[PATCH] perf/core: Fix possible Spectre-v1 for perf_swevent_enabled

-exploit/ tree/master/exploit-remaining-spectre-gadget/ Signed-off-by: Jinbum Park --- kernel/events/core.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kernel/events/core.c b/kernel/events/core.c index f6ea33a..3313552 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -50,6

[PATCH v2] arm: ubsan: select ARCH_HAS_UBSAN_SANITIZE_ALL

est-5/arm-linux-gnueabi/ [3] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=78678 Cc: Arnd Bergmann Signed-off-by: Jinbum Park Signed-off-by: Seung-Woo Kim --- v2: Add sign of Seung-Woo Kim. Add commit message about history, build environment. --- arch/arm/Kconfig | 1 +

[PATCH] arm: ubsan: select ARCH_HAS_UBSAN_SANITIZE_ALL

To enable UBSAN on arm, ARCH_HAS_UBSAN_SANITIZE_ALL is needed to be selected. Basic test has passed on Raspberry Pi2, Raspbian jessi lite with CONFIG_UBSAN_SANITIZE_ALL, CONFIG_UBSAN_NULL. Signed-off-by: Jinbum Park --- arch/arm/Kconfig | 1 + arch/arm/boot/compressed/Makefile

[PATCH] lib: Add testing module for UBSAN

them. Signed-off-by: Jinbum Park --- lib/Kconfig.ubsan | 7 +++ lib/Makefile | 2 + lib/test_ubsan.c | 144 ++ 3 files changed, 153 insertions(+) create mode 100644 lib/test_ubsan.c diff --git a/lib/Kconfig.ubsan b/lib/Kconfig.ubsan

[PATCH] arm: mm: Kconfig: Disable KUSER_HELPERS in ARMv6 or later as default

t has security-risk. Signed-off-by: Jinbum Park --- arch/arm/mm/Kconfig | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/mm/Kconfig b/arch/arm/mm/Kconfig index 7f14acf..40e5fe5 100644 --- a/arch/arm/mm/Kconfig +++ b/arch/arm/mm/Kconfig @@ -840,7 +840,7 @@ config NEED_KUSER_HE

[PATCH v2 1/2] arm: mm: Define vdso_start, vdso_end as array

happens at this code. - if (memcmp(&vdso_start, "\177ELF", 4)) The size of "&vdso_start" is recognized as 1 byte, but n is 4, So that compile-time error is reported. Acked-by: Kees Cook Signed-off-by: Jinbum Park --- v2: No changes --- arch/arm/include/asm/vdso.h |

[PATCH v2 2/2] arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE

that flag like other architectures, select ARCH_HAS_FORTIFY_SOURCE as default. Acked-by: Kees Cook Signed-off-by: Jinbum Park --- v2: Add fortify_panic() in arch/arm/boot/compressed/misc.c, Because there will be a build error if without that function. --- arch/arm/Kconfig

[PATCH v2 0/2] arm: Add ARCH_HAS_FORTIFY_SOURCE

/boot/compressed/* can't find that function. Jinbum Park (2): arm: mm: Define vdso_start, vdso_end as array arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE arch/arm/Kconfig| 1 + arch/arm/include/asm/vdso.h | 2 -- arch/arm/kernel/vdso.c | 12 +++- 3 files changed, 8

[kernel-hardening] [PATCH 2/2] arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE

that flag like other architectures, select ARCH_HAS_FORTIFY_SOURCE as default. Signed-off-by: Jinbum Park --- arch/arm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 7e3d535..3765336 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -7,6

[kernel-hardening] [PATCH 1/2] arm: mm: Define vdso_start, vdso_end as array

happens at this code. - if (memcmp(&vdso_start, "\177ELF", 4)) The size of "&vdso_start" is recognized as 1 byte, but n is 4, So that compile-time error is reported. Signed-off-by: Jinbum Park --- arch/arm/include/asm/vdso.h | 2 -- arch/arm/kernel/vdso.c | 12 +

