• Kees Cook's avatar
    usercopy: WARN() on slab cache usercopy region violations · afcc90f8
    Kees Cook authored
    This patch adds checking of usercopy cache whitelisting, and is modified
    from Brad Spengler/PaX Team's PAX_USERCOPY whitelisting code in the
    last public patch of grsecurity/PaX based on my understanding of the
    code. Changes or omissions from the original code are mine and don't
    reflect the original grsecurity/PaX code.
    
    The SLAB and SLUB allocators are modified to WARN() on all copy operations
    in which the kernel heap memory being modified falls outside of the cache's
    defined usercopy region.
    
    Based on an earlier patch from David Windsor.
    
    Cc: Christoph Lameter <cl@linux.com>
    Cc: Pekka Enberg <penberg@kernel.org>
    Cc: David Rientjes <rientjes@google.com>
    Cc: Joonsoo Kim <iamjoonsoo.kim@lge.com>
    Cc: Andrew Morton <akpm@linux-foundation.org>
    Cc: Laura Abbott <labbott@redhat.com>
    Cc: Ingo Molnar <mingo@kernel.org>
    Cc: Mark Rutland <mark.rutland@arm.com>
    Cc: linux-mm@kvack.org
    Cc: linux-xfs@vger.kernel.org
    Signed-off-by: default avatarKees Cook <keescook@chromium.org>
    afcc90f8
slub.c 142 KB