGLYiCsAVerCSdUJB5d6F5FCQPUIDMMgzkSoFXM/WvJ1SiUtFd/ETG
         R/Wg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:mime-version
         :content-disposition:user-agent;
        bh=PB5p/v89tu0o4I175OEjSoX/f0w7bSlM0/LZNjgFgEU=;
        b=kG3qILx7TuIoA6IH/F+WzrbVyqf844J84577llLGZhGC4Bamp4bFkHxMz9iTo44RWD
         cSYxyG6RwStH/e9gjqnkSHaJVPHzFPS5ZaB8NNIcAt1yI8hS/UwdejSUX7wvw+iA+hMJ
         9eIZaJCijgL4lyZxI9alLM8EBwooCTII9edW6P0C+Vh/HyFH7O4DpwCoXDPCG6IrI89u
         Kczoc6vRfMk6OReh5NcYUULInsdZBXRyr7bd67dCCruBx3OMqbA1kzoZ3ttii0jHwPNH
         I7xSaFcA4erhvlHxKxhBy5I0upPqsjccNmy7t/25/ukjK63KHtntodes24lLSUige2rk
         TyIg==
X-Gm-Message-State: APf1xPB7baJvMs/2mv3I2wxccCMNG4n2/U2gORUxH0/1Q6o3aZlHIEcw
        CRJsOoQLr0YKBJ5R4k9GEBY=
X-Received: by 10.101.77.7 with SMTP id i7mr14885695pgt.330.1520335370308;
        Tue, 06 Mar 2018 03:22:50 -0800 (PST)
Received: from pjb1027-Latitude-E5410 ([58.227.15.43])
        by smtp.gmail.com with ESMTPSA id a14sm27956615pff.75.2018.03.06.03.22.47
        (version=TLS1_2 cipher=AES128-SHA bits=128/128);
        Tue, 06 Mar 2018 03:22:49 -0800 (PST)
Date:   Tue, 6 Mar 2018 20:22:41 +0900
From:   Jinbum Park <jinb.park7@gmail.com>
To:     linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org,
        kernel-hardening@lists.openwall.com
Cc:     gregkh@linuxfoundation.org, vladimir.murzin@arm.com,
        keescook@chromium.org, will.deacon@arm.com, mark.rutland@arm.com,
        catalin.marinas@arm.com
Subject: [PATCH] arm: mm: Kconfig: Disable KUSER_HELPERS in ARMv6 or later as
 default
Message-ID: <20180306112241.GA5938@pjb1027-Latitude-E5410>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Codes for KUSER_HELPERS can be abused as ROP gadaget,
So that It's better to disable that as if possible.

Since over ARMv6 has ldrex/strex at user-space,
NEED_KUSER_HELPERS is not selected for over ARMv6.

But, Even though NEED_KUSER_HELPERS is not selected,
current configuration enable KUSER_HELPERS as default.

* as-is

- Enable KUSER_HELPERS as default even though over ARMv6.
- User can disable KUSER_HELPERS.

* to-be

- Disable KUSER_HELPERS in ARMv6 or later as default.
- User can enable KUSER_HELPERS for compatibility.

This change removes the unnecessary configuration that has security-risk.

Signed-off-by: Jinbum Park <jinb.park7@gmail.com>
---
 arch/arm/mm/Kconfig | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig
index 7f14acf..40e5fe5 100644
--- a/arch/arm/mm/Kconfig
+++ b/arch/arm/mm/Kconfig
@@ -840,7 +840,7 @@ config NEED_KUSER_HELPERS
 config KUSER_HELPERS
 	bool "Enable kuser helpers in vector page" if !NEED_KUSER_HELPERS
 	depends on MMU
-	default y
+	default y if NEED_KUSER_HELPERS
 	help
 	  Warning: disabling this option may break user programs.
 
-- 
1.9.1