[kernel-hardening] [PATCH 0/2] arm: Add ARCH_HAS_FORTIFY_SOURCE

M can be built and run with CONFIG_FORTIFY_SOURCE. Additionally, modify vdso.c to remove compile-error that happens when built arm kernel with CONFIG_FORTIFY_SOURCE. Jinbum Park (2): arm: mm: Define vdso_start, vdso_end as array arm: Kconfig: Add ARCH_HAS_FORTIFY_SOURCE arch/arm/Kc

[PATCH] crypto: arm/aes-cipher - move S-box to .rodata section

Move the AES inverse S-box to the .rodata section where it is safe from abuse by speculation. Signed-off-by: Jinbum Park --- arch/arm/crypto/aes-cipher-core.S | 19 ++- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/arch/arm/crypto/aes-cipher-core.S b/arch/arm

[kernel-hardening] [PATCH v2] arm: Always use REFCOUNT_FULL

LL by default because no one could point to real-world performance impacts with REFCOUNT_FULL vs unprotected atomic_t infrastructure. This is the reason arm64 ended up enabling REFCOUNT_FULL. (4adcec1164de ("arm64: Always use REFCOUNT_FULL")) As with the decision of arm64, arm can set REF

[kernel-hardening] [PATCH] arm: Always use REFCOUNT_FULL

arm prefers to use REFCOUNT_FULL by default. This enables it for arm. Signed-off-by: Jinbum Park --- arch/arm/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/arm/Kconfig b/arch/arm/Kconfig index 3d349b4..ec80270 100644 --- a/arch/arm/Kconfig +++ b/arch/arm/Kconfig @@ -100,6

Re: [kernel-hardening] [PATCH] arm: kernel: implement fast refcount checking

> (add Dave) > > On 21 December 2017 at 09:18, Ard Biesheuvel > wrote: >> On 21 December 2017 at 07:50, Jinbum Park wrote: >>> This adds support to arm for fast refcount checking. >>> It's heavily based on x86, arm64 implementation. >>> (7a46ec0e2

[kernel-hardening] [PATCH] arm: kernel: implement fast refcount checking

rf stat -B -- echo REFCOUNT_TIMING \ >/sys/kernel/debug/provoke-crash/DIRECT 208.006062212 seconds time elapsed - Case with CONFIG_REFCOUNT_FULL, perf stat -B -- echo REFCOUNT_TIMING \ >/sys/kernel/debug/provoke-crash/DIRECT 369.256523453 seconds time elapsed Si

[kernel-hardening][PATCH] arm: hw_breakpoint: Mark variables as __ro_after_init

core_num_brps, core_num_wrps, debug_arch, has_ossr, max_watchpoint_len are setup once while init stage, and never changed after that. so it is good candidate for __ro_after_init. Signed-off-by: Jinbum Park --- arch/arm/kernel/hw_breakpoint.c | 10 +- 1 file changed, 5 insertions(+), 5

[kernel-hardening][PATCH] arm: mm: idmap: Mark variables as ro_after_init

idmap_pgd, arch_phys_to_idmap_offset are setup once while init stage, and never changed after that. so, it is good candidate for __ro_after_init. Signed-off-by: Jinbum Park --- arch/arm/mm/idmap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/arch/arm/mm/idmap.c b/arch

[kernel-hardening][PATCH v6 3/3] arm: mm: dump: add checking for writable and executable pages

-by: Laura Abbott Reviewed-by: Laura Abbott Signed-off-by: Jinbum Park --- v6: No changes (Just add Reviewed-by from Kees Cook) --- arch/arm/Kconfig.debug| 27 arch/arm/include/asm/ptdump.h | 8 ++ arch/arm/mm/dump.c

[kernel-hardening][PATCH v6 2/3] arm: mm: dump: make the page table dumping seq_file optional

Reviewed-by: Laura Abbott Acked-by: Kees Cook Signed-off-by: Jinbum Park --- v6: No changes (Just add Reviewed-by from Kees Cook) --- arch/arm/mm/dump.c | 28 +--- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/arch/arm/mm/dump.c b/arch/arm/mm/du

