Received: by 10.223.164.202 with SMTP id h10csp4241267wrb; Mon, 20 Nov 2017 12:10:30 -0800 (PST) X-Google-Smtp-Source: AGs4zMaFnrR0swHjDT6fm/nMWp7QsyT6earlZVGAdPKcv4hO9gT2WLkRIwqYruQDcpSGjdTwhgSL X-Received: by 10.98.73.196 with SMTP id r65mr12371489pfi.169.1511208630609; Mon, 20 Nov 2017 12:10:30 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1511208630; cv=none; d=google.com; s=arc-20160816; b=e1fUYfG50KWCuLyl9C33c+31jaCZrpc3VpEsLPw7oszrdXgkd6CCvI/dItu46JcF19 JyrC8VZiYX2fx0U10RP1xSINBwr4AkoOOWC9fJxIryq4/BbWpbGRsq2vSC2B0DFXBv5a dc60veZf3KIijcmH4Yub6ZFWBlUE0ryksKD1Xd5LRulTq0Pg1iP2Ub0j8geo/ZA8gJ6v 6ugAJtoXLHJGUsj1m02DKlRRvxKGD+0ZU9xqh1xCg1r2uaNhMQFf6Rc5wyYB4wtfnPke +eHdRCZdKnnAIJt2PcOpxjOmkPnVrywniyWzkAfJSm9zcFjgqYpG+K0Zh2QmAxUC4Q1D 0Gyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature:arc-authentication-results; bh=fmuotfL8Tk6lJ3yNfNJvIFQVLWSoBb6wp1Ym4n2vEUk=; b=VXggSUpBgSbLTT6vBFhX9+21FIatoCAWETQOoTc1rqjwo9Abcx51xNOBcjnOska4dD 183T8FGJdOyX7StXHHD1F1SURZjnA/cXKt5k/WRIVTuAxouUVHC4KsICWRg9ycjgLnV4 XuwdMktjobTIN/CwMRBQ2uBSudiMMSzO/Zd+1e7b+YH9LBHArAbDZXFHmL7ZKfH3KCuQ xZWw0yGYQ/Ku/hE9VhDCvdck3caULHFeS91EMJmA5EvU2gmC75tO8jr2QQm7C8v7noAQ ZBOk4tT8WIV8UtYNlX15uqex+BKgOuUPb2WXWv8f/XCuccFvn73P13yQONDXEuZ4VYhX lNeA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@codon.org.uk header.s=63138784 header.b=TMqpQE00; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f3si2493426pld.533.2017.11.20.12.10.20; Mon, 20 Nov 2017 12:10:30 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@codon.org.uk header.s=63138784 header.b=TMqpQE00; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752546AbdKTUJn (ORCPT + 67 others); Mon, 20 Nov 2017 15:09:43 -0500 Received: from cavan.codon.org.uk ([93.93.128.6]:58560 "EHLO cavan.codon.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751173AbdKTUJm (ORCPT ); Mon, 20 Nov 2017 15:09:42 -0500 X-Greylist: delayed 1151 seconds by postgrey-1.27 at vger.kernel.org; Mon, 20 Nov 2017 15:09:41 EST DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=codon.org.uk; s=63138784; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=fmuotfL8Tk6lJ3yNfNJvIFQVLWSoBb6wp1Ym4n2vEUk=; b=TMqpQE00Bt4OLTPBiinBpsiD0t9PrNpYBgIC0MFzq8051dCY+J9l+CaCeYtAwWmQuqQ6Zb1kDcRrdhdG7ngnB2Myf7vl3QjTascScNbveBtHZeEH2s4fEdYvmEwAaIgqMvWB48Tv0WRPrz4d37dVVuMKx9PmGVgQv5jmeAArtiQ=; Received: from mjg59 by cavan.codon.org.uk with local (Exim 4.84_2) (envelope-from ) id 1eGs5L-0005pD-Gf; Mon, 20 Nov 2017 19:50:27 +0000 Date: Mon, 20 Nov 2017 19:50:27 +0000 From: Matthew Garrett To: Linus Torvalds Cc: Kees Cook , Paolo Bonzini , David Windsor , Linux Kernel Mailing List Subject: Re: [GIT PULL] usercopy whitelisting for v4.15-rc1 Message-ID: <20171120195027.GA20045@srcf.ucam.org> References: <20171117165423.GA34980@beast> <47222b54-cb13-2362-a525-714be2ba96de@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: mjg59@cavan.codon.org.uk X-SA-Exim-Scanned: No (on cavan.codon.org.uk); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Nov 17, 2017 at 01:13:10PM -0800, Linus Torvalds wrote: > So the hardening efforts should instead _start_ from the standpoint of > "let's warn about what looks dangerous, and maybe in a _year_ when > we've warned for a long time, and we are confident that we've actually > caught all the normal cases, _then_ we can start taking more drastic > measures". Can you clarify a little with regard to how you'd have liked this patchset to look? With https://git.kernel.org/pub/scm/linux/kernel/git/kees/linux.git/commit/?h=usercopy-v4.15-rc1&id=93edfb33387772a9ae7693ddf9811280ffc4025b it seems pretty like we're at the end goal you've described (default to a mode that generates a warning rather than returning an error), so is it just that this appeared at the end of the patchset development process rather than being there from the beginning? -- Matthew Garrett | mjg59@srcf.ucam.org From 1584415969486147388@xxx Sat Nov 18 14:53:36 +0000 2017 X-GM-THRID: 1584347411647594379 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread