Received: by 10.223.185.116 with SMTP id b49csp3693564wrg; Tue, 6 Mar 2018 03:29:28 -0800 (PST) X-Google-Smtp-Source: AG47ELuUcJh8hvgFM3J68rNCdkJptAa57ZWmJMrNBpbSoxA4wxA+EkgdpCiTdtX/hItO04qC6osD X-Received: by 10.98.253.17 with SMTP id p17mr18627782pfh.105.1520335768380; Tue, 06 Mar 2018 03:29:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1520335768; cv=none; d=google.com; s=arc-20160816; b=WGmNqcqTMYiWJJycxtTRwXg+75Z0W83kaPqLJdPfZAs+ES/EtxbuAzuwfWnb5sU8tU dYebHHNJMXXm1SC8qJjVOGxmK0u0H8l4pJuWFcuk0LAMkA0qsisdCY1CSm1cL3meqJxR qZ+xyYjRdIHO0rYyPjPgHqM4ivFXV7NhQs7u6qTTWSIbNI7BFsKu9eRN5DHAbWWVezWw 04f9EsBdWr620OOk7nPMWRkCdfSn/IqrWrsFMgfuooG/icSr9vUWMY+9qIjNFnEB6uAa XGCPkmCYALFQGZpTXk/SwH2+ECSDQ38triF9TZWWrujmRAH3uf0KoKnUwFs5GUFUhjxL EY0Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=tua8qlT4hMgybx7Pj1F3NF3E7gCWTzLTR7r09w9VFBk=; b=kUnMQB6wdOKIW+ZK1ODrdUCaxM4IacsYDNXQuT/o8H8C26hKKSRqDDhPavmKTwE3FE ULGAfPzkP8Od6jYYjwl2zBpWq1AyVxx7BMlpqViBAMf/zetE1HbTN1R6ZU5YF34w2ZwH cQkjwqaB9asNsBn3JtcQk+v8lh5E5NyS3Vo+3FILk8/Jrtnbo482mLCTVt1JrMMUuU8w 4dQGFZCZ/dbJvZWB4uJ36UPC2s7tmlAZsB59ohGF2Wy0C9fvrd2v6ousw7Hx0cGSZYho 8w1goM958szjCVfSXMzETGBDaPDqddIMBA30htMV1ahi4xXng3Q4dJEJ46H9swwWzQs9 Hqbg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@armlinux.org.uk header.s=pandora-2014 header.b=k7gnrKAz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=armlinux.org.uk Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c4si9649179pgu.355.2018.03.06.03.29.13; Tue, 06 Mar 2018 03:29:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@armlinux.org.uk header.s=pandora-2014 header.b=k7gnrKAz; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=armlinux.org.uk Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753155AbeCFL2U (ORCPT + 99 others); Tue, 6 Mar 2018 06:28:20 -0500 Received: from pandora.armlinux.org.uk ([78.32.30.218]:54148 "EHLO pandora.armlinux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750817AbeCFL2T (ORCPT ); Tue, 6 Mar 2018 06:28:19 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=armlinux.org.uk; s=pandora-2014; h=Sender:In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=tua8qlT4hMgybx7Pj1F3NF3E7gCWTzLTR7r09w9VFBk=; b=k7gnrKAzvhBWaRRV31GY9Pu3nxjiraUNE35z2C9VHjLhCaNY2kVnMEn4HNWoXPjbEXcDaYsEukt3+VwC2rUKR49qKdu4I1kA5bEZM89xHw0p+IP8Md3tP2GzvRFz2uwbLeZN6TYfinfaK8h8AgnMIR37tyFUSNAPcA5aXzN5CZc=; Received: from n2100.armlinux.org.uk ([2001:4d48:ad52:3201:214:fdff:fe10:4f86]:39380) by pandora.armlinux.org.uk with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.82_1-5b7a7c0-XX) (envelope-from ) id 1etAlP-0008Lj-La; Tue, 06 Mar 2018 11:28:11 +0000 Received: from linux by n2100.armlinux.org.uk with local (Exim 4.76) (envelope-from ) id 1etAlI-0006zO-0o; Tue, 06 Mar 2018 11:28:04 +0000 Date: Tue, 6 Mar 2018 11:28:02 +0000 From: Russell King - ARM Linux To: Jinbum Park Cc: linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, kernel-hardening@lists.openwall.com, mark.rutland@arm.com, vladimir.murzin@arm.com, keescook@chromium.org, gregkh@linuxfoundation.org, will.deacon@arm.com, catalin.marinas@arm.com Subject: Re: [PATCH] arm: mm: Kconfig: Disable KUSER_HELPERS in ARMv6 or later as default Message-ID: <20180306112802.GI9418@n2100.armlinux.org.uk> References: <20180306112241.GA5938@pjb1027-Latitude-E5410> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180306112241.GA5938@pjb1027-Latitude-E5410> User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Mar 06, 2018 at 08:22:41PM +0900, Jinbum Park wrote: > Codes for KUSER_HELPERS can be abused as ROP gadaget, > So that It's better to disable that as if possible. > > Since over ARMv6 has ldrex/strex at user-space, > NEED_KUSER_HELPERS is not selected for over ARMv6. > > But, Even though NEED_KUSER_HELPERS is not selected, > current configuration enable KUSER_HELPERS as default. > > * as-is > > - Enable KUSER_HELPERS as default even though over ARMv6. > - User can disable KUSER_HELPERS. > > * to-be > > - Disable KUSER_HELPERS in ARMv6 or later as default. > - User can enable KUSER_HELPERS for compatibility. > > This change removes the unnecessary configuration that has security-risk. NAK. It is not this trivial or easy to make this change - you are assuming that userspace does not use these, which is in incorrect assumption - there are armhf distros out there that make use of the kuser helpers, which means we can't disable it by default without causing userspace regressions. Therefore, it defaults to being enabled, unless someone decides to disable it and knows for certain that their userspace does not depend on this - it's a choice that distros have to make when building their kernels with the knowledge of how their distro userspace is configured. -- RMK's Patch system: http://www.armlinux.org.uk/developer/patches/ FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps up According to speedtest.net: 8.21Mbps down 510kbps up