[kernel-hardening][PATCH v6 1/3] arm: mm: dump: make page table dumping reusable

separate option")) Reviewed-by: Kees Cook Tested-by: Laura Abbott Reviewed-by: Laura Abbott Signed-off-by: Jinbum Park --- v6: Use SPDX ids in ptdump.h Add Reviewed-by from Kees Cook --- arch/arm/Kconfig.debug| 6 +++- arch/arm/include/asm/ptdump.h | 35 +++

[kernel-hardening][PATCH v6 0/3] arm: Makes ptdump resuable and add WX page checking

there was an mistake. (from "jinb.park" to Jinbum Park) Contents of patch-set are perfectly same. v3 : Take advantage of the existing pg_level and bits arrays to check ro, nx prot. v4 : Add boolean for ro_bit, nx_bit into prot_bits to point ro_bit, nx_bit in pg_level. This change is sug

[kernel-hardening][PATCH v5 3/3] arm: mm: dump: add checking for writable and executable pages

-by: Laura Abbott Signed-off-by: Jinbum Park --- v5: No changes (Just add Tested-by, Reviewed-by from Laura Abbott) --- arch/arm/Kconfig.debug| 27 arch/arm/include/asm/ptdump.h | 8 ++ arch/arm/mm/dump.c| 58 +++

[kernel-hardening][PATCH v5 2/3] arm: mm: dump: make the page table dumping seq_file optional

ott Acked-by: Kees Cook Signed-off-by: Jinbum Park --- v5: No changes (Just add Tested-by, Reviewed-by from Laura Abbott) --- arch/arm/mm/dump.c | 28 +--- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/arch/arm/mm/dump.c b/arch/arm/mm/dump.c ind

[kernel-hardening][PATCH v5 1/3] arm: mm: dump: make page table dumping reusable

separate option")) Tested-by: Laura Abbott Reviewed-by: Laura Abbott Signed-off-by: Jinbum Park --- v5: No changes (Just add Tested-by, Reviewed-by from Laura Abbott) --- arch/arm/Kconfig.debug| 6 +++- arch/arm/include/asm/ptdump.h | 48

[kernel-hardening][PATCH v5 0/3] arm: Makes ptdump resuable and add WX page checking

there was an mistake. (from "jinb.park" to Jinbum Park) Contents of patch-set are perfectly same. v3 : Take advantage of the existing pg_level and bits arrays to check ro, nx prot. v4 : Add boolean for ro_bit, nx_bit into prot_bits to point ro_bit, nx_bit in pg_level. This change is sug

[kernel-hardening][PATCH v4 3/3] arm: mm: dump: add checking for writable and executable pages

Page mappings with full RWX permissions are a security risk. x86, arm64 has an option to walk the page tables and dump any bad pages. (1404d6f13e47 ("arm64: dump: Add checking for writable and exectuable pages")) Add a similar implementation for arm. Signed-off-by: Jinbum Park -

[kernel-hardening][PATCH v4 2/3] arm: mm: dump: make the page table dumping seq_file optional

This patch makes the page table dumping seq_file optional. It makes the page table dumping code usable for other cases. This patch refers below commit of arm64. (ae5d1cf358a5 ("arm64: dump: Make the page table dumping seq_file optional")) Acked-by: Kees Cook Signed-off-by: Jinbum Pa

[kernel-hardening][PATCH v4 1/3] arm: mm: dump: make page table dumping reusable

separate option")) Signed-off-by: Jinbum Park --- v4: No changes --- arch/arm/Kconfig.debug| 6 +++- arch/arm/include/asm/ptdump.h | 48 arch/arm/mm/Makefile | 3 +- arch/arm/mm/dump.c| 65 +++-

[kernel-hardening][PATCH v4 0/3] arm: Makes ptdump resuable and add WX page checking

there was an mistake. (from "jinb.park" to Jinbum Park) Contents of patch-set are perfectly same. v3 : Take advantage of the existing pg_level and bits arrays to check ro, nx prot. v4 : Add boolean for ro_bit, nx_bit into prot_bits to point ro_bit, nx_bit in pg_level. This change is sug

Re: [kernel-hardening][PATCH v3 1/3] arm: mm: dump: make page table dumping reusable

register() already returns what you think. >> +int ptdump_debugfs_register(struct ptdump_info *info, const char *name) >> +{ >> + struct dentry *pe; >> + >> + pe = debugfs_create_file(name, 0400, NULL, info, &ptdump_fops); >> + return pe ? 0 : -ENOMEM; >> + >> +} So "return ptdump_debugfs_register(~~)" is fine. Thanks. Jinbum Park.

