Re: [PATCH] slab: Add POISON_POINTER_DELTA to ZERO_SIZE_PTR

2016-11-15 Thread Balbir Singh
On 15/11/16 21:57, Michael Ellerman wrote: > POISON_POINTER_DELTA is defined in poison.h, and is intended to be used > to shift poison values so that they don't alias userspace. > > We should add it to ZERO_SIZE_PTR so that attackers can't use > ZERO_SIZE_PTR as a way to get a pointer to userspa

Re: [kernel-hardening] Re: [PATCH] slab: Add POISON_POINTER_DELTA to ZERO_SIZE_PTR

2016-11-15 Thread Kees Cook
On Tue, Nov 15, 2016 at 3:50 PM, Michael Ellerman wrote: > Kees Cook writes: > >> On Tue, Nov 15, 2016 at 2:57 AM, Michael Ellerman >> wrote: >>> POISON_POINTER_DELTA is defined in poison.h, and is intended to be used >>> to shift poison values so that they don't alias userspace. >>> >>> We sho

Re: [kernel-hardening] Re: [PATCH] slab: Add POISON_POINTER_DELTA to ZERO_SIZE_PTR

2016-11-15 Thread Michael Ellerman
Kees Cook writes: > On Tue, Nov 15, 2016 at 2:57 AM, Michael Ellerman wrote: >> POISON_POINTER_DELTA is defined in poison.h, and is intended to be used >> to shift poison values so that they don't alias userspace. >> >> We should add it to ZERO_SIZE_PTR so that attackers can't use >> ZERO_SIZE_P

Re: [PATCH] slab: Add POISON_POINTER_DELTA to ZERO_SIZE_PTR

2016-11-15 Thread Kees Cook
On Tue, Nov 15, 2016 at 2:57 AM, Michael Ellerman wrote: > POISON_POINTER_DELTA is defined in poison.h, and is intended to be used > to shift poison values so that they don't alias userspace. > > We should add it to ZERO_SIZE_PTR so that attackers can't use > ZERO_SIZE_PTR as a way to get a pointe

[PATCH] slab: Add POISON_POINTER_DELTA to ZERO_SIZE_PTR

2016-11-15 Thread Michael Ellerman
POISON_POINTER_DELTA is defined in poison.h, and is intended to be used to shift poison values so that they don't alias userspace. We should add it to ZERO_SIZE_PTR so that attackers can't use ZERO_SIZE_PTR as a way to get a pointer to userspace. Signed-off-by: Michael Ellerman --- include/linu