Re: [kernel-hardening][PATCH v3 3/3] arm: mm: dump: add checking for writable and executable pages

2017-12-06 8:51 GMT+09:00 Laura Abbott : > On 12/04/2017 06:27 AM, Jinbum Park wrote: >> >> Page mappings with full RWX permissions are a security risk. >> x86, arm64 has an option to walk the page tables >> and dump any bad pages. >> >> (1404d6f13e47 >

[kernel-hardening][PATCH v3 3/3] arm: mm: dump: add checking for writable and executable pages

Page mappings with full RWX permissions are a security risk. x86, arm64 has an option to walk the page tables and dump any bad pages. (1404d6f13e47 ("arm64: dump: Add checking for writable and exectuable pages")) Add a similar implementation for arm. Signed-off-by: Jinbum Park ---

[kernel-hardening][PATCH v3 2/3] arm: mm: dump: make the page table dumping seq_file optional

This patch makes the page table dumping seq_file optional. It makes the page table dumping code usable for other cases. This patch refers below commit of arm64. (ae5d1cf358a5 ("arm64: dump: Make the page table dumping seq_file optional")) Signed-off-by: Jinbum Park --- v3: No changes

[kernel-hardening][PATCH v3 1/3] arm: mm: dump: make page table dumping reusable

separate option")) Signed-off-by: Jinbum Park --- v3: No changes arch/arm/Kconfig.debug| 6 +++- arch/arm/include/asm/ptdump.h | 48 arch/arm/mm/Makefile | 3 +- arch/arm/mm/dump.c| 65 +++-

[kernel-hardening][PATCH v3 0/3] arm: Makes ptdump resuable and add WX page checking

there was an mistake. (from "jinb.park" to Jinbum Park) Contents of patch-set are perfectly same. v3 : Take advantage of the existing pg_level and bits arrays to check ro, nx prot. jinb.park (3): arm: mm: dump: make page table dumping reusable arm: mm: dump: make the page table d

[kernel-hardening][PATCH v2 3/3] arm: mm: dump: add checking for writable and executable pages

Page mappings with full RWX permissions are a security risk. x86, arm64 has an option to walk the page tables and dump any bad pages. (1404d6f13e47 ("arm64: dump: Add checking for writable and exectuable pages")) Add a similar implementation for arm. Signed-off-by: Jinbum Park ---

[kernel-hardening][PATCH v2 2/3] arm: mm: dump: make the page table dumping seq_file optional

This patch makes the page table dumping seq_file optional. It makes the page table dumping code usable for other cases. This patch refers below commit of arm64. (ae5d1cf358a5 ("arm64: dump: Make the page table dumping seq_file optional")) Signed-off-by: Jinbum Park --- arch/arm/mm/d

[kernel-hardening][PATCH v2 1/3] arm: mm: dump: make page table dumping reusable

separate option")) Signed-off-by: Jinbum Park --- arch/arm/Kconfig.debug| 6 +++- arch/arm/include/asm/ptdump.h | 48 arch/arm/mm/Makefile | 3 +- arch/arm/mm/dump.c| 65 +++ arch/arm/mm/pt

[kernel-hardening][PATCH v2 0/3] arm: Makes ptdump resuable and add WX page checking

there was an mistake. (from "jinb.park" to Jinbum Park) Contents of patch-set are perfectly same. Jinbum Park (3): arm: mm: dump: make page table dumping reusable arm: mm: dump: make the page table dumping seq_file optional arm: mm: dump: add checking for writable and executable p

[PATCH] arm64: pgd: Mark pgd_cache as __ro_after_init

pgd_cache is setup once while init stage and never changed after that, so it is good candidate for __ro_after_init Signed-off-by: Jinbum Park --- arch/arm64/mm/pgd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm64/mm/pgd.c b/arch/arm64/mm/pgd.c index 371c5f0

[PATCH] mm: testcases for RODATA: fix config dependency

Since DEBUG_RODATA has renamed to STRICT_KERNEL_RWX, Fix the config dependency. Reported-by: Valentin Rothberg Signed-off-by: Jinbum Park --- mm/Kconfig.debug | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mm/Kconfig.debug b/mm/Kconfig.debug index 3e5eada..3c88b7e 100644

[PATCH v4] mm: add arch-independent testcases for RODATA

change the state of CONFIG_DEBUG_RODATA_TEST, It cause overhead of kernel build. To solve above issue, write arch-independent testcases and move it to shared location. Signed-off-by: Jinbum Park --- v4: Move the rodata_test() call out into mark_readonly() Delete some comment v3: Use

[PATCH v4] mm: add arch-independent testcases for RODATA

change the state of CONFIG_DEBUG_RODATA_TEST, It cause overhead of kernel build. To solve above issue, write arch-independent testcases and move it to shared location. Signed-off-by: Jinbum Park --- (Sorry, Previous patch-v4 doesn't have any changes..my mistake. Please see this patch)

[PATCH v4] mm: add arch-independent testcases for RODATA

change the state of CONFIG_DEBUG_RODATA_TEST, It cause overhead of kernel build. To solve above issue, write arch-independent testcases and move it to shared location. Signed-off-by: Jinbum Park --- v4: Move the rodata_test() call out into mark_readonly() v3: Use probe_kernel_write() instead of

[PATCH v3] mm: add arch-independent testcases for RODATA

change the state of CONFIG_DEBUG_RODATA_TEST, It cause overhead of kernel build. To solve above issue, Move x86's testcases to shared location able to be called by other archs. and move declaration of rodata_test_data to separate header file. Signed-off-by: Jinbum Park --- v3

[PATCH v2] mm: add arch-independent testcases for RODATA

change the state of CONFIG_DEBUG_RODATA_TEST, It cause overhead of kernel build. To solve above issue, write arch-independent testcases and move it to shared location. (main.c) Signed-off-by: Jinbum Park --- v2: Restore original credit of mm/rodata_test.c arch/x86/Kconfig.debug| 8

[PATCH] mm: add arch-independent testcases for RODATA

change the state of CONFIG_DEBUG_RODATA_TEST, It cause overhead of kernel build. To solve above issue, write arch-independent testcases and move it to shared location. (main.c) Signed-off-by: Jinbum Park --- arch/x86/Kconfig.debug| 8 - arch/x86/include/asm/cacheflush.h | 10

[PATCH] ARM: mm: add testcases for RODATA

This patch adds testcases for the CONFIG_DEBUG_RODATA option. It's similar to x86's testcases. It tests read-only mapped data and page-size aligned rodata section. Signed-off-by: Jinbum Park --- arch/arm/Kconfig.debug| 5 +++ arch/arm/include/asm/cacheflush.h | 10 +

[PATCH] scripts/spelling.txt: add some typo-words

patch adds these common typo. Signed-off-by: Jinbum Park --- scripts/spelling.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/spelling.txt b/scripts/spelling.txt index 417ede8..201d0ed 100644 --- a/scripts/spelling.txt +++ b/scripts/spelling.txt @@ -74,6 +74,7 @@ algoritms

[PATCH] kprobes: fix a comment typo

Just fix a typo in the code comment. Signed-off-by: Jinbum Park --- arch/arm/probes/kprobes/opt-arm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/probes/kprobes/opt-arm.c b/arch/arm/probes/kprobes/opt-arm.c index bcdecc2..073c0ba 100644 --- a/arch/arm/probes

[PATCH] kprobes: fix a comment typo

Just fix a typo in the code comment. Signed-off-by: Jinbum Park --- arch/arm/probes/kprobes/opt-arm.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/arm/probes/kprobes/opt-arm.c b/arch/arm/probes/kprobes/opt-arm.c index bcdecc2..073c0ba 100644 --- a/arch/arm/probes